FAZ setup for AAA access

In this blog we look at how simple the configuration for  AAA redundant with remote-group. Here a Fortianalyzer has been setup for AAA authentication via TACACS+

The 1st step is to define the AAA components

Then we can setup a "wildcard"  account with the type as "group".

Ensure that  set radius-accprofile-override is enable if you want to override access profiles via AAA.



Now you can use the  diag cmd to validate a remote-user and the profile.

Ken
NSE ( network security expert) and Route/Switching Engineer
kfelix  -----a----t---- socpuppets ---dot---com

     ^      ^
=(  @  @ )=
         o 
        /  \