Fortigate/FortiAP: device based authentication using certificates

Author
greelanx
New Member
  • Total Posts : 3
  • Scores: 0
  • Reward points: 0
  • Joined: 2014/07/03 14:59:36
  • Status: offline
2014/07/07 03:15:33 (permalink)
0

Fortigate/FortiAP: device based authentication using certificates

Hello everbody,

I wan to secure my Wifi at home with 802.1x authentication.

In general using 802.1x authentication there are two methods:

- User based authentication
- Device based authentication

I just want to authenticate devices I do NOT want to authenticate users.

The goal is that only devices which have a certificate installed can connect to my wifi network. If the device does not have a certificate access should be denied.

This has to work without a windows domain as the device could be a linux machine, an iphone, android device, windows machine, etc.

Note: if required I have a Microsoft CA which can issue certficates, an AD Domain Controller and a Radius server (Microsoft NPS) which can be used.

If there is a way just using a certificate which is installed on the Fortigate that would be fine enough.

I went through the manuals and the KB and there are some guides how to configure e.g. AD based user authentication but there is almost no information regarding certificates in general and especially device based authentication using certificates.

I asked support and they said I should use the cli commands

config system global
set wifi-certificate
set wifi-ca-certificate

Unfortunately the manual doesn' t describe what exactly this does and how it is used :-(


Does anybody know how device based authentication using certificates is configured?


Best regards
#1

0 Replies Related Threads

    Jump to:
    © 2019 APG vNext Commercial Version 5.5