config system admin tacacs
edit "tacacs-server"
set authorization enable
set key <key define on the tacacs server ----> FortiManager will encrypt this key
set server "x.x.x.x" ----> IP address of the TACACS+ server
next
end
config system admin user
edit "remote-admins"
set profileid "Super_User"
set adom "<ADOM>" ----> Select an ADOM or use "all_adoms" option
set policy-package "all_policy_packages"
set user_type tacacs-plus ----> Password verified by the TACACS+ server, not the FortiManager
set tacacs-plus-server "tacacs-server" ----> Enter the TACACS+ server name
config meta-data
edit "Contact Email"
next
edit "Contact Phone"
next
end
set wildcard enable
end
end
FM # dia sniffer packet port1 'tcp and port 49' 3
interfaces=[port1]
filters=[tcp and port 49]
25.269768 port1 -- 172.31.17.17.57231 -> 172.31.19.1.49: syn 2298123345
25.270497 port1 -- 172.31.19.1.49 -> 172.31.17.17.57231: syn 3830224974 ack 2298123346
25.270528 port1 -- 172.31.17.17.57231 -> 172.31.19.1.49: ack 3830224975
25.270652 port1 -- 172.31.17.17.57231 -> 172.31.19.1.49: psh 2298123346 ack 3830224975
--------> encrypted request to authentication - user name sent
25.271419 port1 -- 172.31.19.1.49 -> 172.31.17.17.57231: ack 2298123382
25.352934 port1 -- 172.31.19.1.49 -> 172.31.17.17.57231: psh 3830224975 ack 2298123382
--------> encrypted reply for authentication - user accepted
25.352981 port1 -- 172.31.17.17.57231 -> 172.31.19.1.49: ack 3830224993
25.353046 port1 -- 172.31.19.1.49 -> 172.31.17.17.57231: fin 3830224993 ack 2298123382
25.353252 port1 -- 172.31.17.17.57231 -> 172.31.19.1.49: fin 2298123382 ack 3830224994
25.353390 port1 -- 172.31.17.17.57232 -> 172.31.19.1.49: syn 2309553841
25.354093 port1 -- 172.31.19.1.49 -> 172.31.17.17.57231: ack 2298123383
25.354114 port1 -- 172.31.19.1.49 -> 172.31.17.17.57232: syn 3204758055 ack 2309553842
25.354126 port1 -- 172.31.17.17.57232 -> 172.31.19.1.49: ack 3204758056
25.354246 port1 -- 172.31.17.17.57232 -> 172.31.19.1.49: psh 2309553842 ack 3204758056
--------> encrypted request to authentication - password name sent
25.357630 port1 -- 172.31.19.1.49 -> 172.31.17.17.57232: ack 2309553916
25.377588 port1 -- 172.31.19.1.49 -> 172.31.17.17.57232: psh 3204758056 ack 2309553916
--------> encrypted request to authentication - password accepted
Related Articles
Technical Note : Using LDAP for Admin Access and Authorization - "wildcard" admin accounts
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.