HELP FILE

Fortinet VPN configuration for the LastPass Universal Proxy RADIUS protocol

    • Define a RADIUS server profile:
      1. Log in to the Fortinet FortiGate SSL VPN administration portal.
      2. In the left navigation, go to User & Device > RADIUS Servers.
      3. Click Create New.

        The Edit RADIUS Server page appears.


      4. Enter the following information:

        Name
        Enter a name for your RADIUS server.
        Authentication method
        Select Specify.
        Select PAP.
        Note: Only Password Authentication Protocol (PAP) is supported by the service.
        NAS IP
        Enter your Network Access Server IP address. This step is optional.

      5. In the Primary Server group box, enter the following information:

        IP/Name
        Enter the LastPass Universal Proxy IP address.
        Secret
        Enter the password which is set on your RADIUS server.

      6. Click OK.
      7. Set the Remote Authentication Timeout. Run the following commands from the command line, you can use these command line instructions:

        hostname # config system global
        hostname # set remoteauthtimeout 60
        hostname # end

        Create a user and user group:

      8. In the left navigation, select User & Device > User Definition.

      9. In the Users/Groups Creation Wizard page, set the following:
        1. For the User Type select Remote RADIUS User.
        2. Click Next.
        3. For the RADIUS Server set the following:

          Username
          Enter a username for your user.
          RADIUS Server
          In the drop-down menu select the RADIUS server configured in previous steps.

        4. Click Next.
        5. For the Contact Info enter the Email Address.
        6. For the Extra Info select Enabled in the User Account Status field.
        7. Click Submit to complete the setup.
      10. In the left navigation, go to User & Device > User Groups, to create a user group and add the previously created server profile.
    Results: The Fortinet FortiGate SSL VPN has been configured.