![]() ![]() Add the PKI user account to a firewall user group dedicated to PKI-authenticated administrators.Create a PKI user account for the administrator.Install the root certificate and the CRL from the issuing CA on the FortiGate unit (see Installing a CA root certificate and CRL to authenticate remote clients on page 529 ). ![]() Obtain a signed personal certificate for the administrator from a CA and load the signed personal certificate into the web browser on the management computer according to the browser documentation.To enable strong administrative authentication: When a personal certificate is installed on the management computer, the FortiGate unit processes the certificate after the administrator supplies a username and password. You can install a certificate on the management computer to support strong authentication for administrators. Use Import on those screens to import certificate files from other sources.Ī u t h e n t i ca t i n g administrators with security certificates The VPN menu has options for My Certificates (local or client) and CA Certificates (root or intermediary certificate authorities). ![]() To see FortiClient certificates, open the FortiClient Console, and select VPN. Remember that in addition to these system certificates, many applications require you to register certificates with them directly. To access certificate manager, in Windows 7 press the Windows key, enter “certmgr.msc” at the search prompt, and select the displayed match. In Microsoft Windows 7, you can use the certificate manager to keep track of all the different certificates on your local computer. You can configure certificate-based authentication for FortiGate administrators, SSL VPN users, and IPsec VPN users. C on f i gu r i n g certificate-based authentication ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |