help required - freerdius 3 - accounting to fortigate - user group name not received on fortigate
Eby Mani
eby_km at yahoo.com
Thu Mar 9 20:06:55 UTC 2023
I've migrated from Freeradius 2.x.x to Freeradius 3.0.16 on ubuntu.
FR2 was configured to sent accounting to Fortigate firewall for RSSO Groups using "copy-acct-to-home-server" section.
I have re-configured freeradus 3 and restored mysql db, accounting packets are being sent to fortigate. However user group is not received by fortigate.
Cant seem to find how it was done on FR2 or how to do the same in FR3.
Any hints will be helpful.
Will post debug if required.
Thanks,
1, testing from freradius server,
echo "User-Name="wireless_admin",Framed-IP-Address="10.225.251.22",Class="PG_Support",Acct-Status-Type=Start" | radclient -q 172.16.2.254 acct test
Fortigate.
Add/Update auth logon for IP 10.225.251.22 for user wireless_admin
DB 0 insert [ep='wireless_admin' pg='PG_Support' ip='10.225.251.22/32'] success
2, Connecting from wireless result user group not received from radius server, thus no internet access
Fortigate.
Add/Update auth logon for IP 10.225.251.22 for user wireless_admin
DB 0 insert [ep='wireless_admin' pg='n/a' ip='10.225.251.22/32'] success
More information about the Freeradius-Users
mailing list