{"id":73879,"date":"2023-01-24T11:30:00","date_gmt":"2023-01-24T16:30:00","guid":{"rendered":"https:\/\/jumpcloud.com\/?p=73879"},"modified":"2023-01-26T12:15:38","modified_gmt":"2023-01-26T17:15:38","slug":"substitute-groups-for-access-control-lists","status":"publish","type":"post","link":"https:\/\/jumpcloud.com\/blog\/substitute-groups-for-access-control-lists","title":{"rendered":"Substitute 探花大神 Groups for FortiGate Access Control Lists"},"content":{"rendered":"\n<p>This article describes how to use 探花大神 groups and attribute mapping to set up access control on a new FortiGate device. It\u2019s the second half of a two-part series demonstrating RADIUS AuthN and AuthZ capabilities. The first <a href=\"https:\/\/jumpcloud.com\/blog\/radius-for-fortinet-group-authentication\">post<\/a> converted preexisting FortiGate groups into remote RADIUS users. This approach spares admins the work of having to establish local groups using ACLs on the FortiGate appliance. IT admins can set up strong network access control (NAC) with role-based access to benefit security, workflows, and compliance.<\/p>\n\n\n\n<p>The prerequisite steps involve setting up 探花大神 RADIUS. Please refer back to this <a href=\"https:\/\/support.jumpcloud.com\/s\/article\/configuring-radius-servers-in-jumpcloud1\" target=\"_blank\" rel=\"noreferrer noopener\">support article<\/a> for those complete instructions. The initial step is to create a user group with a remote server that corresponds with 探花大神. The group names should be identical on each side.&nbsp;<\/p>\n\n\n\n<p>This example sets up a general VPN users group as well as an administrators group. Reply attributes, which will be outlined in a later step, will be used to segment entitlements for your users. It\u2019s an example of the flexibility and utility of <a href=\"https:\/\/jumpcloud.com\/platform\/cloud-radius\" target=\"_blank\" rel=\"noreferrer noopener\">探花大神 RADIUS<\/a>.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">RADIUS Reply Attributes<\/h2>\n\n\n\n<p>Configuring the correct RADIUS <a href=\"https:\/\/support.jumpcloud.com\/s\/article\/Configuring-Radius-Reply-Attributes-for-User-Groups\" target=\"_blank\" rel=\"noreferrer noopener\">Reply Attributes<\/a> within 探花大神 is the most crucial step in this tutorial. Return to your 探花大神 group and navigate to the RADIUS tab. This is where attribute mapping is defined and values (aka groups on your FortiGate device) are assigned.&nbsp;<\/p>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>Only use the attribute name: \u201cFortinet-Group-Name\u201d<\/p>\n<\/blockquote>\n\n\n\n<p>This example syncs the 探花大神 group with a local administrators group with the resident entitlements.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"512\" height=\"294\" src=\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/01\/1-4.png\" alt=\"This group is mapped to the local administrator\u2019s group in FortiGate\" class=\"wp-image-73882\" srcset=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/01\/1-4.png 512w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/01\/1-4-300x172.png 300w\" sizes=\"(max-width: 512px) 100vw, 512px\" \/><figcaption class=\"wp-element-caption\"><em>This group is mapped to the local administrator\u2019s group in FortiGate<\/em><\/figcaption><\/figure>\n\n\n\n<p>The appliance will determine the user\u2019s level of access control when more than one group is assigned to a RADIUS server. A 探花大神 RADIUS group that has the RADIUS-Fortigate-VPN_Users attribute value will provide general VPN access and the administrators groups will authorize against FortiGate\u2019s super admin profile.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"212\" height=\"107\" src=\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/01\/2-4.png\" alt=\"screenshot of add group match screen\" class=\"wp-image-73883\"\/><\/figure>\n\n\n\n<p>Users that belong to multiple 探花大神 RADIUS groups won\u2019t receive multiple Reply Attributes, making it possible to have a separate administrative login. For compliance purposes, network security should vet access to the administrative group and user creation in 探花大神. 探花大神 groups leverage <a href=\"https:\/\/jumpcloud.com\/blog\/the-immediate-advantages-of-attribute-based-access-control\">attribute-based access control<\/a> (ABAC), automating the identity management lifecycle by recognizing and responding to changes in employment. This adds an additional security control to your posture via a mature approach to entitlements management.