I have a FortiGate and I can connect it to Windows NPS radius, and the simple user test works (under User&Auth>>Radius Servers ...).
I then proceed to setup admin logins to the FortiGate, using AD accounts via Radius, and that works.
I then setup FortiGate SSLVPN login, and instruct it to use AD accounts via Radius, and it doesn't work.
But ... when I shift the SSLVPN Network Policy above the Web Admin Login policy, then logging into SSLVPN works, but logging into Fortigate website as an admin does not work.
Upon further investigation, i notice that the Fortigate passes to the radius server the following unique values during the login process:
For Web Login: AVP: t=Connect-Info(77) l=13 val=admin-login For SSLVPN Login: AVP: t=Connect-Info(77) l=9 val=vpn-ssl
Question: How can I get Windows Radius to use these outputs to select the correct Network Policy to use?