FortiGate Local User & Group Authentication
Authenticating Local Users and Groups with FortiGate
Local User and Groups Authentication in FortiGate FW
FortiGate local user and group authentication is a powerful security feature that can help protect your network from unauthorized access. It allows you to create and manage local user accounts and groups, and assign them specific privileges and access rights. This ensures that only authorized users can access your network resources and that they can only do so in accordance with your security policies.
By using FortiGate local user and group authentication, you can ensure that only authorized users can access your network resources, and that they can only do so in accordance with your security policies. This helps to protect your network from unauthorized access and ensures that your data remains secure.
Create Local Users LocalUser01 and LocalUser02
Create a local group called LocalGroup01 and add both users to it.
Click on the Firewall Policy rule, then click Source. Additionally, any user must be a member of the local group created in order to allow traffic (HTTP, HTTPS, SSH, FTP) through the Firewall after providing the correct username and password.
On the client machine, the IP address is 10.10.0.13 (DHCP enabled on FW) and the GW is 10.10.0.1 (FW itself).
FortiGate will check its internal database to confirm the identity of the user.
If you try to access a website, you may be prompted to provide authentication.
In Dashboard > Users and Devices, it’s showing a firewall user.
You can select that user and click on de-authenticate which will force that user next time to re-authenticate to gain internet access.