<\/p>\n\n\n\n<p>探花大神 RADIUS also provides integrated Push and TOTP <a href=\"https:\/\/jumpcloud.com\/platform\/multi-factor-authentication-mfa\" target=\"_blank\" rel=\"noreferrer noopener\">multi-factor authentication<\/a> (MFA). Privileged access management is possible through optional <a href=\"https:\/\/support.jumpcloud.com\/s\/article\/Getting-Started-Conditional-Access-Policies\" target=\"_blank\" rel=\"noreferrer noopener\">conditional access policies<\/a>. These security features make it possible to enact a <a href=\"https:\/\/jumpcloud.com\/resources\/zero-trust-security\" target=\"_blank\" rel=\"noreferrer noopener\">Zero Trust<\/a> security strategy for network hardware.<\/p>\n\n\n\n<p>Now, let\u2019s move on to the FortiGate setup.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">FortiGate Setup<\/h2>\n\n\n\n<p>Configure your FortiGate <a href=\"https:\/\/docs.fortinet.com\/document\/fortigate\/7.2.3\/administration-guide\/759080\/configuring-a-radius-server\" target=\"_blank\" rel=\"noreferrer noopener\">RADIUS server<\/a> for <a href=\"https:\/\/jumpcloud.com\/blog\/manage-and-secure-remote-access-to-fortinet-network-appliances\">探花大神 RADIUS<\/a>. Fortinet also documents how to configure <a href=\"https:\/\/docs.fortinet.com\/document\/fortigate\/6.0.0\/Cookbook\/690301\/configuring-the-ssl-vpn-tunnel\" target=\"_blank\" rel=\"noreferrer noopener\">SSL VPNs<\/a> and <a href=\"https:\/\/help.fortinet.com\/fortiproxy\/11\/Content\/Admin%20Guides\/FPX-AdminGuide\/750_VPN\/755a_CreateSSLVPNPortal.htm\" target=\"_blank\" rel=\"noreferrer noopener\">SSL VPN captive portals<\/a> in its knowledge base. Refer back to its documentation for details on those steps. Proceed to the next section when you\u2019re ready.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Set Up Remote User Groups<\/h3>\n\n\n\n<p>This tutorial demonstrates RADIUS authentication into two groups: one for general VPN access and another for a privileged group for administrators. Settings establish the appropriate entitlements.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"512\" height=\"314\" src=\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/01\/3-3.png\" alt=\"screenshot of FortiGate 60F\" class=\"wp-image-73884\" srcset=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/01\/3-3.png 512w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/01\/3-3-300x184.png 300w\" sizes=\"(max-width: 512px) 100vw, 512px\" \/><\/figure>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"512\" height=\"366\" src=\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/01\/4-3.png\" alt=\"screenshot of edit users group. This step enables reply attributes to segment user authorizations.\" class=\"wp-image-73885\" srcset=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/01\/4-3.png 512w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/01\/4-3-300x214.png 300w\" sizes=\"(max-width: 512px) 100vw, 512px\" \/><figcaption class=\"wp-element-caption\"><em>This step enables reply attributes to segment user authorizations<\/em><\/figcaption><\/figure>\n\n\n\n<h3 class=\"wp-block-heading\">Match Users in 探花大神 and Local Groups<\/h3>\n\n\n\n<p>Add users to your groups. Fortinet provides <a href=\"https:\/\/help.fortinet.com\/fortiproxy\/11\/Content\/Admin%20Guides\/FPX-AdminGuide\/800_User\/802a_CreateUserGroup.htm#:~:text=Select%20Add%20and%20then%20select,a%20group%20for%20the%20server.&amp;text=%2DOn%20(FSSO)-,This%20type%20of%20group%20can%20be%20selected%20in,policy%20that%20requires%20FSSO%20authentication.&amp;text=If%20you%20selected%20the%20FSSO,from%20the%20drop%2Ddown%20list.\" target=\"_blank\" rel=\"noreferrer noopener\">directions<\/a> on how to add and create groups. Be certain to match the user names with 探花大神 RADIUS user names, exactly.