HID Fortinet and AAA Server User Manual

ActivIdentity 4TRESS AAA Web Tokens and SSL VPN Fortinet Secure Access | Integration Handbook

P 6

External Use | July 16, 2012 | © 2012 ActivIdentity

Note: In any firewall user group, you can enable SSL VPN access and select the Web portal that the users

can access. When the user connects to the FortiGate unit via HTTPS on the SSL VPN port (default 10443),

the FortiGate unit requests a username and password.

3. To add a new remote authentication server, click

Add. The Remote Server drop-down list appears, along

with information about the

Group Name.

4. Use the

Group Name field to configure group name(s) to be added as identities who can be authenticated.

GROUP NAME OPTIONS:

•

In the

Group Name field, select Any to match all possible groups.

•

In the

Group Name field, select Specify, and then enter the group name in the appropriate format

for the type of server (RADIUS).

•

You must specify at least one group name. The group name is the name of the group on

the RADIUS server.

•

If you want to specify more than one group name, then use a comma to separate the

names.

•

Important: When you specify a group name or names, you must use a specific RADIUS
dictionary on the AAA Server and also create an authorization profile. For more
information on this topic, refer to the guide named 4TRESS_AAA_AdminGuide.pdf,
specifically the section called Create a New RADIUS Authorization Profile.

•

Also refer to the following vendor-specific requirements.