Fortinet FortiGate v3.0 MR7 User Manual

FortiOS v3.0 MR7 User Authentication User Guide

26

01-30007-0347-20080828

TACACS+ servers

Authentication servers

Figure 6: TACACS+ server configuration

To configure the FortiGate unit for TACACS+ authentication - CLI

config user tacacs+

edit

set auth-type {ascii | auto | chap | ms_chap | pap}

set key

set tacacs+-port

set server

end

To remove a TACACS+ server from the FortiGate unit configuration -
web-based manager

1

Go to User > TACACS+.

2

Select the Delete icon beside the name of the TACACS+ server that you want to
remove.

3

Select OK.

Figure 7: Delete TACACS+ server

Name

Enter the name of the TACACS+ server.

Server Name/IP

Enter the server domain name or IP address of the TACACS+
server.

Server Key

Enter the key to access the TACACS+ server.

Authentication Type

Select the authentication type to use for the TACACS+ server.
Selection includes: Auto, ASCII, PAP, CHAP, and MSCHAP. Auto
authenticates using PAP, MSCHAP, and CHAP (in that order).

Note: You cannot remove a TACACS+ server that belongs to a user group. Remove it from
the user group first.

Create New

Add a new TACACS+ server. The maximum number is 10.

Server

The server domain name or IP address of the TACACS+ server.

Delete

Edit