Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
FortiGate authenticate with radius and local user.
Hello All,
I am using FortiGate 6.4.X ,Want to implement radius base authentication. I configured the Radius server and able to login through both Radius and local admin user.
Now I want prioritize the authentication method in such way .
like default authentication will be using Radius base and if radius fail it will allow local user.
Any help much appreciated
Thanks
I am using FortiGate 6.4.X ,Want to implement radius base authentication. I configured the Radius server and able to login through both Radius and local admin user.
Now I want prioritize the authentication method in such way .
like default authentication will be using Radius base and if radius fail it will allow local user.
Any help much appreciated
Thanks
Labels:
- Labels:
-
General
1 REPLY 1
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
https://fortinetweb.s3.amazonaws.com/docs.fortinet.com/v2/attachments/2c0e7d50-6d7a-11eb-9995-00505692583a/FortiOS-6.4.5-Administration_Guide.pdf
PAGE 1648
User Groups
A user group is a list of users.
Security policies and some VPN configurations only allow access to specified user groups.
This restricted access enforces role-based access control (RBAC) to your organization's network and resources.
Users must be in a group and that group must be part of the security policy.
In most cases, FortiOS authenticates a user by requesting their username and password.
FortiOS checks local user accounts first.
Then, if it does not find a match, FortiOS checks the RADIUS, LDAP, and TACACS+ servers that belong to the user group.
Authentication succeeds when FortiOS finds a matching username and password.
If the user belongs to multiple groups on a server, FortiOS matches those groups as well.
FortiOS does not allow username overlap between RADIUS, LDAP, and TACACS+ servers.
PAGE 1648
User Groups
A user group is a list of users.
Security policies and some VPN configurations only allow access to specified user groups.
This restricted access enforces role-based access control (RBAC) to your organization's network and resources.
Users must be in a group and that group must be part of the security policy.
In most cases, FortiOS authenticates a user by requesting their username and password.
FortiOS checks local user accounts first.
Then, if it does not find a match, FortiOS checks the RADIUS, LDAP, and TACACS+ servers that belong to the user group.
Authentication succeeds when FortiOS finds a matching username and password.
If the user belongs to multiple groups on a server, FortiOS matches those groups as well.
FortiOS does not allow username overlap between RADIUS, LDAP, and TACACS+ servers.
![](/skins/images/314F488D15A2016126B094729A0E57E8/responsive_peak/images/icon_anonymous_message.png)