Version:

Version:


Table of Contents

Admin Guide (FGT-Managed)

Download PDF
Copy Link

Allowaccess for FortiExtender management

The allowaccess configuration controls the types of traffic that the FortiExtender uplink interface is allowed to send to the FortiGate. There are six options that you can configure as needed:

  • Ping

  • Telnet

  • HTTP

  • HTTPS

  • SSH

  • SNMP

  config extender-controller extender-profile
      edit "FX201E-lanext-default"
          set allowaccess ping telnet http https ssh snmp
      next
  end

Each FortiExtender associated with this profile has the same allowaccess settings specified in the profile. However, it can also be overridden per device. For example, the following FortiExtender will use the allowaccess specified in the extender entry instead of the one specified in the profile, "FX201E-lanext-default".

  config extender-controller extender
      edit "FX0015919000027"
          set id "FX201E5919000027"
          set authorized enable
          set extension-type lan-extension
          set override-allowaccess enable
          set allowaccess ping telnet
          set profile "FX201E-lanext-default"
      next
  end

Allowaccess for FortiExtender management

The allowaccess configuration controls the types of traffic that the FortiExtender uplink interface is allowed to send to the FortiGate. There are six options that you can configure as needed:

  • Ping

  • Telnet

  • HTTP

  • HTTPS

  • SSH

  • SNMP

  config extender-controller extender-profile
      edit "FX201E-lanext-default"
          set allowaccess ping telnet http https ssh snmp
      next
  end

Each FortiExtender associated with this profile has the same allowaccess settings specified in the profile. However, it can also be overridden per device. For example, the following FortiExtender will use the allowaccess specified in the extender entry instead of the one specified in the profile, "FX201E-lanext-default".

  config extender-controller extender
      edit "FX0015919000027"
          set id "FX201E5919000027"
          set authorized enable
          set extension-type lan-extension
          set override-allowaccess enable
          set allowaccess ping telnet
          set profile "FX201E-lanext-default"
      next
  end