config user nac-policy
Configure NAC policy matching pattern to identify matching NAC devices.
config user nac-policy Description: Configure NAC policy matching pattern to identify matching NAC devices. edit <name> set category [device|firewall-user|...] set description {string} set ems-tag {string} set family {string} set host {string} set hw-vendor {string} set hw-version {string} set mac {string} set os {string} set src {string} set status [enable|disable] set sw-version {string} set switch-auto-auth [global|disable|...] set switch-fortilink {string} set switch-mac-policy {string} set switch-port-policy {string} set switch-scope <switch-id1>, <switch-id2>, ... set type {string} set user {string} set user-group {string} next end
config user nac-policy
Parameter |
Description |
Type |
Size |
Default |
||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|
category |
Category of NAC policy. |
option |
- |
device |
||||||||
|
|
|||||||||||
description |
Description for the NAC policy matching pattern. |
string |
Maximum length: 63 |
|
||||||||
ems-tag |
NAC policy matching EMS tag. |
string |
Maximum length: 79 |
|
||||||||
family |
NAC policy matching family. |
string |
Maximum length: 31 |
|
||||||||
host |
NAC policy matching host. |
string |
Maximum length: 64 |
|
||||||||
hw-vendor |
NAC policy matching hardware vendor. |
string |
Maximum length: 15 |
|
||||||||
hw-version |
NAC policy matching hardware version. |
string |
Maximum length: 15 |
|
||||||||
mac |
NAC policy matching MAC address. |
string |
Maximum length: 17 |
|
||||||||
name |
NAC policy name. |
string |
Maximum length: 63 |
|
||||||||
os |
NAC policy matching operating system. |
string |
Maximum length: 31 |
|
||||||||
src |
NAC policy matching source. |
string |
Maximum length: 15 |
|
||||||||
status |
Enable/disable NAC policy. |
option |
- |
enable |
||||||||
|
|
|||||||||||
sw-version |
NAC policy matching software version. |
string |
Maximum length: 15 |
|
||||||||
switch-auto-auth * |
NAC device auto authorization when discovered and nac-policy matched. |
option |
- |
global |
||||||||
|
|
|||||||||||
switch-fortilink * |
FortiLink interface for which this NAC policy belongs to. |
string |
Maximum length: 15 |
|
||||||||
switch-mac-policy * |
switch-mac-policy to be applied on the matched NAC policy. |
string |
Maximum length: 63 |
|
||||||||
switch-port-policy * |
switch-port-policy to be applied on the matched NAC policy. |
string |
Maximum length: 63 |
|
||||||||
switch-scope |
List of managed FortiSwitches on which NAC policy can be applied. Managed FortiSwitch name from available options. |
string |
Maximum length: 79 |
|
||||||||
type |
NAC policy matching type. |
string |
Maximum length: 15 |
|
||||||||
user |
NAC policy matching user. |
string |
Maximum length: 64 |
|
||||||||
user-group |
NAC policy matching user group. |
string |
Maximum length: 35 |
|
* This parameter may not exist in some models.