Select Yes in the Allow RADIUS connections dropdown. Navigate to Core Services > Policies and select an existing policy to modify it or add a new one. Select the option you would like to use for your secondary authentication challenge. Configure the following: Authentication Mechanism In the Admin Portal, navigate to Settings > Authentication > Authentication Profiles.Ĭlick Add Profile to create a new profile for VPN MFA (see Create authentication profiles for more information). Step 3: Enable the RADIUS client connection and define authentication requirements. Provide the port number in which the CyberArk Identity Connector talks to CyberArk Identity. Confirm with your network administrator that your corporate firewall rules are not blocking this connection, for example if your VPN server is in the DMZ. Your VPN server and the connector must be able to communicate. Select an existing connector or add a new one that you would like to accept RADIUS connections for VPN authentication for Fortinet FortiGate VPN.Ĭlick RADIUS and select the Enable incoming RADIUS connections checkbox. In the Admin Portal, click Settings > Network > CyberArk Identity Connector. Step 2: Configure the CyberArk Identity Connector to be a RADIUS server. The keys must match to enable authentication. If you have entered a secret key on your RADIUS client, then enter that same key here. In the RADIUS Client Settings window, fill in the following fields: RADIUS Client SettingĮnter a unique name such as FortiGate VPN.Įnter the hostname or IP address of the FortiGate appliance.Įnter the shared secret key for the RADIUS client and CyberArk Identity.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |