Fortigate Firewall RADIUS Authorization with Cisco ISE
HTML-код
- Опубликовано: 21 июн 2023
- Remote Admin login with Radius selecting admin access account profile looks like it allows using RADIUS to perform device admin
Import or define the RADIUS vendor dictionary for Fortigate, as Thomas showed
Define an allowed-protocol set or use the existing one to match what configured in Fortigate
Define an authorization profile that returns the required vendor attributes. An example shown in the screenshot
Define a Network Device group for Fortigate
Define a Network Device for Fortigate and specify (4) as its group
Define some internal users or add external ID sources and/or define an ID source sequence
Create a policy set to condition on (4)
In the default authentication policy rule, use (6) as the ID source. Or, you may create additional rules as needed.
In the default authorization policy rule, use (3) as the result. Or, you may create additional rules as needed.
#fortigate #Cisco ISE
#radius #fortinet
Great video. Can you please share the diagram/topology that you used for this demo?