I have integrated my fortigate with the Radius server and working fine,but parallely my local authentication is also working,how shall i set my radius authetication as primary and local as secondary.
Solved! Go to Solution.
After entering the below commands i can be able to set the Radius as primary authentication and while the radius is enabled the local user credentials are not working as i want and so in the absence of radius server my local user credentials are usable.
config system global
set admin-restrict-local disable
set admin-restrict-local enable
end
Adding below article explaining the details for the benefit of other users who may hit this.
Hi @Sivasakthi
By default FGT will check for every request ,local database first if the user is not found there, then whichever server reply first Radius,Ldap it will proceed further to authenticate users. Probably you could use Realms on SSLVPN setting ,this need to be enabled on Feature visibilities.
Please check the below documentation which explain in detail authentication process .
I think the best approach will be to keep just 1 or 2 local admin accounts and remaining users to use remote login.
or you can configure all accounts as remote/radius and while configuring radius user itself it will ask to specify backup password to use in case radius is not reachable.
After entering the below commands i can be able to set the Radius as primary authentication and while the radius is enabled the local user credentials are not working as i want and so in the absence of radius server my local user credentials are usable.
config system global
set admin-restrict-local disable
set admin-restrict-local enable
end
Adding below article explaining the details for the benefit of other users who may hit this.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1737 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.