Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • Admin Guide (FGT-Managed)

    Home FortiExtender 7.6.0 Admin Guide (FGT-Managed)
    7.6.0
    7.6.1
    7.6.0
    7.4.4
    7.4.1
    7.4.0
    7.2.5
    7.2.0
    7.0.3
    7.0.2
    7.0.1

    Support for device password and allowed protocols for FortiExtender in FortiGate.

    Support for device password and allowed protocols for FortiExtender in FortiGate.

    This feature enables you to configure FortiExtender admin password from FortiGate. You can also configure allowaccess of the ingress interface from the FortiGate so that the FortiGate can manage the FortiExtender based on the protocol specified in allowaccess.

    For FortiExtenders configured as WAN extension in FortiGate, the ingress interface is the one specified in "ingress-intf" under "config system management fortigate". In the following example, the allowaccess of the "lan" interface will be changed as the configuration from the FortiGate. The value of "ingress-intf" will be automatically filled by the system when the FortiExtender is managed by the FortiGate. It cannot be edited or unset.

     FX201E5919000027 # config system management fortigate
     FX201E5919000027 (fortigate) # show
     config system management fortigate
         set ac-discovery-type broadcast
         set ac-ctl-port 5246
         set ac-data-port 25246
         set discovery-intf lan
         set ingress-intf lan <=== The value cannot be edited and unset
     end

    For a FortiExtender configured as LAN extension of a FortiGate, the ingress interface is "le-switch", whose allowaccess will be changed as the configuration from the FortiGate. In the following example, the "le-switch" is a predefined switch interface which will be automatically generated by the system when the FortiExtender is managed by the FortiGate. The entry "le-switch" under "config system switch-interface" is read-only and cannot be edited or deleted.

    config system switch-interface

    edit le-switch <=== The entry cannot be edited or deleted

    set members le-agg-link lan

    set stp disable

    next

    end

    Previous
    Next

    Support for device password and allowed protocols for FortiExtender in FortiGate.

    Support for device password and allowed protocols for FortiExtender in FortiGate.

    This feature enables you to configure FortiExtender admin password from FortiGate. You can also configure allowaccess of the ingress interface from the FortiGate so that the FortiGate can manage the FortiExtender based on the protocol specified in allowaccess.

    For FortiExtenders configured as WAN extension in FortiGate, the ingress interface is the one specified in "ingress-intf" under "config system management fortigate". In the following example, the allowaccess of the "lan" interface will be changed as the configuration from the FortiGate. The value of "ingress-intf" will be automatically filled by the system when the FortiExtender is managed by the FortiGate. It cannot be edited or unset.

     FX201E5919000027 # config system management fortigate
     FX201E5919000027 (fortigate) # show
     config system management fortigate
         set ac-discovery-type broadcast
         set ac-ctl-port 5246
         set ac-data-port 25246
         set discovery-intf lan
         set ingress-intf lan <=== The value cannot be edited and unset
     end

    For a FortiExtender configured as LAN extension of a FortiGate, the ingress interface is "le-switch", whose allowaccess will be changed as the configuration from the FortiGate. In the following example, the "le-switch" is a predefined switch interface which will be automatically generated by the system when the FortiExtender is managed by the FortiGate. The entry "le-switch" under "config system switch-interface" is read-only and cannot be edited or deleted.

    config system switch-interface

    edit le-switch <=== The entry cannot be edited or deleted

    set members le-agg-link lan

    set stp disable

    next

    end

    Previous
    Next