Fortinet v3.0 MR7 - page 29

Authentication servers Directory Service servers

FortiOS v3.0 MR7 User Authentication User Guide

01-30007-0347-20080828 29

For more information about FSAE, see the FSAE Technical Note.

To configure the FortiGate unit for Directory Service authentication -

web-based manager

1Go to User > Directory Service and select Create New.

2Enter the following information, and select OK.

Figure 9: Directory Service server configuration

For information about Directory Service user groups, see “Configuring Directory

Service user groups”.

To configure the FortiGate unit for Directory Service authentication - CLI

config user fsae

edit <server_name>

set ldap-server <ldap_server_name>

set password <password> password2 <password2>

password3 <password3> password4 <password4> password5

<password5>

set port <port_number> port2 <port_number2> port3

<port_number3> port4 <port_number4> port5

<port_number5>

set server <domain> server2 <domain2> server3

<domain3> server4 <domain4> server5 <domain5>

end

Name Enter the name of the Directory Service server. This name appears in

the list of Directory Service servers when you create user groups.

FSAE Collector

IP/Name Enter the IP address or name of the Directory Service server where

this collector agent is installed. The maximum number of characters is

63.

Port Enter the TCP port used for Directory Service. This must be the same

as the FortiGate listening port specified in the FSAE collector agent

configuration.

Password Enter the password for the collector agent. This is required only if you

configured your FSAE collector agent to require authenticated access.

LDAP Server Select the check box and select an LDAP server to access the

Directory Service.

Contents

Main Page Contents FortiGate authentication servers.................................................... 15 Users/peers and user groups......................................................... 31 Configuring authenticated access................................................. 43 Introduction About authentication Users view of authentication Web-based user authentication VPN client-based authentication FortiGate administrators view of authentication Authentication servers Public Key Infrastructure (PKI) authentication Peers Users User groups Authentication timeout About this document Document conventions Typographic conventions FortiGate documentation ! Related documentation FortiManager documentation FortiClient documentation FortiMail documentation FortiAnalyzer documentation Fortinet Tools and Documentation CD Customer service and technical support Authentication servers RADIUS servers Configuring the FortiGate unit to use a RADIUS server Page Page LDAP servers Page Configuring the FortiGate unit to use an LDAP server Page Page Using the Query icon TACACS+ servers Configuring the FortiGate unit to use a TACACS+ authentication server Page Directory Service servers Configuring the FortiGate unit to use a Directory Service server Page Page Page Page Users/peers and user groups Users/peers Creating local users Page Creating peer users Page Page User groups Firewall user groups Directory Service user groups SSL VPN user groups Protection profiles Configuring user groups Configuring Directory Service user groups Configuring SSL VPN user groups Configuring Peer user groups Viewing a list of user groups Page Page Configuring authenticated access Authentication timeout Authentication protocols Firewall policy authentication Configuring authentication for a firewall policy Firewall policy order Configuring authenticated access to the Internet VPN authentication Configuring authentication of SSL VPN users Page Configuring strong authentication of SSL VPN users/user groups Configuring authentication of VPN peers and clients Configuring authentication of PPTP VPN users/user groups Configuring authentication of L2TP VPN users/user groups Configuring authentication of remote IPSec VPN users Page Configuring XAuth authentication Page Page Index A B C D E F H I K M N P Q R U V W X