I have a question, I was tasked with configuring user authentication through our firewall. What management wants to do is configure our Fortigate firewall to allow users to access the internal network using their LDAP user name and password.
What should happen is a user should be able to do is use the foritgate client and connect to the firewall using SSL and access the network. Access should be based on a user's membership of a particular group.
As an example: User uses VPN client to connect, if the user is not a mamaber of a group that has access he gets denied access to the internal network, then based on membership the user recieves access to resources linked to their group.
What I need to do is to configure user group to first be either approved or denied access based on group membership based on membership to a group. Second i need of users to have access to only certain resources based on their membership.
I need to try to do this through group policies, don't think i could do this through policies on the firewall as there is a hundred or so groups that will need to be configured this way, and there are several hundred firewall that will need to be configured.