...
Create a RADIUS logon procedure
- Login to the DualShield management console
- In the main menu, select “Authentication “Authentication | Logon Procedure”Procedure”
- Click the “Create” “Create” button on the toolbar
- Enter “Name” “Name” and select “RADIUS” “RADIUS” as the Type
- Click “Save”“Save”
- Click the Context Menu icon of the newly created logon procedure, select “Logon Steps”
- In the popup windows, click the “Create” button on the toolbar
- “Logon Steps” and a new section will be added to the page;
- To add a logon step we need to click on the button then select the desired authentication methodsSelect the desired authentication method, e.g. “Static Password”
- Click “Save”
- “Static Password” and "On Demand";
- Click “Save” to confirm the changesPlease repeat steps 7 to 9 to create a second authentication step such as One-Time Password or On-Demand password.
Create a RADIUS application
- In the main menu, select “Authentication “Authentication | Applications”Applications”
- Click the “Create” “Create” button on the toolbar
- Enter “Name”“Name”
- Select “Realm”“Realm”
- Select the logon procedure that was just created
- Click “Save”“Save”
- Click the context menu of the newly created application, select “Agent”“Agent”
- Select the DualShield Radius server, e.g. ”Local ”Local Radius Server”Server”
- Click “Save”“Save”
- Click the context menu of the newly created application, select “Self Test”
“Self Test”
Register the Fortigate SSL VPN as a Radius client
- In the main menu, select “RADIUS “RADIUS | Clients”Clients”
- Click the “Register” button on the toolbar
- Select the application that was created in the previous steps
- Enter Fortigate's IP in the IP address
- Enter the Shared Secret which will be used in Fortigate's settings.
- Click “Save”“Save”