Fortinet MR1 User Manual

434

Defining Authentication List Configuration Page

You use this screen to configure login lists. A login list specifies the authentication method(s)
you want used to validate switch or port access for the users associated with the list. The
pre-configured users, admin and guest, are assigned to a pre-configured list named
defaultList, which you may not delete. All newly created users are also assigned to the
defaultList until you specifically assign them to a different list

Selection Criteria

Authentication List - Select the authentication login list you want to configure. Select 'create' to define a
new login list. When you create a new login list, 'local' is set as the initial authentication method.

Configurable Data

Authentication List Name - If you are creating a new login list, enter the name you want to assign. It can
be up to 15 alphanumeric characters and is not case sensitive.

Method 1 - Use the dropdown menu to select the method that should appear first in the selected
authentication login list. If you select a method that does not time out as the first method, such as 'local'
no other method will be tried, even if you have specified more than one method. Note that this parameter
will not appear when you first create a new login list. The options are:

Local- the user's locally stored ID and password will be used for authentication

Radius- the user's ID and password will be authenticated using the RADIUS server instead of
locally

Reject- the user is never authenticated

Tacacs- the user's ID and password will be authenticated using the TACACS server instead of
locally

Undefined- the authentication method is unspecified (this may not be assigned as the first method)

Method 2 - Use the dropdown menu to select the method, if any, that should appear second in the
selected authentication login list. This is the method that will be used if the first method times out. If you