Friday, June 10, 2016

FAZ user type group version type tacacs and issues

I ran into a strange issue. When setting up a VM fortinalyzer for redundant TacPlus we are deployed the user group

i.e (

config system admin group
    edit "tacplusgroups"
            set member "AAA1" "AAA2"           

And within the wildcard we specify the  group type and the group name.

        set user_type group
        set group "tacplusgroups"

        set wildcard enable
        set radius-accprofile-override enable

This works fine for SSH access but when login via webGUI the  dashboard shows no objects.

e.g ( a broken FAZ )

      We are running 5.4.0 b1019

We had to revert back to  user type tac_plus to get our  dashboard populated. Time for a FTNT support case.

NSE ( network security expert) and Route/Switching Engineer
kfelix  -----a----t---- socpuppets ---dot---com

     ^      ^
=(  @  @ )=
        /  \

No comments:

Post a Comment