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"512\" height=\"347\" src=\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/01\/5-3.png\" alt=\"screenshot of FortiGate 60F\" class=\"wp-image-73886\" srcset=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/01\/5-3.png 512w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/01\/5-3-300x203.png 300w\" sizes=\"(max-width: 512px) 100vw, 512px\" \/><figcaption class=\"wp-element-caption\"><em>This step adds users to remote 探花大神-based groups<\/em><\/figcaption><\/figure>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"512\" height=\"364\" src=\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/01\/6-2.png\" alt=\"screenshot of FortiGate 60F\" class=\"wp-image-73887\" srcset=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/01\/6-2.png 512w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/01\/6-2-300x213.png 300w\" sizes=\"(max-width: 512px) 100vw, 512px\" \/><figcaption class=\"wp-element-caption\"><em>In this example, an administrative profile was selected for the local admins group, granting the corresponding 探花大神 group users those entitlements<\/em><\/figcaption><\/figure>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"512\" height=\"248\" src=\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/01\/7-2.png\" alt=\"screenshot of user details\" class=\"wp-image-73888\" srcset=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/01\/7-2.png 512w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/01\/7-2-300x145.png 300w\" sizes=\"(max-width: 512px) 100vw, 512px\" \/><figcaption class=\"wp-element-caption\"><em>The user name in 探花大神 and Fortinet would be \u201chank.aaron\u201d<\/em><\/figcaption><\/figure>\n\n\n\n<p>Test your configuration by attempting to log in with active users. You may also view events in 探花大神\u2019s directory reporting module.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Reporting<\/h2>\n\n\n\n<p>探花大神\u2019s <a href=\"https:\/\/support.jumpcloud.com\/s\/article\/探花大神-Directory-Insights#:~:text=Directory%20Insights%20is%20探花大神's%20event,who%20of%20your%20directory%20activities.\" target=\"_blank\" rel=\"noreferrer noopener\">Directory Insights<\/a> captures and logs RADIUS authentications. It makes it possible to determine which user is attempting to access your resources and whether it was successful. Directory Insights is useful for debugging and testing your RADIUS configuration deployments.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"512\" height=\"418\" src=\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/01\/8-2.png\" alt=\"探花大神 Directory Insights\" class=\"wp-image-73889\" srcset=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/01\/8-2.png 512w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/01\/8-2-300x245.png 300w\" sizes=\"(max-width: 512px) 100vw, 512px\" \/><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\">Try 探花大神 RADIUS<\/h2>\n\n\n\n<p>Additional <a href=\"https:\/\/community.jumpcloud.com\/t5\/networks\/bd-p\/networks\" target=\"_blank\" rel=\"noreferrer noopener\">technical discussion<\/a> about this topic is best reserved for the 探花大神 community. 探花大神\u2019s full platform is <a href=\"https:\/\/console.jumpcloud.com\/signup\" target=\"_blank\" rel=\"noreferrer noopener\">free<\/a> for 10 users and devices with premium chat support for the first 10 days to get your started. The open directory platform provides SSO to everything:<\/p>\n\n\n\n<ul>\n<li>SAML<\/li>\n\n\n\n<li>OIDC\/OAUTH<\/li>\n\n\n\n<li>LDAP<\/li>\n\n\n\n<li>RADIUS<\/li>\n<\/ul>\n\n\n\n<p>Attribute-based <a href=\"https:\/\/jumpcloud.com\/blog\/welcome-to-groups\">group<\/a> access control, mobile device management (<a href=\"https:\/\/jumpcloud.com\/platform\/mdm\" target=\"_blank\" rel=\"noreferrer noopener\">MDM<\/a>), <a href=\"https:\/\/support.jumpcloud.com\/s\/article\/getting-started-commands-2019-08-21-10-36-47\" target=\"_blank\" rel=\"noreferrer noopener\">commands<\/a>, and <a href=\"https:\/\/jumpcloud.com\/policy-list#:~:text=探花大神%20Policies%20are%20a%20cloud,behavior%20on%20探花大神%2Dmanaged%20devices.\" target=\"_blank\" rel=\"noreferrer noopener\">GPO-like policies<\/a> are included in the platform for advanced identity lifecycle management. 探花大神 also features integrated <a href=\"https:\/\/jumpcloud.com\/blog\/jumpcloud-introduces-remote-assist\">remote assistance<\/a>, <a href=\"https:\/\/support.jumpcloud.com\/s\/article\/探花大神-Reports#:~:text=they%20have%20deployed.-,Running%20a%20Report,report%20from%20the%20drop%2Ddown.\" target=\"_blank\" rel=\"noreferrer noopener\">reporting<\/a>, and an optional <a href=\"https:\/\/jumpcloud.com\/platform\/password-manager\" target=\"_blank\" rel=\"noreferrer noopener\">password manager<\/a> and cross-OS <a href=\"https:\/\/jumpcloud.com\/platform\/patch-management\" target=\"_blank\" rel=\"noreferrer noopener\">patch management<\/a>. The directory platform works across Android (soon), Apple, Linux, and Windows devices, managing identities wherever the user is.