Fortinet black logo

Admin Guide (FGT-Managed)

Home FortiExtender 7.0.1 Admin Guide (FGT-Managed)

Support for Device password and HTTP/Telnet in Extender-controller

7.0.1
7.4.1
7.4.0
7.2.5
7.2.0
7.0.3
7.0.2
7.0.1
Copy Link
Copy Doc ID 15a69e94-fb2c-11eb-8f3f-00505692583a:92368
Download PDF

Support for Device password and HTTP/Telnet in Extender-controller

This feature enables you to configure the admin password of your FortiExtender from FortiGate. You can also configure allowaccess of the ingress interface from FortiGate so that FortiGate can manage the FortiExtender based on the protocol specified in allowaccess.

For FortiExtenders configured as WAN extension in FortiGate, the ingress interface is the one specified in "ingress-intf" under "config system management fortigate". In the following example, the allowaccess of the "lan" interface will be changed as the configuration from FortiGate. The value of "ingress-intf" will be automatically filled by the system when FortiExtender is managed by FortiGate. It cannot be edited or unset.

 FX201E5919000027 # config system management fortigate
     FX201E5919000027 (fortigate) # show
     config system management fortigate
         set ac-discovery-type broadcast
         set ac-ctl-port 5246
         set ac-data-port 25246
         set discovery-intf lan
         set ingress-intf lan <=== The value cannot be edited and unset
     end

For FortiExtenders configured as LAN extension in FortiGate, the ingress interface is "le-switch", whose allowaccess will be changed as the configuration from FortiGate. In the following example, the "le-switch" is a predefined switch interface which will be automatically generated by the system when FortiExtender is managed by FortiGate. The entry "le-switch" under "config system switch-interface" is read-only and cannot be edited or deleted.

config system switch-interface

edit le-switch <=== The entry cannot be edited or deleted

set members le-agg-link lan

set stp disable

next

end

Previous
Next

Support for Device password and HTTP/Telnet in Extender-controller

This feature enables you to configure the admin password of your FortiExtender from FortiGate. You can also configure allowaccess of the ingress interface from FortiGate so that FortiGate can manage the FortiExtender based on the protocol specified in allowaccess.

For FortiExtenders configured as WAN extension in FortiGate, the ingress interface is the one specified in "ingress-intf" under "config system management fortigate". In the following example, the allowaccess of the "lan" interface will be changed as the configuration from FortiGate. The value of "ingress-intf" will be automatically filled by the system when FortiExtender is managed by FortiGate. It cannot be edited or unset.

 FX201E5919000027 # config system management fortigate
     FX201E5919000027 (fortigate) # show
     config system management fortigate
         set ac-discovery-type broadcast
         set ac-ctl-port 5246
         set ac-data-port 25246
         set discovery-intf lan
         set ingress-intf lan <=== The value cannot be edited and unset
     end

For FortiExtenders configured as LAN extension in FortiGate, the ingress interface is "le-switch", whose allowaccess will be changed as the configuration from FortiGate. In the following example, the "le-switch" is a predefined switch interface which will be automatically generated by the system when FortiExtender is managed by FortiGate. The entry "le-switch" under "config system switch-interface" is read-only and cannot be edited or deleted.

config system switch-interface

edit le-switch <=== The entry cannot be edited or deleted

set members le-agg-link lan

set stp disable

next

end

Previous
Next