Quick & Dirty Fortigate Tacacs Config

Mostly for my benefit, but below is an example config for adding a Tacacs server to a Fortigate to manage centralised admin authentication. Areas with [ ] will need you to replace with your own server specifics.
config user tacacs+
     edit My-Tacacs-Server
     set server [IP_ADDRESS]
     set key [PASSWORD]
     next
end
config user group
     edit My-Tacacs-Group
     set group-type firewall
     set member My-Tacacs-Server
     next
end
config system admin
     edit My-Tacacs-User
     set remote-auth enable
     set accprofile super_admin
     set vdom root
     set wildcard enable
     set remote-group My-Tacacs-Group
     next
end
This config is provided with no guarantee that it will work in your environment and I accept no responsibility for poor security on your part.
About Will Curtis 10 Articles
Network Engineer, Productivity Geek, Pretend Photographer & Lego Fanatic. Even heroes have a day job! Networks & telecom engineer with 16 years experience in the IT/Comms industry. Passionate about productivity and GTD methodologies. Amateur [Photo|Video]grapher & dreamer. Apple fan. Dad.

2 Comments

  1. Thanks for the quick, clear, and concise post! I was having issues with this in the GUI, and attacking it from CLI did the trick.

Leave a Reply

Your email address will not be published.


*