Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
mclut
New Contributor

Fortimanager fortianalzyer mulitple groups RADIUS?

Longer story short. Looking to setup additional group access in these for read access etc etc.(Using existing RADIUS setup that gates and other network devices are using)
Group claims are not being seen on the FAC by these two platforms.
On gates you can assign a user group and then add the group attribute on the gate. On the manager etc there are no groups set themselves... Rather setting up of remote users. When adding multiple RADIUS policies to the FAC for these devices it basically errors out and doesn't select any group, rather the first group within the FAC.
 
Thanks
1 Solution
mclut
New Contributor

Correct.

Currently as it stands the authenticator will only evaluate the top most policy from the analyzer or manager even if the RADIUS user has a set group attribute string set within them.

 

Edit found the solution. Issue was with multiple policies with same devices within each policy.

 

View solution in original post

2 REPLIES 2
Markus_M
Staff
Staff

Hi,

 

I don't actually follow here. What are you trying to do?

If I understand correctly you want to match expected user groups to RADIUS clients to be evaluated by the FortiAuthenticator?

 

Best regards,

 

Markus

 

mclut
New Contributor

Correct.

Currently as it stands the authenticator will only evaluate the top most policy from the analyzer or manager even if the RADIUS user has a set group attribute string set within them.

 

Edit found the solution. Issue was with multiple policies with same devices within each policy.

 

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors