Specify authentication method for RADIUS/TACACS+ Admin users
On the SG firewall, an admin could create a user and specify which method of remote authentication would be used. This is not possible on the XG. As a result, a new admin must first authenticate on the User Portal, then an existing admin can change that newly created user to an admin. This is an unnecessary step that could be improved by allowing admins to specify which remote authentication method should be used per user.
I feel with you. It's a huge pain.
I'm currently deploying 70 XG firewalls and we heavily rely on tacacs and ldap auth.
Fun fact: this already works on SFM, so there is code base around, they only need to port this over to XG.
I described this in detail here: