help required - freerdius 3 - accounting to fortigate - user group name not received on fortigate

Eby Mani eby_km at yahoo.com
Thu Mar 9 20:06:55 UTC 2023


I've migrated from Freeradius 2.x.x to Freeradius 3.0.16 on ubuntu.

FR2 was configured to sent accounting to Fortigate firewall for RSSO Groups using "copy-acct-to-home-server" section. 

I have re-configured freeradus 3 and restored mysql db, accounting packets are being sent to fortigate. However user group is not received by fortigate.

Cant seem to find how it was done on FR2 or how to do the same in FR3.

Any hints will be helpful.

Will post debug if required.

Thanks,


1, testing from freradius server, 
echo "User-Name="wireless_admin",Framed-IP-Address="10.225.251.22",Class="PG_Support",Acct-Status-Type=Start" | radclient -q 172.16.2.254 acct test

Fortigate.
Add/Update auth logon for IP 10.225.251.22 for user wireless_admin
DB 0 insert [ep='wireless_admin' pg='PG_Support' ip='10.225.251.22/32'] success


2, Connecting from wireless result user group not received from radius server, thus no internet access

Fortigate.
Add/Update auth logon for IP 10.225.251.22 for user wireless_admin
DB 0 insert [ep='wireless_admin' pg='n/a' ip='10.225.251.22/32'] success



More information about the Freeradius-Users mailing list