NSD1112 How to integrate One Time Password Server with Fortinet – FortiGate firewall
Fact
Nordic Edge One Time Password Server, Fortinet – FortiGate firewall
Situation
Integrate One Time Password Server with Fortinet – FortiGate firewall
Solution
At the FortiGate firewall:
-
Make sure you have an IPSEC tunnel configured
-
Click USER at the left menubar
-
Click RADIUS and Create New
Fill in a userfriendly Name and the IP-address of the OTP server. Also! Fill in a pre-shared key that will be used with OTP-server and click OK.
-
Click User Group
-
Create a new group with your RADIUS Name as member, choose Firewall as Type
-
Click VPN
-
Click IPSEC
-
Click Edit/Configure at the far left of the DUN_Tunnel row, click the Advanced button and you will see the following:
Leave the default settings, only change in the XAuth section:
-
Server Type: PAP
-
User Group: the one you created in step 6
-
Click OK
The configuration of FortiGate firewall should now be done.
At the One Time Password Server:
-
Click configuration
-
Click the RADIUS tab
-
Check enable RADIUS
-
Change the port from 1645 to 1812 (FortiGate uses 1812 for RADIUS)
-
Click Add Client
-
Add the firewall as a client (the IP-address)
-
Make sure that ‘Is RADIUS’ is checked
Disclaimer
The origin of this information may be internal or external to Nordic Edge™. Nordic Edge™ makes all reasonable efforts to verify this information. However, the information provided in this document is for your information only. Nordic Edge™ makes no explicit or implied claims to the validity of this information. Any trademarks referenced in this document are the property of their respective owners.
Nordic Edge Support – www.nordicedge.se
