Troubelshooting Tip: How to troubleshoot the TACACS+ admin account user forced logged out issue on FortiDDoS-F

Issue Reproduction

1. The administrator/user accounts authenticated via a remote TACACS+ server would be logged out forcefully 5 minutes after every successful log-in. The issue can be reproduced in FortiDDoS-F firmware v7.0.X. In the example, the FortiDDoS-F is configured with a TACACS+ remote authentication server.

2. No other user was created in the FortiDDoS-F administrator page. The non-existing user will be authenticated from the TACACS+ server and check the admin-profile from the TACACS+ server.

3. Test the user login using the TACACS+ user credential. The user would be forcefully logged out 5 minutes after the login. The FortiDDoS-F event log should be showing the login and logout history of the user.

4. The forceful logout issue remains even after tweaking the idle timeout value.

5. It is a bug issue on FortiDDoS-F with firmware v7.0.X. The issue is no longer seen in firmware v7.2.X, which is resolved in the version. While a workaround can be referred to as follows.

Workaround:

1. To overcome the issue without upgrading the firmware version, create the administrator/user accounts in the FortiDDoS-F for each of the TACACS+ user accounts.

2. With the TACACS+ user account created in FortiDDoS-F, the forceful logout issue will no longer be observed.

Related document:

Configuring TACACS+ authentication