Fortinet v3.0 MR7 manual Related documentation, FortiGate Administration Guide

Page 12

Related documentation

Introduction

•FortiGate Administration Guide

Provides basic information about how to configure a FortiGate unit, including how to define FortiGate protection profiles and firewall policies; how to apply intrusion prevention, antivirus protection, web content filtering, and spam filtering; and how to configure a VPN.

•FortiGate online help

Provides a context-sensitive and searchable version of the Administration Guide in HTML format. You can access online help from the web-based manager as you work.

•FortiGate CLI Reference

Describes how to use the FortiGate CLI and contains a reference to all FortiGate CLI commands.

•FortiGate Log Message Reference

Available exclusively from the Fortinet Knowledge Center, the FortiGate Log Message Reference describes the structure of FortiGate log messages and provides information about the log messages that are generated by FortiGate units.

•FortiGate High Availability User Guide

Contains in-depth information about the FortiGate high availability feature and the FortiGate clustering protocol.

•FortiGate IPS User Guide

Describes how to configure the FortiGate Intrusion Prevention System settings and how the FortiGate IPS deals with some common attacks.

•FortiGate IPSec VPN User Guide

Provides step-by-step instructions for configuring IPSec VPNs using the web- based manager.

•FortiGate SSL VPN User Guide

Compares FortiGate IPSec VPN and FortiGate SSL VPN technology, and describes how to configure web-only mode and tunnel-mode SSL VPN access for remote users through the web-based manager.

•FortiGate PPTP VPN User Guide

Explains how to configure a PPTP VPN using the web-based manager.

•FortiGate Certificate Management User Guide

Contains procedures for managing digital certificates including generating certificate requests, installing signed certificates, importing CA root certificates and certificate revocation lists, and backing up and restoring installed certificates and private keys.

•FortiGate VLANs and VDOMs User Guide

Describes how to configure VLANs and VDOMS in both NAT/Route and Transparent mode. Includes detailed examples.

Related documentation

Additional information about Fortinet products is available from the following related documentation.

	FortiOS v3.0 MR7 User Authentication User Guide
12	01-30007-0347-20080828

Image 12

Contents E R G U I D E FortiOS v3.0 MR7 User Authentication User Guide TrademarksContents Configuring authenticated access Users/peers and user groupsIndex Creating local users Creating peer usersAbout authentication IntroductionUser’s view of authentication Web-based user authenticationVPN client-based authentication FortiGate administrator’s view of authentication See Creating local users on See Creating peer users onAuthentication servers See Configuring user groups on Public Key Infrastructure PKI authentication Peers Users User groupsAuthentication timeout About this documentFirewall policies VPN tunnelsName field, type admin FortiGate documentationTypographic conventions FortiGate Administration Guide Related documentationFortiManager documentation FortiClient documentationFortiMail documentation FortiAnalyzer documentationCustomer service and technical support Fortinet Tools and Documentation CDFortinet Knowledge Center Comments on Fortinet technical documentationAuthentication servers Radius serversConfiguring the FortiGate unit to use a Radius server Radius attributes sent in Radius accounting messagePrimary Server Name/IP Primary Server SecretEdit icon Edit a Radius server configuration GroupLdap servers Ldapsearch -x objectclass= Configuring the FortiGate unit to use an Ldap server Password Server PortCommon Name IdentifierTo configure the FortiGate unit for Ldap authentication CLI EditProtocol CertificateUsing the Query icon Ldap server Distinguished Name Query treeTACACS+ servers AsciiAuthentication Type Server KeyDirectory Service servers Create New DomainGroups Fsae Collector IPDirectory Service server configuration Name Fsae Collector IP/Name PortCLI Example Directory Service server list Directory Service servers Users/peers and user groups Users/peersUser type Authentication Creating local usersTo create a local user web-based manager Go to User Local To view a list of all local users, go to User Local Delete icon Edit iconTo create a local user CLI To remove a user from the FortiGate unit configuration CLI Creating peer usersDelete icon Authenticating peer user To view a list of PKI peer users, go to User PKISubject To create a peer user for PKI authentication CLI Remove PKI peer userDirectory Service user groups User groupsFirewall user groups SSL VPN user groups Protection profilesConfiguring user groups Select Create New and enter the following informationFirewall Configuring Directory Service user groups To create a firewall user group CLIMembers FortiGuard WebConfiguring SSL VPN user groups Available Users/Groups or Available MembersConfiguring Peer user groups Viewing a list of user groupsTo create a peer group CLI Group NameConfig user group delete groupname End User groups Authentication timeout Authentication protocolsEnter the Idle Timeout value seconds Select Apply TelnetFirewall policy authentication Authentication SettingsConfiguring authentication for a firewall policy Authentication is an Advanced firewall optionTo configure authentication for a firewall policy Go to Firewall PolicyFirewall policy order Firewall Policy Move ToConfiguring authenticated access to the Internet Source InterfaceZone VPN authentication Configuring authentication of SSL VPN usersSelect Enable SSL-VPN and enter information as follows Go to VPN SSLDefault RC4128 Server CertificateRequire Client Certificate Encryption Key AlgorithmTo configure authentication for an SSL VPN CLI Configuring authentication of VPN peers and clients Configuring authentication of Pptp VPN users/user groupsSelect Enable Pptp Select Require Client Certificate, and then select ApplyConfiguring authentication of L2TP VPN users/user groups Configuring authentication of remote IPSec VPN usersTo configure authentication for a Pptp VPN CLI To configure authentication for an L2TP VPN CLITo configure user group authentication for dialup IPSec CLI Only users with passwords on the FortiGate unitRemote Gateway Configuring XAuth authentication IPSec configuration for dialup usersTo configure authentication for a dialup IPSec VPN CLI Remote Gateway Authentication MethodXAuth Server TypeVPN authentication Index 01-30007-0347-20080731 MS-CHAP VSA