Hello,
Does FortiNAC support ldap group based authentication for fortigate without using the tag for remote access vpn?. Only Radius simple authentication.
Thank you.
Regards!
Solved! Go to Solution.
Basically you can use it for base authentication only but that's not flexible. You can't filter by groups (it will allow all the groups), you can't return groups to FGT since there is no possibility to create the logical networks and use additional RADIUS Attributes based on LDAP groups. Maybe it will be included in future releases of FNAC.
16:39:15.370675 IP (tos 0x0, ttl 64, id 43632, offset 0, flags [none], proto UDP (17), length 48)
10.0.0.5.1812 > 10.0.0.1.18613: RADIUS, length: 20
Access-Accept (2), id: 0x07, Authenticator: c60da80578dac9444425d6257533feb0
The only way that FNAC controls VPN users is via SSO tags.
Fort Authenticator can be useful in this case if no enforcement is needed.
Hi,
If I get it right, you want to use FNAC to do RADIUS authentication only without checking any enforcement just to respond to authentication with a user group as RADIUS attribute (Fortinet-Group-Name)?
@ebilcari To check the authentication user/password against specific AD user or AD group only no further checks (No scan etc...)
Basically you can use it for base authentication only but that's not flexible. You can't filter by groups (it will allow all the groups), you can't return groups to FGT since there is no possibility to create the logical networks and use additional RADIUS Attributes based on LDAP groups. Maybe it will be included in future releases of FNAC.
16:39:15.370675 IP (tos 0x0, ttl 64, id 43632, offset 0, flags [none], proto UDP (17), length 48)
10.0.0.5.1812 > 10.0.0.1.18613: RADIUS, length: 20
Access-Accept (2), id: 0x07, Authenticator: c60da80578dac9444425d6257533feb0
The only way that FNAC controls VPN users is via SSO tags.
Fort Authenticator can be useful in this case if no enforcement is needed.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1849 | |
1133 | |
769 | |
447 | |
262 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.