Configuring user accounts and SSL VPN user groups

Configuring a FortiGate SSL VPN

You can choose to use a plain text password for authentication through the FortiGate unit (Local domain), forward authentication requests to an external RADIUS or LDAP server, or utilize PKI certificate authentication. If password protection will be provided through a RADIUS or LDAP server, you must configure the FortiGate unit to forward authentication requests to the RADIUS or LDAP server. In the case of certificate authentication, you must install the required certificates.

The following procedures explain how to create a user account and user group in the Local domain. For information about how to create RADIUS, LDAP or PKI user accounts, refer to the “User” chapter of the FortiGate Administration Guide. For information about certificate authentication, see the FortiGate Certificate Management User Guide.

To create a user account in the Local domain

1Go to User > Local and select Create New.

User Name

Type or edit the remote user name (for example, User_1).

Disable

Select Disable to prevent this user from authenticating.

Password

Select Password to authenticate this user using a password stored on

 

the SSL VPN unit.

 

Type or edit the password to be associated with the user account. The

 

password should be at least six characters long.

LDAP

Select LDAP to authenticate this user using a password stored on an

 

LDAP server. Select the LDAP server from the drop-down list.

RADIUS

Select RADIUS to authenticate this user using a password stored on a

 

RADIUS server. Select the RADIUS server from the drop-down list.

2Select OK.

3Repeat this procedure for each remote user.

FortiOS v3.0 MR7 SSL VPN User Guide

40

01-30007-0348-20080718

Page 40
Image 40
Fortinet FORTIOS V3.0 MR7 manual To create a user account in the Local domain, User Name, Disable

FORTIOS V3.0 MR7 specifications

Fortinet's FortiOS v3.0 MR7 marks a significant advancement in network security and management, providing organizations with enhanced features, technologies, and characteristics to better protect their IT environments. This version of FortiOS is designed to facilitate comprehensive security and optimized performance, ensuring that organizations can safeguard their networks against evolving threats.

One of the main features in FortiOS v3.0 MR7 is its robust firewall capabilities. The stateful firewall technology enables dynamic packet filtering based on predefined security policies. This strengthens the organization's perimeter defense by allowing or denying traffic based on user-defined rules. Additionally, the integrated Application Control feature extends the firewall's capabilities by identifying and controlling applications regardless of port usage, enabling organizations to enforce security policies on a finer-grained level.

FortiOS v3.0 MR7 also introduces advanced intrusion prevention system (IPS) functionalities. The next-generation IPS utilizes deep packet inspection and real-time threat intelligence to detect and block attacks before they can compromise the network. Coupled with Fortinet’s threat research team, which ensures timely updates of security signatures, this system helps organizations mitigate risks posed by sophisticated cyber threats.

Another key characteristic of FortiOS v3.0 MR7 is its enhanced VPN capabilities. The support for both SSL and IPsec VPN allows secure remote access for employees and offers flexible options for secure communication over the internet. This feature is essential for organizations that embrace remote work, ensuring that sensitive data remains protected regardless of the user's location.

In addition to its powerful security features, FortiOS v3.0 MR7 includes advanced reporting and logging capabilities. Users can generate detailed reports that highlight security events, traffic patterns, and performance metrics. This data not only improves visibility into network security but also assists in compliance with regulatory requirements.

Moreover, the platform's user-friendly interface enhances the overall management experience. Administrators can quickly configure settings, monitor activity, and respond to incidents effectively. With centralized management capabilities, FortiOS v3.0 MR7 allows organizations to manage multiple devices from a single console, simplifying operations and reducing administrative overhead.

In summary, Fortinet's FortiOS v3.0 MR7 integrates a wealth of security features, including a stateful firewall, advanced IPS, VPN support, and comprehensive reporting functions. Together, these technologies ensure that organizations can maintain a strong security posture in an increasingly complex threat landscape.