Fortinet FortiGate v3.0 MR7 User Manual
Page 18
FortiOS v3.0 MR7 User Authentication User Guide
18
01-30007-0347-20080828
RADIUS servers
Authentication servers
To configure the FortiGate unit for RADIUS authentication - CLI
config user radius
edit <server_name>
set all-usergroup {enable | disable }
set auth-type <authentication_protocol>
set nas-ip <nas_ip_called_id>
set radius-port <radius_port_id>
set secondary-server <secondary_ip_address>
set secondary-secret <secondary_password>
set server <primary_ip_address>
set secret <primary_password>
set use-group-for-profile <group_profile_select>
set use-management-vdom <vdom_requests>
end
The use-group-for-profile and use-management-vdom can only be
added to RADIUS authentication requests via the CLI. You enable use-group-
for-profile
to use the RADIUS group attribute to select the firewall protection
profile to apply. Enable use-management-vdom to use the management VDOM
to send all RADIUS requests. For more information, refer to th
.
To remove a RADIUS server from the FortiGate unit configuration - web-
based manager
1
Go to User > Remote > RADIUS.
2
Select the Delete icon beside the name of the RADIUS server that you want to
remove.
3
Select OK.
Figure 2: Delete (remove) a RADIUS server
Note: You cannot remove a RADIUS server that belongs to a user group. Remove it from
the user group first.
Create New
Add a new RADIUS server. The maximum number is 10.
Name
The name that identifies the RADIUS server on the FortiGate unit.
Server Name/IP
The domain name or IP address of the RADIUS server.
Delete icon
Delete (remove) a RADIUS server from the FortiGate configuration.
You cannot remove a RADIUS server that has been added to a user
group.
Edit icon
Edit a RADIUS server configuration.
Edit
Delete