TACACS+
Terminal Access Controller Access-Control System (TACACS) is a remote authentication protocol that provides access control for routers, network access servers, and other networked computing devices via one or more centralized servers. TACACS allows a client to accept a user name and password and send a query to a TACACS authentication server. The server host determines whether to accept or deny the request and sends a response back that allows or denies network access to the user. The default TCP port for a TACACS server is 49.
For more information about TACACS servers, see the FortiGate documentation.
To add a TACACS+ server:
1. Go to System Settings > Admin > Remote Auth Server.
2. Select the Create New toolbar icon, then select TACACS+ from the drop-down list.
The New TACACS+ Server window opens.
3. Configure the following information:
Name | Enter a name to identify the TACACS+ server. |
Server Name/IP | Enter the IP address or fully qualified domain name of the TACACS+ server. |
Port | Enter the port for TACACS+ traffic. The default port is 389. |
Server Key | Enter the key to access the TACACS+ server. The server key can be a maximum of 16 characters in length. |
Auth-Type | Enter the authentication type the TACACS+ server requires. The default setting of auto has the FortiManager unit try all the authentication types. Select one of: auto, ASCII, PAP, CHAP, or MSCHAP. |
4. Select OK to save the new TACACS+ server entry.