Configuring FSAE on FortiGate units | Using FSAE on your network |
Figure 4: New User Group dialog box
3In the Name box, enter a name for the group, Developers, for example.
4From the Type list, select Active Directory.
5From the Protection Profile list, select the required protection profile.
6From the Available Users list, select the required Active Directory groups. Using the CTRL or SHIFT keys, you can select multiple groups.
7Select the green right arrow button to move the selected groups to the Members list.
8Select OK.
Creating firewall policies
Policies that require FSAE authentication are very similar to other firewall policies. Currently, only one single authentication firewall policy can be configured if the source interface/source IP pair is the same.
To create a firewall policy for FSAE authentication
1Go to Firewall > Policy and select Create New.
2Enter the following information:
Source interface and address | as required |
Destination interface and address | as required |
Schedule | as required |
Service | ANY |
Action | ACCEPT |
NAT | as needed |
3Select Authentication and then select Active Directory from the adjacent list.
4Select the required user group from the Available Groups list and then select the right arrow button to move the selected group to the Allowed list.
You can select multiple groups using the CTRL or SHIFT keys.
5Select OK.
| Fortinet Server Authentication Extension Version 1.5 Technical Note |
16 |
