| Description |
This article provides the configuration that needs to be done on FortiGate in order to access the read-write configuration of the particular setting. In this article, the example of wifi controller configuration is taken. |
| Scope | FortiOS 7.0, 7.2, 6.4. |
| Solution |
Configure wildcard admin as below :
# config system admin edit "wifiwrite" set remote-auth enable set accprofile "wifi" set vdom "root" set wildcard enable set remote-group "testlogin" next end
In order to give read-write access for the Wifi Controller configuration while FortiGate is being managed by FortiManager following configuration change is required on access permissions on the admin profile:
# config system accprofile edit "wifi" <------admin profile set secfabgrp read set ftviewgrp read set authgrp read set sysgrp custom set netgrp read set loggrp read set fwgrp read set vpngrp read set utmgrp read set wanoptgrp read set wifi read-write
# config sysgrp-permission set admin read set upd read set cfg read-write set mnt read end next end
After making the above change, a prompt will open to log in as read/write privilege.
It is possible to make changes in Wifi controller configuration while other settings such as Firewall Policies , Security Profiles and VPN configuration only has read only access.
Note: In case your FortiGate is not managed by FortiManager, it is necessary to only make the following change on the admin profile. There is no need to change the ‘System’ field to custom and toggle the 'Configuration' tab to read/write as done above when FortiGate is managed by FortiManager.
# config system accprofile edit "wifi" set secfabgrp read set ftviewgrp read set authgrp read set sysgrp read set netgrp read set loggrp read set fwgrp read set vpngrp read set utmgrp read set wanoptgrp read set wifi read-write next end
Related article: |
