Configuring peer user groups, Viewing a list of user groups – Fortinet FortiGate v3.0 MR7 User Manual
Page 44
FortiOS v3.0 MR7 User Authentication User Guide
44
01-30007-0347-20080828
User groups
Users/peers and user groups
Configuring Peer user groups
Peer user groups can only be configured using the CLI. Peers are digital
certificate holders defined using the config user peer command. You use the
peer groups you define here in the config vpn ipsec phase1 command if
you specify peertype as peergrp.
For PKI user authentication, you can add or edit peer group member information.
User groups that use PKI authentication can also be configured using config
user group
.
To create a peer group - CLI
config user peergrp
edit groupname
set member peer_name
end
This example shows how to add peers to the peergrp EU_branches.
config user peergrp
edit EU_branches
set member Sophia_branch Valencia_branch Cardiff_branch
end
Viewing a list of user groups
To view the list of FortiGate user groups, go to User > User Group.
Figure 20: Example User group list
Create New
Add a new user group.
Group Name
The name of the user group. User group names are listed by type of
user group: Firewall, Directory Service and SSL VPN. For more
information,
see
“Firewall user groups” on page 39
“SSL VPN user groups” on page 40
Members
The Local users, RADIUS servers, LDAP servers, TACACS+ servers,
Directory Service users/user groups or PKI users found in the user
group.
Protection Profile The protection profile associated with this user group.
Delete icon
Delete the user group.
You cannot delete a user group that is included in a firewall policy, a
dialup user phase 1 configuration, or a PPTP or L2TP configuration.
Edit icon
Edit the membership and options of the group.
Expand Arrow
Edit
Delete