<\/p>\n\n\n\n<p><strong>Need a Helping Hand?<\/strong> Reach out to <a href=\"mailto:professionalservices@jumpcloud.com\" target=\"_blank\" rel=\"noreferrer noopener\">professionalservices@jumpcloud.com<\/a> for assistance to determine which Professional Service option might be right for you.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Convert existing FortiGate users into RADIUS users, leveraging 探花大神 for authentication and better network security.<\/p>\n","protected":false},"author":150,"featured_media":47641,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_oasis_is_in_workflow":0,"_oasis_original":0,"_oasis_task_priority":"","inline_featured_image":false,"footnotes":""},"categories":[2781,2337],"tags":[],"collection":[2779,2780],"platform":[],"funnel_stage":[3014],"coauthors":[2535],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v22.9 (Yoast SEO v22.9) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Substitute 探花大神 Groups for FortiGate Access Control Lists - 探花大神<\/title>\n<meta name=\"description\" content=\"Convert existing FortiGate users into RADIUS users, leveraging 探花大神 for authentication and better network security.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/jumpcloud.com\/blog\/substitute-groups-for-access-control-lists\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Substitute 探花大神 Groups for FortiGate Access Control Lists\" \/>\n<meta property=\"og:description\" content=\"Convert existing FortiGate users into RADIUS users, leveraging 探花大神 for authentication and better network security.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/jumpcloud.com\/blog\/substitute-groups-for-access-control-lists\" \/>\n<meta property=\"og:site_name\" content=\"探花大神\" \/>\n<meta property=\"article:published_time\" content=\"2023-01-24T16:30:00+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-01-26T17:15:38+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2020\/09\/identity-control-active-directory-jumpcloud.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"780\" \/>\n\t<meta property=\"og:image:height\" content=\"521\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"David Worthington\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"David Worthington\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/jumpcloud.com\/blog\/substitute-groups-for-access-control-lists#article\",\"isPartOf\":{\"@id\":\"https:\/\/jumpcloud.com\/blog\/substitute-groups-for-access-control-lists\"},\"author\":{\"name\":\"David Worthington\",\"@id\":\"https:\/\/jumpcloud.com\/#\/schema\/person\/185ca12034835ee50ee17b100abdfb2e\"},\"headline\":\"Substitute 探花大神 Groups for FortiGate Access Control Lists\",\"datePublished\":\"2023-01-24T16:30:00+00:00\",\"dateModified\":\"2023-01-26T17:15:38+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/jumpcloud.com\/blog\/substitute-groups-for-access-control-lists\"},\"wordCount\":791,\"publisher\":{\"@id\":\"https:\/\/jumpcloud.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/jumpcloud.com\/blog\/substitute-groups-for-access-control-lists#primaryimage\"},\"thumbnailUrl\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2020\/09\/identity-control-active-directory-jumpcloud.jpg\",\"articleSection\":[\"How-To\",\"Remote Work\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/jumpcloud.com\/blog\/substitute-groups-for-access-control-lists\",\"url\":\"https:\/\/jumpcloud.com\/blog\/substitute-groups-for-access-control-lists\",\"name\":\"Substitute 探花大神 Groups for FortiGate Access Control Lists - 探花大神\",\"isPartOf\":{\"@id\":\"https:\/\/jumpcloud.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/jumpcloud.com\/blog\/substitute-groups-for-access-control-lists#primaryimage\"},\"image\":{\"@id\":\"https:\/\/jumpcloud.com\/blog\/substitute-groups-for-access-control-lists#primaryimage\"},\"thumbnailUrl\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2020\/09\/identity-control-active-directory-jumpcloud.jpg\",\"datePublished\":\"2023-01-24T16:30:00+00:00\",\"dateModified\":\"2023-01-26T17:15:38+00:00\",\"description\":\"Convert existing FortiGate users into RADIUS users, leveraging 探花大神 for authentication and better network security.