RSSO information for authenticated destination users in logs

FortiGate can use RSSO accounting information from authenticated RSSO users to populate destination users and groups, along with source users and groups.

RSSO user login information can be forwarded by the RADIUS server to the FortiGate that is listening for incoming RADIUS accounting start messages on the RADIUS accounting port. Accounting start messages usually contain the IP address, user name, and user group information. FortiGate uses this information in traffic logs, which include dstuser and dstgroup fields for user and group destination information .

For instructions on configuring RSSO, see RADIUS single sign-on agent.

The three following scenarios show traffic between pc1 and the internet, and pc1 and pc2.

Scenario 1

In this scenario, RSSO user test2 in group rsso-grp1 is authenticated on pc1. Tra