I am playing with the Radius attribute setup in FortiNAC (9.4.1) and probably missing logic behind these settings.
What I would like to achieve is a solution that FortiNAC returns to the switch a specific value of Service-Type attribute when the admin user do login to the CLI of the switch.
FortiNAC internal Radius works for this type of authentication for example with the FortiSwitch. But FSW does not need to get in the Accept message any specific attribute.
I have created a new attribute in the Radius config and assigned this attribute to the switch as its default Radius attribute but in the pcap I do not see any attribute to be sent back to the test switch in the accept message.
Could you please help me to figure out what is the correct way how to configure the new Radius attribute? FAC or MS NPS works with authentication realms that contain some kind of conditions to be used and action that should be taken. Is this anyhow similar to attribute creation in FortiNAC and how exactly works parameter %ACCESS_VALUE%? Thank you very much.