Help Center Home > Authentication > Configure Fortigate to use Cloud RADIUS

Configure Fortigate to use Cloud RADIUS

This article covers configuration of Fortigate devices for use with JumpCloud’s RADIUS Servers. Once configured, users connecting through your Fortigate VPN or networking device can authenticate via RADIUS with their JumpCloud credentials.

Note:

This configuration applies to most Fortigate devices, but screenshots and locations of these settings within the Fortigate systems may vary with newer updates from the vendor.

Prerequisites:

  • A JumpCloud RADIUS server IP address is required to configure a Fortigate device.
  • You also need the shared secret that’s part of a JumpCloud RADIUS server configuration.
    • To find the shared secret:
      1. Go to the JumpCloud Admin Portal.
      2. Select USER AUTHENTICATION > RADIUS from the left-hand navigation.
      3. Select a configured RADIUS server. The Shared Secret is below Server Name. 
      4. Click the eye to make the characters visible, then copy the shared secret to use in the Fortigate configuration. 

To configure a Fortigate device to use JumpCloud RADIUS:

  1. Log in to your Fortigate Admin Panel with your Administrator credentials.
  2. In the left menu, go to User & Authentication > RADIUS Servers.
    • These are the settings that need to be configured to point to JumpCloud’s RADIUS Servers.
      Example of RADIUS server configuration in Fortigate appliance.
  3. Under Edit RADIUS Server, enter the following settings:
    1. Name: JumpCloud RADIUS Server
    2. Authentication Method: Specify
    1. NAS IP: Enter if applicable.
  4. Next, configure the Primary Server:
    1. IP/Name: Enter in the IP Address for the JumpCloud RADIUS Server closest to your geographic region.
    2. Secret: This is the RADIUS Secret you’ve configured within your JumpCloud Admin Portal.
      Locating the Shared Secret defined in the RADIUS Server within the JumpCloud Admin Portal.

Tip:

If Test Connectivity fails after copying / pasting the Shared Secret from the JumpCloud Admin Portal, try entering it manually.

  1. Repeat the previous step for the Secondary Server using a different RADIUS Server.
    • For example, if you used 18.204.0.31 (US East) for your Primary Server, you’ll want to set up 54.203.27.225 (US West) for your Secondary Server. This will ensure a level of fault tolerance if there are issues with connections to the us1 server.
  2. Next, click Test Connectivity for both the Primary and Secondary Servers.
    • If an error occurs, verify the configuration performed in the previous steps.
  3. Finally, click Test User Credentials and enter the credentials of your JumpCloud test account.
    • If an error occurs testing user credentials:
      • Ensure the password of the JumpCloud user is entered correctly.
      • Ensure the username of the JumpCloud user is entered correctly.
      • Verify the test user is associated with the RADIUS Server you configured within the JumpCloud Admin Portal. See Selecting Users for Access to the RADIUS Server.
Invalid credentials error after testing user credentials in the Fortigate console.
Back to Top

Notebook IconLearn More

JumpCloud RADIUS Server IPs

Get Started: RADIUS

Configure your WiFi Clients to use RADIUS

RADIUS Configuration and Authentication

RADIUS Technical Considerations and Protocol Support

Still Have Questions?

If you cannot find an answer to your question in our FAQ, you can always contact us.

Submit a Case