search cancel

LDAP to RADIUS mapping for Fortinet Validation server

book

Article ID: 172558

calendar_today

Updated On:

Products

VIP Enterprise Gateway

Issue/Introduction

The vendor type for Fortinet VPN is needed for LDAP to RADIUS mapping inside the Radius Validation server.

Environment

Group not being presented to Fortinet in the correct format when attempting to login.

Cause

The name has to be encoded inside attribute 26 – which corresponds to “Vendor-Specific” in the VIP configuration.

Within the encoded response, you can define what type of data you’re returning.  In Fortinet’s case, Fortinet-Group-Name corresponds to a Vendor Type or ‘1’.  The full list is here:  http://kb.fortinet.com/kb/documentLink.do?externalID=13837

Their vendor ID is known as 12356.

Resolution

 

Attachments

Doc1.docx get_app