博客首页 注册 建议与交流 排行榜 加入友情链接
推荐 投诉 搜索: 帮助

大萝卜的博客

   bu.cublog.cn
关于作者   
姓名:      大萝卜
职业:      听人说,技术支持是IT业最鸡肋的职业,于是我便开始郁闷起来!
个性签名:   我以为我们同属于/30,Ping出Timed out才明白处于不同的Vlan。我尝试着用爱做为Route,并用Traceroute来验证,可是Netstat的Syn_received结果让我无比伤心。于是我选择了deny any和deny ip any any,但是我心里一直期待着Vpn那天的到来,请将我放在你的Acl之内。
Mailto:bxz1981#gmail.com

我的分类  




How to use RSA SecureID on fortios 3.0

Configure the RADIUS server

You need to configure the RADIUS server to work with the RSA ACE/Server. See the RSA ACE/Server Administrator's Guide.

Configure the RSA ACE/Server to support the RADIUS server

See the RSA ACE/Server Installation Guide.

Configure the FortiGate unit as an Agent Host

You need to set up the FortiGate unit as an Agent Host within the RSA ACE/Server database.

  1. On the RSA ACE/Server computer, go to Start > Programs > RSA ACE/Server, and then Database Administration - Host Mode.
  2. On the Agent Host menu, select Add Agent Host.
  3. In the Name field, enter a name for the FortiGate unit.
  4. In the Network address field, enter the FortiGate unit IP address.
  5. Select Secondary Nodes and define all hostname/IP addresses that resolve to the FortiGate unit.

If needed, refer to the RSA ACE/Server documentation for more information.

 

Add the RADIUS server

The FortiGate unit will use the RADIUS server to authenticate SecurID users.

  1. Go to User > RADIUS and select Create New.
  2. In the Name field, enter a name for the RADIUS server.
  3. In the Server Name/IP and Server Secret fields, enter the appropriate information about the RADIUS server you configured for use with SecureID.

Create a SecurID user group

You need to create a user group with the SecurID RADIUS server as its only member.

  1. Go to User > User Group.
  2. Select Create New.
  3. In the Name field, enter a name for the group.
  4. In the Available Users/Groups list, select the RADIUS server you configured for use with SecureID.
  5. Select the right arrow button to move the selected server to the Members list.
  6. Select OK.

Use the SecurID user group for authentication

You can use the SecureID user group in several FortiGate features that authenticate by user group:

  • Firewall policies - select the Authentication checkbox and add the SecurID user group to the Allowed list.
  • XAuth in dialup VPN - in the VPN Phase 1 configuration Advanced settings, in the XAuth section, select Enable as Server and choose the SecurID user group.
  • PPTP VPN - in the PPTP configuration, choose the SecurID user group.

 发表于: 2006-11-22,修改于: 2007-03-07 09:46 已浏览1897次,有评论0条 推荐 投诉

  网友评论

  发表评论



Copyright © 2001-2006 ChinaUnix.net All Rights Reserved

感谢所有关心和支持过ChinaUnix的朋友们
页面生成时间:0.59859

京ICP证041476号