Hi all,
I'm trying to get RADIUS accounting packets from a Windows Server NPS (RADIUS) to be forwarded to a Fortinet FSSO Collector, but I'm stuck.
Here's my setup:
NPS is authenticating 802.1X Wi-Fi logins using PEAP/EAP-MSCHAPv2.
Accounting forwarding is enabled in the Connection Request Policy (CRP) – the option “Forward accounting requests to this remote RADIUS server group” is checked.
The Remote RADIUS Server Group points to the FSSO Collector (IP: 10.81.0.36, port: 1813, shared secret OK).
In the FSSO collector itself, RADIUS accounting is enabled, listens on 1813, and matches the shared secret.
Wireshark confirms that UDP packets on port 1813 are never sent.
Every time a user authenticates, NPS logs this in Event Viewer with:pgsqlKopírovaťUpraviťLogging Results: Accounting information was written to the local log file.
What I’ve tried so far:
Recreated the CRP from scratch with minimal conditions (NAS port type only).
Made sure CRP is at the top of the policy list and is being hit (confirmed via Event Viewer: Connection Request Policy Name: TEST-FSSO).
Verified that the Remote RADIUS Server Group has the collector defined with the correct IP, port, and secret.
Checked that the “Forward network access server start and stop notifications to this server” option is enabled in the server properties.
Restarted the IAS service and verified every change step-by-step.
Still, no accounting packets are being sent to FSSO – NPS always falls back to local log files.
I understand that NPS only generates and forwards accounting when the CRP handles authentication on the local server. But in my case, NPS does perform authentication, and I have no proxy or upstream RADIUS involved.
Is there something I’m missing? Could global accounting settings or a hidden conflict with log file configuration be causing this fallback behavior?
Hi ,
Have you enabled radius accounting server in FortiGate?
You can check Following KBs for cross check your configuration:
Configure Fortinet Single Sign On (FSSO) ... - Fortinet Community
Kind regards
Hi,
Have you managed to get that working?
I have the exact same problem.
User | Count |
---|---|
2539 | |
1352 | |
795 | |
642 | |
455 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.