Description
This article shows that no remote client IP is logged on after TACACS setup.
Scope
FortiGate.
Solution
It is not supported by FortiGate at this moment. From the packet capture sent from the FortiGate to the TACACS+ server:
Frame 12: 94 bytes on wire (752 bits), 94 bytes captured (752 bits)
Ethernet II, Src: Vmware_d0:7f:95 (00:0c:29:d0:7f:95), Dst: 00:00:00_00:00:00 (00:00:00:00:00:00)
Internet Protocol Version 4, Src: 192.168.22.11, Dst: 192.168.22.2
Transmission Control Protocol, Src Port: 1318, Dst Port: 49, Seq: 2523944414, Ack: 2423361250, Len: 28
TACACS+
Major version: TACACS+
Minor version: 1
Type: Authentication (1)
Sequence number: 1
Flags: 0x00 (Encrypted payload, Multiple Connections)
Session ID: 3941839932
Packet length: 16
Encrypted Request
Decrypted Request
Action: Inbound Login (1)
Privilege Level: 0
Authentication type: PAP (2)
Service: Login (1)
User len: 4
User: test
Port len: 0
Remaddr len: 0
Password Length: 4
Password: test
There is no remote client IP included in the packet.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.