That should be it for setting up the Fortinet for two-factor authentication. Important: From the WiKID terminal or via SSH, you will need to run "wikidctl restart" to load the new configuration into the WiKID Radius server.You do not have to enter any information under "Return Attributes". On the next page, enter the shared secret you entered on the Fortinet server.Select Radius and the domain you just created. For the IP Address, use the IP address of your Fortinet VPN appliance. Click Network Clients tab and on "Create a new Network Client".N.B.: If you enter the URL for the Fortinet VPN in the "Registered URL:", the domain will support mutual authentication. So, if the external IP address is 216.239.51.99, the WiKID server code would be 216239051099. The Domain Server code is the zero-padded IP address of the WiKID server. Log into the WiKID server and click on the Domains Tab.Now, we'll add the second factor: WiKID.Select the radius server previously added from the dropdown list.Click “Add” below Remote authentication servers.Click “Create New” or select an existing group assigned to your VPN policy.
Go to the User menu and select User Group -> User Group.Create or modify a user group in the Fortigate:.Enter the shared secret that will be used on the WiKID server.Enter the IP address of the WiKID server.Log in to the Fortigate admin interface.First, on the Fortigate VPN configure the RADIUS server settings:.As always, if this is a new Fortigate setup, test logging in without a WiKID one-time password before adding in two-factor authentication. This document details how to configure a Fortigate VPN to pass authentication requests to the WiKID server. A Fortinet VPN appliance combined with two-factor authentication from WiKIDsecures your perimeters in a very cost-effective manner. More and more small companies are required to use two-factor authentication for remote access to corporate assets.
0 kommentar(er)
