Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
neonbit
Valued Contributor

Can you configure multiple wildcard RADIUS administrators?

I've been testing RADIUS authentication on the FAUTH and it's been working well so far with one admin group configured with RADIUS remote server and wildcards.

 

The problem is when I try to add another admin group (with different permissions) the wildcard option is disabled. It looks like you can only have one RADIUS wildcard group configured at one time.

 

Has anyone been able to configure multiple groups with wildcards (like you can on the FGT)?

1 REPLY 1
neonbit
Valued Contributor

Got a step closer but still no good. For the second admin users I've added the radius-group-match via the CLI and configured their radius group name. These users can now login but they get the same access as the wildcard RADIUS group.

 

Ex: full_admins has been configured with full access and radius with wildcard. A full_admin user logs in and has proper access.

 

If I create another group called read_admins and configure their group match to be read_admins and their profile as restricted user, they can still login but they have the full_admin access.

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors