Hi,
straight to the point. Network device which is using TACACS+ for authentication is Fortigate. I have a local user in Fortigate which is configured as a remote user. So Fortigate tries to authenticate it against TACACS.
My problem is how can I deny that local user to login into Fortigate? Fortigate is correctly configured because with other TACACS+ product I'm not able to login to Fortigate.
All I want to do: when connection between Fortigate and Clearpass is up, local user is denied by Clearpass. When connection down, local user is able to connect. With other TACACs product this is working.
I can see ffrom the Clearpass Access Tracker that it denies the local user login, but I'm still able to login to Fortigate.
Can anyone help me please?