Troubleshooting Tip: How to strengthen RADIUS protocol configuration in FortiManager/FortiAnalyzer
| Description | This article describes how to strengthen RADIUS protocol configuration in FortiManager and FortiAnalyzer. |
| Scope | FortiManager v7.6.2. FortiAnalyzer v7.6.2. |
| Solution | Starting from FortiManager/FortiAnalyzer version 7.6.2, the user will be able to include the additional configuration parameters below to strengthen the RADIUS protocol settings.
config system admin radius edit <server> set protocol {tls | udp} --> TLS over TCP (RadSec) is enabled when the protocol is TLS. set ca-cert <string> --> Option is only available when the protocol is TLS. set client-cert <string> --> Option is only available when the protocol is TLS. set message-authenticator {optional | require} --> When set to require, Message-Authenticator attribute is always used for the RADIUS Access-Request process. end |