FortiNAC not able to use local user account database in local RADIUS mode
I'm checking the possibility of local RADIUS using local user accounts(the ones created on FortiNAC) for authenticating user in Wireless 802.1x setup. As per my observation, it takes the LDAP user database by default.
Is there any configuration that needs to be done for this to work?
For local authentication in FortiNAC you should use an authentication policy using local configuration: Policy & Objects>Authentication>>Configuration: Select authentication method and in the dropdown menu select "local" Create a policy using this configuration and make sure you host matches the User&Host profile for this policy.
If this helps to get it working as you need, thumbs up are welcome :)
I'm aware of the Authentication policy and the same has been configured. But with regards to Wireless, how do we authenticate users using FortiNAC's local database instead of LDAP in Local RADIUS setup? Under the RADIUS service logs I see a RADIUS-Reject since it's referring to the LDAP instead of Local database.
As per my understanding, the policy engine is triggered only if a host record is created in FortiNAC but in my case the user doesn't even get connected to the SSID since the RADIUS authentication itself is failing with local credentials.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.