\",\"breadcrumb\":{\"@id\":\"https:\/\/jumpcloud.com\/blog\/substitute-groups-for-access-control-lists#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/jumpcloud.com\/blog\/substitute-groups-for-access-control-lists\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/jumpcloud.com\/blog\/substitute-groups-for-access-control-lists#primaryimage\",\"url\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2020\/09\/identity-control-active-directory-jumpcloud.jpg\",\"contentUrl\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2020\/09\/identity-control-active-directory-jumpcloud.jpg\",\"width\":780,\"height\":521,\"caption\":\"person typing on a laptop\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/jumpcloud.com\/blog\/substitute-groups-for-access-control-lists#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/jumpcloud.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Substitute 探花大神 Groups for FortiGate Access Control Lists\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/jumpcloud.com\/#website\",\"url\":\"https:\/\/jumpcloud.com\/\",\"name\":\"探花大神\",\"description\":\"Daily insights on directory services, IAM, LDAP, identity security, SSO, system management (Mac, Windows, Linux), networking, and the cloud.\",\"publisher\":{\"@id\":\"https:\/\/jumpcloud.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/jumpcloud.com\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/jumpcloud.com\/#organization\",\"name\":\"探花大神\",\"url\":\"https:\/\/jumpcloud.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png\",\"contentUrl\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png\",\"width\":598,\"height\":101,\"caption\":\"探花大神\"},\"image\":{\"@id\":\"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/jumpcloud.com\/#\/schema\/person\/185ca12034835ee50ee17b100abdfb2e\",\"name\":\"David Worthington\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/jumpcloud.com\/#\/schema\/person\/image\/d9acf1381c6e5b50c0f50d47b7b05411\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/a6dde901b469c9005c22973e42038d62?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/a6dde901b469c9005c22973e42038d62?s=96&d=mm&r=g\",\"caption\":\"David Worthington\"},\"description\":\"I'm the 探花大神 Champion for Product, Security. 探花大神 and Microsoft certified, security analyst, a one-time tech journalist, and former IT director.\",\"sameAs\":[\"https:\/\/jumpcloud.com\/blog\",\"david.worthington@jumpcloud.com\"]}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Substitute 探花大神 Groups for FortiGate Access Control Lists - 探花大神","description":"Convert existing FortiGate users into RADIUS users, leveraging 探花大神 for authentication and better network security.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/jumpcloud.com\/blog\/substitute-groups-for-access-control-lists","og_locale":"en_US","og_type":"article","og_title":"Substitute 探花大神 Groups for FortiGate Access Control Lists","og_description":"Convert existing FortiGate users into RADIUS users, leveraging 探花大神 for authentication and better network security.","og_url":"https:\/\/jumpcloud.com\/blog\/substitute-groups-for-access-control-lists","og_site_name":"探花大神","article_published_time":"2023-01-24T16:30:00+00:00","article_modified_time":"2023-01-26T17:15:38+00:00","og_image":[{"width":780,"height":521,"url":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2020\/09\/identity-control-active-directory-jumpcloud.jpg","type":"image\/jpeg"}],"author":"David Worthington","twitter_card":"summary_large_image","twitter_misc":{"Written by":"David Worthington","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/jumpcloud.com\/blog\/substitute-groups-for-access-control-lists#article","isPartOf":{"@id":"https:\/\/jumpcloud.com\/blog\/substitute-groups-for-access-control-lists"},"author":{"name":"David Worthington","@id":"https:\/\/jumpcloud.com\/#\/schema\/person\/185ca12034835ee50ee17b100abdfb2e"},"headline":"Substitute 探花大神 Groups for FortiGate Access Control Lists","datePublished":"2023-01-24T16:30:00+00:00","dateModified":"2023-01-26T17:15:38+00:00","mainEntityOfPage":{"@id":"https:\/\/jumpcloud.com\/blog\/substitute-groups-for-access-control-lists"},"wordCount":791,"publisher":{"@id":"https:\/\/jumpcloud.com\/#organization"},"image":{"@id":"https:\/\/jumpcloud.com\/blog\/substitute-groups-for-access-control-lists#primaryimage"},"thumbnailUrl":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2020\/09\/identity-control-active-directory-jumpcloud.jpg","articleSection":["How-To","Remote Work"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/jumpcloud.com\/blog\/substitute-groups-for-access-control-lists","url":"https:\/\/jumpcloud.com\/blog\/substitute-groups-for-access-control-lists","name":"Substitute 探花大神 Groups for FortiGate Access Control Lists - 探花大神","isPartOf":{"@id":"https:\/\/jumpcloud.