Authentication servers

Leave a reply

IPsec VPN XAuth

Extended Authentication (XAuth) increases security by requiring user authentication in addition to the preshared key.

When creating an IPsec VPN using the wizard (VPN > IPsec > Wizard), select the SecurID User Group on the Authentication page. Members of the SecurID group are required to enter their SecureID code to authenticate. For more on XAuth, see Configuring XAuth authentication on page 511

PPTP VPN

PPTP VPN is configured in the CLI. In the PPTP configuration (config vpn pptp), set usrgrp to the SecurID user group.

 

SSL VPN

You need to map the SecurID user group to the portal that will serve SecurID users and include the SecurID user group in the Source User(s) field in the security policy.

 

To map the SecurID group to an SSL VPN portal:

1. Go to VPN > SSL > Settings.

2. In Authentication/Portal Mapping, select Create New.

3. Enter

Users/Groups                            securIDgrp

Portal                                          Choose the portal.

4. Select OK.

 

Pages: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21
This entry was posted in FortiOS 5.4 Handbook on by .

About Mike

Michael Pruett, CISSP has a wide range of cyber-security and network engineering expertise. The plethora of vendors that resell hardware but have zero engineering knowledge resulting in the wrong hardware or configuration being deployed is a major pet peeve of Michael's. This site was started in an effort to spread information while providing the option of quality consulting services at a much lower price than Fortinet Professional Services. Owns PacketLlama.Com (Fortinet Hardware Sales) and Office Of The CISO, LLC (Cybersecurity consulting firm).

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.