I recently encountered a strange case where RADIUS authentication on a FortiGate cluster was failing on the secondary node. The cluster uses multiple VDOMs configured in a vcluster, and each FortiGate has its own out-of-band management IP. Authentication had been working fine previously.

On the secondary FortiGate, I enabled debugging to see if authentication requests were reaching the firewall:

diagnose debug console timestamp enable
diagnose debug application fnbamd -1
diagnose debug application radiusd -1
diagnose debug enable

Surprisingly, no output was generated, and no requests were arriving at the RADIUS server. The issue was likely with the fnbamd daemon, which handles remote authentication. First, find the process ID:

diagnose sys process pidof fnbamd

The process ID is printed on screen. Then, restart the process using:

diagnose sys kill 11 <process id>

After restarting fnbamd, RADIUS authentication started working again. Don’t forget to disable debugging:

diagnose debug disable

The following two tabs change content below.

• Bio
• Latest Posts

René Jorissen

Co-owner and Solution Architect at QMonkeys

René Jorissen works as Solution Architect for QMonkeys in the Netherlands. Network Infrastructures are the primary focus. René works with equipment of multiple vendors, like HPE Networks, FortiNet, SentinelOne, Phished, Holm Security, Microsoft services and many more. René is Aruba Certified Edge Expert (ACEX #26), Aruba Certified Mobility Expert (ACMX #438), Aruba Certified ClearPass Expert (ACCX #725), Aruba Certified Design Expert (ACDX #760), CCNP R&S, FCNSP and Certified Ethical Hacker (CEF) certified. You can follow René on Twitter and LinkedIn.

Latest posts by René Jorissen (see all)

• Uninstalling the HPE Axis Connector on Ubuntu - December 17, 2025
• Troubleshooting: FortiGate and RADIUS - December 12, 2025
• MacOS Big Sur and SSLKEYFILELOG - November 23, 2021