Multiple RADIUS Clients

Forum|Forum|10 years ago
March 24, 2016
1 reply
12270 views

We are wanting to add about 75 devices for RADIUS authentication to the FortiAuthenticator. I want to use password-only authentication, use a particular realm, and apply a group filter to that realm. I don't want to have to do those steps for each device I import. I can see two possibilities that would be better, but they would both require some changes to the programming of the FortiAuthenticator:

[ul]

Instead of Client name/IP, you put in a subnet instead (e.g., 10.11.20.0/24).

You could allow for more fields on the CSV import file that define things like auth_type,realm,group_filter[/ul]

But I don't want to wait for some future version of code. Is it possible to do the things I want without having to tweak every single device that gets imported?

Thanks!

FortiAnalyzer

Best answer by Carl_Windsor_FTNT

You are correct, what is being requested is not currently supported. CSV and API do not support setting to this level of granularity. Please continue as suggested and submit your feature requests through your Fortinet rep.

However......

>Instead of Client name/IP, you put in a subnet instead (e.g., 10.11.20.0/24).

This is already being considered for the 5.0 release.

jimsokol

New Member

I too, have this question, as I may have to perform this for several hundred units. I have not been able to determine if the REST API will allow for this.

emnoc

New Member

You can import for the clients, which might be what your looking for.

ken

jimsokol

New Member

CSV only allows for name, IP/host, and optionally, the secret. The task is to avoid to still have to edit to set other things like authentication method and realm (with filtering)

...jim

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded