FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
This article describes the RSSO error message logdesc='RADIUS accounting profile not found' reason='Missing profile name' in the User Events log.
Scope
RSSO in FortiGate and FortiProxy.
Solution
'Missing Profile Name' means FortiGate/FortiProxy does not receive the RADIUS Attribute Value.
This RADIUS Attribute Value by default is the 'Class' attribute.
The FortiGate/FortiProxy uses the content of this attribute in RADIUS accounting start messages to map a user to a FortiGate group, which then can be used in firewall policies.
RADIUS Attribute Value can be set to the other value by:
config user radius
edit "Local RSSO Agent"
set sso-attribute <attribute>
next
end
Example.
A Cisco 9800 Wireless Controller cannot send a Class attribute, so 'NAS-Identifier' is used instead of a Class attribute.
config user radius
set rsso enable
set rsso-radius-response enable set rsso-validate-request-secret enable set rsso-secret <secret> set rsso-endpoint-attribute User-Name set sso-attribute NAS-Identifier
