Skip to main content
Insearchofanswers
Insearchofanswers
New Member
September 19, 2016
Question

Adding multiple TACACS+ servers for auth

  • September 19, 2016
  • 2 replies
  • 3488 views

Currently we have Fortimanager setup using 1 TACACS+ server and would like to update that since we have more then one server for redundancy. When I went to add see if I could add a secondary server under System settings > Admin > Administrator, I noticed there is only a drop down for one server which is pointing to our Remote Auth Server TACACS+ (which is pointing to one node). If I go to add a remote auth server for Radius I notice there's an option to add a secondary server. I'm wondering if the only way to have automated fail over to a backup remote AAA server is to use Radius? My only other thought is to add multiple administrators each with the same accounts pointing at different TACACS+ servers. Any help would be greatly appreciated.

 

Thanks!!

    2 replies

    Insearchofanswers
    InsearchofanswersAuthor
    New Member
    September 20, 2016

    No one is doing this? I re-read the documentation and there's no mention of it.

    ---

    Option A: Multiple TACAS+ administrators Option B: Switch to using Radius

    Jeff_FTNT
    Staff
    Jeff_FTNT
    Staff
    September 20, 2016

    If you are using FGT, you may add multiple Tacacs+ server to same "User Group".

    But from your description, it look like it is for FortiManager which may not support it. You may move this post to FortiManager site, thanks.

    Terms & ConditionsAccessibility statement