i have some local VPN users in my fortigate firewall.
We need to change them to radius authentication, is there any way to change in CLI instead of re-creating them in GUI ?
edit "user"set type passwordset two-factor fortitokenset fortitoken "FTKM9E3E"set email-to "email-address"set passwd-time 2021-09-21 11:18:52set passwd ENC password
Go to Solution.
You could make the following changes:
1. Add a RADIUS server to your FortiGate under Users & Authentication > RADIUS Server
2. Change your users to type radius:
#config user local#edit <user>
#set type radius
#set radius <radius server>
That way credentials would be checked against RADIUS, but everything else (token, group memberships, applicable policies etc) would be on the FortiGate.
Hope that helps!
View solution in original post
will try that out.
we already have a radius server in our network.
Great, let me know how it goes :).
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2023 Fortinet, Inc. All Rights Reserved.