TACACS
This chapter contains information on using TACACS authetication with your FortiSwitch unit.
Administrative Accounts
Administrative, or admin, accounts allow access to various aspects of the FortiSwitch configuration. The level of
access is determined by the access profile used in the admin account.
Configuring an Access Profile for Admin Accounts
Using the web-based manager:
1.
Go to System > Admin > Admin Profile and select Create New.
2. Give the profile an appropriate name.
3.
Set Access Control as desired, choosing between None, Read Only, or Read-Write.
4.
Select OK.
Using the CLI:
config system accprofile
edit <name>
set admingrp {none | read | read-write}
set loggrp {none | read | read-write}
set netgrp {none | read | read-write}
set routegrp {none | read | read-write}
set sysgrp {none | read | read-write}
end
end
Configuring a TACACS Admin Account
Using the web-based manager:
1.
Go to System > Admin > Administrators and select Create New.
2. Give the administrator account an appropriate name.
3.
Set Type as Remote.
4.
Set User Group to a group for remote users.
5.
Enable Wildcard.
6.
Set Admin Profile to use the new profile.
7.
Select OK.
51 FortiSwitchOS-3.2.0
