Hi,
I have a problem where TACACS+ authentication is failing from fortigate FW. On Fortigate I have configured TACACS+ server and if it is using is authentication methods ms-chap or chap, Clearpass show following error in Access Tracker:
"Tacacs server User 'test01' not present in DCN-xxxxxAD(xxxxad.xxx.local).
Failed to authenticate user=test01
However, if I use PAP in authentication method, everything works.
Funny here is, that user which Im using is NOT "test01". There is nothing named "test01" in Fortigates configuration. So why Clearpass tries authenticate user "test01" when using mschap or chap and when using pap Clearpass shows correct user?
If Im correct, pap isn't very secure method, so that is why I would want use mschap.
Thank you for your help!