To add a TACACS+ server:
1. Go to System Settings > Admin > Remote Auth Server.
2. Select the Create New toolbar icon, then select TACACS+ from the drop-down list. The New TACACS+ Server window opens.
New TACACS+ server dialog box

Configure the following information:
Name Type a name to identify the TACACS+ server.
Server Name/IP Type the IP address or fully qualified domain name of the TACACS+ server.
Port Type the port for TACACS+ traffic. The default port is 389.
Server Key Type the key to access the TACACS+ server. The server key can be a maximum of 16 characters in length.
Auth-Type Select the authentication type the TACACS+ server requires. The default setting of auto has the FortiManager unit try all the authentication types. Select one of: auto, ASCII, PAP, CHAP, or MSCHAP.
Select OK to save the new TACACS+ server entry.
Manage remote authentication servers
Remote authentication servers can be modified and deleted as required.
To modify an existing server configuration:
1. Go to System Settings > Admin > Remote Auth Server.
2. In the Name column, select the name of the server configuration you want to change. The appropriate edit dialog box will appear for the type of server selected.
3. Modify the settings as required and select OK to apply your changes.
To delete an existing server configuration:
1. Go to System Settings > Admin > Remote Auth Server.
2. Select the check box beside the server configuration you want to delete and then select the Delete toolbar icon.
3. Select OK in the confirmation dialog box to delete the server entry.