i have some local VPN users in my fortigate firewall.
We need to change them to radius authentication, is there any way to change in CLI instead of re-creating them in GUI ?
edit "user"
set type password
set two-factor fortitoken
set fortitoken "FTKM9E3E"
set email-to "email-address"
set passwd-time 2021-09-21 11:18:52
set passwd ENC password
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hi :).
You could make the following changes:
1. Add a RADIUS server to your FortiGate under Users & Authentication > RADIUS Server
2. Change your users to type radius:
#config user local
#edit <user>
#set type radius
#set radius <radius server>
#next
That way credentials would be checked against RADIUS, but everything else (token, group memberships, applicable policies etc) would be on the FortiGate.
Hope that helps!
Hi :).
You could make the following changes:
1. Add a RADIUS server to your FortiGate under Users & Authentication > RADIUS Server
2. Change your users to type radius:
#config user local
#edit <user>
#set type radius
#set radius <radius server>
#next
That way credentials would be checked against RADIUS, but everything else (token, group memberships, applicable policies etc) would be on the FortiGate.
Hope that helps!
will try that out.
we already have a radius server in our network.
Great, let me know how it goes :).
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1558 | |
1033 | |
749 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.