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/jumpcloud.com\/blog\/substitute-groups-for-access-control-lists#primaryimage"},"image":{"@id":"https:\/\/jumpcloud.com\/blog\/substitute-groups-for-access-control-lists#primaryimage"},"thumbnailUrl":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2020\/09\/identity-control-active-directory-jumpcloud.jpg","datePublished":"2023-01-24T16:30:00+00:00","dateModified":"2023-01-26T17:15:38+00:00","description":"Convert existing FortiGate users into RADIUS users, leveraging 探花大神 for authentication and better network security.","breadcrumb":{"@id":"https:\/\/jumpcloud.com\/blog\/substitute-groups-for-access-control-lists#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/jumpcloud.com\/blog\/substitute-groups-for-access-control-lists"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/jumpcloud.com\/blog\/substitute-groups-for-access-control-lists#primaryimage","url":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2020\/09\/identity-control-active-directory-jumpcloud.jpg","contentUrl":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2020\/09\/identity-control-active-directory-jumpcloud.jpg","width":780,"height":521,"caption":"person typing on a laptop"},{"@type":"BreadcrumbList","@id":"https:\/\/jumpcloud.com\/blog\/substitute-groups-for-access-control-lists#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/jumpcloud.com\/"},{"@type":"ListItem","position":2,"name":"Substitute 探花大神 Groups for FortiGate Access Control Lists"}]},{"@type":"WebSite","@id":"https:\/\/jumpcloud.com\/#website","url":"https:\/\/jumpcloud.com\/","name":"探花大神","description":"Daily insights on directory services, IAM, LDAP, identity security, SSO, system management (Mac, Windows, Linux), networking, and the cloud.","publisher":{"@id":"https:\/\/jumpcloud.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/jumpcloud.com\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/jumpcloud.com\/#organization","name":"探花大神","url":"https:\/\/jumpcloud.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/","url":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png","contentUrl":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png","width":598,"height":101,"caption":"探花大神"},"image":{"@id":"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/jumpcloud.com\/#\/schema\/person\/185ca12034835ee50ee17b100abdfb2e","name":"David Worthington","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/jumpcloud.com\/#\/schema\/person\/image\/d9acf1381c6e5b50c0f50d47b7b05411","url":"https:\/\/secure.gravatar.com\/avatar\/a6dde901b469c9005c22973e42038d62?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/a6dde901b469c9005c22973e42038d62?s=96&d=mm&r=g","caption":"David Worthington"},"description":"I'm the 探花大神 Champion for Product, Security. 探花大神 and Microsoft certified, security analyst, a one-time tech journalist, and former IT director.","sameAs":["https:\/\/jumpcloud.com\/blog","david.worthington@jumpcloud.com"]}]}},"_links":{"self":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/posts\/73879"}],"collection":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/users\/150"}],"replies":[{"embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/comments?post=73879"}],"version-history":[{"count":3,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/posts\/73879\/revisions"}],"predecessor-version":[{"id":74202,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/posts\/73879\/revisions\/74202"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/media\/47641"}],"wp:attachment":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/media?parent=73879"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/categories?post=73879"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/tags?post=73879"},{"taxonomy":"collection","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/collection?post=73879"},{"taxonomy":"platform","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/platform?post=73879"},{"taxonomy":"funnel_stage","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/funnel_stage?post=73879"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/coauthors?post=73879"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}