LDAP to RADIUS mapping for Fortinet Validation server

book

Article ID: 172558

calendar_today

Updated On:

Products

VIP Enterprise Gateway

Issue/Introduction

The vendor type for Fortinet VPN is needed for LDAP to RADIUS mapping inside the Radius Validation server.

Cause

The name has to be encoded inside attribute 26 – which corresponds to “Vendor-Specific” in the VIP configuration.

Within the encoded response, you can define what type of data you’re returning.  In Fortinet’s case, Fortinet-Group-Name corresponds to a Vendor Type or ‘1’.  The full list is here:  http://kb.fortinet.com/kb/documentLink.do?externalID=13837

Their vendor ID is known as 12356.

Environment

Group not being presented to Fortinet in the correct format when attempting to login.

Resolution

 

Attachments

Doc1.docx get_app