Staff & Editor

Technical Tip: How to configure TACACS+ authentication for managed FortiGate from FortiManager

Forum|Forum|3 months ago
February 23, 2026
0 replies
306 views

Description

This article describes the general steps to create & configure TACACS+ remote authentication for a managed FortiGate from FortiManager.

Scope

FortiManager, FortiGate.

Solution

Enable TACACS+ from feature visibility:

FortiManager -> Policy & Object -> User & Authentication -> Tools -> Feature Visibility -> TACACS+ Servers.

Create TACACS+ Servers under FortiManager -> Policy & Object -> User & Authentication -> TACACS+ Servers -> Create New.

Create a User Group and add TACACS+ Servers as members: FortiManager -> Policy & Object -> User & Authentication -> User Groups -> Create New.

Proceed to create an admin user for remote login: FortiManager -> Device Manager -> select device -> System -> Administrator -> Create New.

Proceed to 'Install Policy' and validate the 'Install Preview'.

Once the 'Install Policy' completes, proceed to test the login FortiGate with the TACACS+ user.

Note: To get FortiGate TACACS configuration and diagnose commands for verification, refer to Technical Tip: How to configure TACACS+ authentication and authorization in FortiGate.