Fortinet v3.0 MR7 - Manual
Fortinet v3.0 MR7 – Manual, read for free online in PDF format. We hope this helps you resolve any issues you may have. If you have further questions, please contact us through the contact form.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
Table of Contents:
- Page 2 – FortiOS v3.0 MR7 User Authentication User Guide; Trademarks
- Page 3 – Contents
- Page 5 – Introduction; About authentication
- Page 6 – User’s view of authentication; Web-based user authentication
- Page 7 – FortiGate administrator’s view of authentication; See
- Page 8 – Authentication servers
- Page 9 – Public Key Infrastructure (PKI) authentication; Users; “Users/peers” on page 33; User groups; FortiGate Administration
- Page 10 – Authentication timeout; User; “Authentication timeout” on page 47; Firewall policies; FortiGate Administration Guide; VPN tunnels; FortiGate PPTP VPN User Guide,; About this document; Document conventions
- Page 11 – Notes and Cautions are used to provide important information:; Typographic conventions; FortiGate documentation; Fortinet Technical Documentation; In the Name field, type; FortiGate
- Page 12 – Provides a context-sensitive and searchable version of the; Related documentation
- Page 13 – FortiManager documentation; FortiClient documentation; Provides a searchable version of the; FortiAnalyzer documentation; Provides a searchable version of the
- Page 14 – Fortinet Tools and Documentation CD; Fortinet Knowledge Center; Fortinet; Comments on Fortinet technical documentation; Customer service and technical support; Please visit the
- Page 15 – This section describes:; RADIUS servers; The RADIUS server user database can be any combination of:
- Page 16 – Fortinet’s dictionary is configured this way:; Configuring the FortiGate unit to use a RADIUS server; or
- Page 17 – config system global
- Page 18 – To configure the FortiGate unit for RADIUS authentication - CLI; config user radius; Create New
- Page 19 – LDAP servers; anonymous - bind using anonymous user search
- Page 20 – ldapsearch
- Page 21 – objectClass: organizationalUnit; Configuring the FortiGate unit to use an LDAP server; Go to
- Page 23 – To configure the FortiGate unit for LDAP authentication - CLI; config user ldap; Delete
- Page 24 – Using the Query icon; Figure 5: LDAP server Distinguished Name Query tree; Edit icon
- Page 25 – ASCII
- Page 26 – To configure the FortiGate unit for TACACS+ authentication - CLI; end; Name; Authentication Type
- Page 27 – Directory Service servers; The FSAE has two components that you must install on your network:
- Page 28 – To view the list of Directory Service servers, go to; User > Directory Service; Configuring the FortiGate unit to use a Directory Service server
- Page 29 – For more information about FSAE, see the; and select Create New.
- Page 30 – config user fsae; and select the
- Page 33 – Users/peers and user groups; and
- Page 34 – “Authentication; Creating local users; To define a local user you need:; To create a local user - web-based manager; User type
- Page 35 – To view a list of all local users, go to; To create a local user - CLI; config user local
- Page 36 – To remove a user from the FortiGate unit configuration - CLI; Creating peer users; To define a peer user you need:; Delete icon
- Page 37 – a peer user name; To create a peer user for PKI authentication - web-based manager
- Page 38 – To create a peer user for PKI authentication - CLI; config user peer; Figure 17: Remove PKI peer user; Note
- Page 39 – A user group is a list of user/peer identities. An identity can be:; Firewall user groups; “Adding authentication to firewall policies” on page 286; Directory Service user groups
- Page 40 – FSAE Technical Note; SSL VPN user groups
- Page 41 – For more information about protection profiles, see the; Configuring user groups; To create a Firewall user group - web-based manager
- Page 42 – To create a firewall user group - CLI; config user group; Configuring Directory Service user groups; To create an Directory Service user group; Select Create New, enter the following information, and select OK.
- Page 43 – Configuring SSL VPN user groups; FortiGate SSL VPN User Guide
- Page 44 – Configuring Peer user groups; To create a peer group - CLI; Viewing a list of user groups
- Page 45 – Figure 21: Remove user group; To remove a user group from the FortiGate unit configuration - CLI
- Page 47 – Configuring authenticated access
- Page 48 – To set the authentication protocols; Firewall policy authentication
- Page 49 – Configuring authentication for a firewall policy; Authentication is an Advanced firewall option.; To configure authentication for a firewall policy; Create users and one or more Firewall user groups.
- Page 50 – Firewall policy order; More specific policies must be placed above more general ones.
- Page 51 – Configuring authenticated access to the Internet; precede; the policy for Internet access.
- Page 52 – VPN authentication; FortiGate IPSec VPN User Guide; Configuring authentication of SSL VPN users; To configure authentication for an SSL VPN - web-based manager; “Users/peers and user groups” on page 33; Tunnel IP Range
- Page 54 – To configure authentication for an SSL VPN - CLI; Configuring strong authentication of SSL VPN users/user groups
- Page 55 – To enable strong authentication for an SSL VPN; Configuring authentication of VPN peers and clients; To configure authentication for a PPTP VPN - web-based manager
- Page 56 – To configure authentication for a PPTP VPN - CLI; For detailed information about configuring PPTP, see the; Configuring authentication of L2TP VPN users/user groups; To configure authentication for an L2TP VPN - CLI; For more information, see the; Configuring authentication of remote IPSec VPN users
- Page 57 – To configure user group authentication for dialup IPSec - CLI; config vpn ipsec phase1; Remote Gateway; Peer Options
- Page 58 – Configuring XAuth authentication; For more information, see
- Page 59 – Configure other VPN gateway parameters as needed.; To configure authentication for a dialup IPSec VPN - CLI; XAuth; Server Type
- Page 61 – Index
Loading the manual
www.fortinet.com
FortiOS v3.0 MR7
User Authentication User Guide
U S E R G U I D E
"Loading the manual" means you need to wait until the file loads and becomes available for online reading. Some manuals are very large, and the time they take to appear depends on your internet speed.
Summary
Page 2 - FortiOS v3.0 MR7 User Authentication User Guide; Trademarks
FortiOS v3.0 MR7 User Authentication User Guide 28 Aug 2008 01-30007-0347-20080828 © Copyright 2008 Fortinet, Inc. All rights reserved. No part of this publication including text, examples, diagrams or illustrations may be reproduced, transmitted, or translated in any form or by any means, electroni...
Page 3 - Contents
Contents FortiOS v3.0 MR7 User Authentication User Guide01-30007-0347-20080828 3 Contents Introduction ........................................................................................ 5 About authentication ........................................................................................
Page 5 - Introduction; About authentication
Introduction About authentication FortiOS v3.0 MR7 User Authentication User Guide01-30007-0347-20080828 5 Introduction This section introduces you to the authentication process from the user and the administrators perspective, and provides supplementary information about Fortinet publications. The f...
