Types of authentication
Types of authentication FortiOS supports two different types of authentication based on your situation and needs: security policy authentication and Virtual Private Network (VPN) authentication....
View ArticleAuthentication servers FortiGate Methods
Authentication servers FortiGate units support the use of external authentication servers. An authentication server can provide password checking for selected FortiGate users or it can be added as a...
View ArticleFortiGate Users and user groups
Users and user groups FortiGate authentication controls system access by user group. By assigning individual users to the appropriate user groups you can control each user’s access to network...
View ArticleFortiGate Managing guest access
Managing guest access Visitors to your premises might need user accounts on your network for the duration of their stay. If you are hosting a large event such as a conference, you might need to create...
View ArticleFortiGate Authentication timeout
Authentication timeout An important feature of the security provided by authentication is that it is temporary—a user must reauthenticate after logging out. Also if a user is logged on and...
View ArticlePassword policy
Password policy Password authentication is effective only if the password is sufficiently strong and is changed periodically. By default, the FortiGate unit requires only that passwords be at least...
View ArticleAuthentication protocols
Authentication protocols When user authentication is enabled on a security policy, the authentication challenge is normally issued for any of the four protocols, HTTP, HTTPS, FTP, and Telnet, which are...
View ArticleAuthentication in captive portals
Authentication in captive portals Network interfaces, including WiFi interfaces, can perform authentication at the interface level using a captive portal — an HTML form that requests the user’s name...
View ArticleAuthentication in security policies
Authentication in security policies Security policies control traffic between FortiGate interfaces, both physical interfaces and VLAN subinterfaces. The firewall tries to match the session’s user or...
View ArticleVPN authentication
VPN authentication All VPN configurations require users to authenticate. Authentication based on user groups applies to: l SSL VPNs l PPTP and L2TP VPNs l an IPsec VPN that authenticates users using...
View ArticleCaptive portals
Captive portals A captive portal is a convenient way to authenticate web users on wired or WiFi networks. This section describes: l Introduction to captive portals l Configuring a captive portal l...
View ArticleWhat is a security certificate?
What is a security certificate? A security certificate is a small text file that is part of a third-party generated public key infrastructure (PKI) to help guarantee the identity of both the user...
View ArticleCertificates overview
Certificates overview Certificates play a major role in authentication of clients connecting to network services via HTTPS, both for administrators and SSL VPN users. Certificate authentication is...
View ArticleTroubleshooting certificates
Troubleshooting certificates There are times when there are problems with certificates — a certificate is seen as expired when its not, or it can’t be found. Often the problem is with a third party web...
View ArticleConfiguring certificate-based authentication
Configuring certificate-based authentication You can configure certificate-based authentication for FortiGate administrators, SSL VPN users, and IPsec VPN users. In Microsoft Windows 7, you can use the...
View ArticleAuthenticating administrators with security certificates
Authenticating administrators with security certificates You can install a certificate on the management computer to support strong authentication for administrators. When a personal certificate is...
View ArticleAuthenticating SSL VPN users with security certificates
Authenticating SSL VPN users with security certificates While the default self-signed certificates can be used for HTTPS connections, it is preferable to use the X.509 server certificate to avoid the...
View ArticleAuthenticating IPsec VPN users with security certificates
Authenticating IPsec VPN users with security certificates To require VPN peers to authenticate by means of a certificate, the FortiGate unit must offer a certificate to authenticate itself to the peer....
View ArticleSupport for per-VDOM certificates
Support for per-VDOM certificates The CA and local certificate configuration is available per-VDOM. When an admin uploads a certificate to a VDOM, it will only be accessible inside that VDOM. When an...
View ArticleClik here to view.
Single sign-on using a FortiAuthenticator unit
Single sign-on using a FortiAuthenticator unit If you use a FortiAuthenticator unit in your network as a single sign-on agent, l Users can authenticate through a web portal on the FortiAuthenticator...
View Article