Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
yeowkm99
Contributor

Change VPN users

i have some local VPN users in my fortigate firewall.

We need to change them to radius authentication, is there any way to change in CLI instead of re-creating them in GUI ?

 

edit "user"
set type password
set two-factor fortitoken
set fortitoken "FTKM9E3E"
set email-to "email-address"
set passwd-time 2021-09-21 11:18:52
set passwd ENC password 

1 Solution
Debbie_FTNT
Staff
Staff

Hi :).

You could make the following changes:

1. Add a RADIUS server to your FortiGate under Users & Authentication > RADIUS Server

2. Change your users to type radius:

#config user local
#edit <user>

#set type radius

#set radius <radius server>

#next

That way credentials would be checked against RADIUS, but everything else (token, group memberships, applicable policies etc) would be on the FortiGate.

 

Hope that helps!

+++ Divide by Cucumber Error. Please Reinstall Universe and Reboot +++

View solution in original post

3 REPLIES 3
Debbie_FTNT
Staff
Staff

Hi :).

You could make the following changes:

1. Add a RADIUS server to your FortiGate under Users & Authentication > RADIUS Server

2. Change your users to type radius:

#config user local
#edit <user>

#set type radius

#set radius <radius server>

#next

That way credentials would be checked against RADIUS, but everything else (token, group memberships, applicable policies etc) would be on the FortiGate.

 

Hope that helps!

+++ Divide by Cucumber Error. Please Reinstall Universe and Reboot +++
yeowkm99

will try that out.

we already have a radius server in our network.

Debbie_FTNT

Great, let me know how it goes :).

+++ Divide by Cucumber Error. Please Reinstall Universe and Reboot +++
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors