VPN – Fortinet FortiGate

In this topic, you will learn how to configure Fortinet FortiGate to work together with Portnox™ Cloud and 802.1X RADIUS authentication for VPN connections.

Warning: This topic contains documentation prepared by our support agents more than 12 months ago. It may not cover the newest models or the newest interfaces of NAS devices. We’re working on bringing you updated documentation for NAS devices in the near future. However, the methods of setting up third-party devices may still change when the manufacturers update their firmware or release new models. Therefore, to get the most accurate and current configuration guidance, we strongly recommend that you refer to the documentation provided by the manufacturer. If you need help setting up newer equipment that does not match the description in this topic, contact us at support@portnox.com.
  1. In the Fortinet web interface, navigate to User & Authentication > RADIUS Servers to create a new RADIUS Server and enter your cloud RADIUS IP address. Then, click on OK.

  2. In the top-right corner of the screen, click on >_ to enter the CLI.

  3. In the CLI, change the authentication port to the relevant port used by your cloud RADIUS and enter the secret for your cloud RADIUS: 
    config system global
set radius-port your_authentication_port
end
  4. In User & Authentication > User Groups, create a new group.
  5. Under Remote Groups, add the relevant RADIUS server.

  6. Under Policy & Objects > Firewall Policy, create a new Rule.
  7. Edit that relevant rule and add VPN_Group under Source.