Examples and Troubleshooting

Examples and Troubleshooting This chapter provides an example of a FortiGate unit providing authenticated access to the Internet for both Windows network users and local users. The following topics are included in this section: Firewall authentication example LDAP Dial-in using member-attribute example RADIUS SSO example Troubleshooting Firewall authentication example Example configuration Overview In this example, […]

Monitoring authenticated users

Monitoring authenticated users This section describes how to view lists of currently logged-in firewall and VPN users. It also describes how to disconnect users. The following topics are included in this section: Monitoring firewall users Monitoring SSL VPN users Monitoring IPsec VPN users Monitoring users Quarantine Monitoring firewall users To monitor firewall users, go to […]

Agent-based FSSO

Agent-based FSSO FortiOS can provide single sign-on capabilities to Windows AD, Citrix, Novell eDirectory, or, as of FortiOS 5.4, Microsoft Exchange users with the help of agent software installed on these networks. The agent software sends information about user logons to the FortiGate unit. With user information such as IP address and user group memberships […]

Single Sign-On using a FortiAuthenticator unit

Single Sign-On using a FortiAuthenticator unit If you use a FortiAuthenticator unit in your network as a single sign-on agent, Users can authenticate through a web portal on the FortiAuthenticator unit. Users with FortiClient Endpoint Security installed can be automatically authenticated by the FortiAuthenticator unit through the FortiClient SSO Mobility Agent. The FortiAuthenticator unit can […]

Certificate-based authentication

Certificate-based authentication This section provides an overview of how the FortiGate unit verifies the identities of administrators, SSL VPN users, or IPsec VPN peers using X.509 security certificates. The following topics are included in this section: What is a security certificate? Certificates overview Managing X.509 certificates Configuring certificate-based authentication Support for per-VDOM certificates Certificate-based authentication […]

Captive portals

Captive portals A captive portal is a convenient way to authenticate web users on wired or WiFi networks. This section describes: Introduction to Captive portals Configuring a captive portal Customizing captive portal pages Introduction to Captive portals You can authenticate your users on a web page that requests the user’s name and password. Until the […]