Fortinet black logo

New Features

Home FortiGate / FortiOS 7.0.0 New Features

Support hardware vendor matching in dynamic port policies 7.0.4

7.0.0
7.4.0
7.2.0
7.0.0
6.4.0
6.2.0
Copy Link
Copy Doc ID 4f6cd3c1-22cb-11eb-96b9-00505692583a:980542
Download PDF

Support hardware vendor matching in dynamic port policies 7.0.4

When you define the dynamic port policy rules for a dynamic port policy, you can now specify that a rule matches a specific hardware vendor before the switch controller changes the portʼs properties.

To create a dynamic port policy rule that matches a specific hardware vendor in the GUI:

  1. On the Dynamic Port Policies page, select the dynamic port policy that you want to add dynamic port policy rules to.

  2. Click Edit.

  3. Click Create New.

  4. In the Name field, enter a name for the dynamic port policy rule.

  5. Make certain that the status is set to Enabled.

  6. In the Description field, enter a description of the dynamic port policy rule.

  7. Enable Hardware vendor and enter the name of the hardware vendor to match in the Hardware vendor field.

  8. If you want to assign an LLDP profile to the device that matches the specified criteria, enable LLDP profile and select the LLDP profile.

  9. If you want to assign a QoS policy to the device that matches the specified criteria, enable QoS policy and select the QoS policy.

  10. If you want to assign an 802.1x policy to the device that matches the specified criteria, enable 802.1X policy and select the 802.1x policy.

  11. If you want to assign a VLAN policy to the device that matches the specified criteria, enable VLAN policy and select the VLAN policy.

  12. Click OK.

To create a dynamic port policy rule that matches a specific hardware vendor in the CLI:

config switch-controller dynamic-port-policy

edit <dynamic_port_policy_name>

set description <string>

set fortilink <FortiLink_interface_name>

config policy

edit <policy_name>

set description <string>

set status {enable | disable}

set hw-vendor <hardware_vendor>

set lldp-profile <LLDP_profile_name>

set qos-policy <QoS_policy_name>

set 802-1x <802.1x_policy_name>

set vlan-policy <VLAN_policy_name>

set bounce-port-link {disable | enable}

next

end

next

end

For example:

config switch-controller dynamic-port-policy

edit DPP1

set description "Policy for VMware devices"

set fortilink "flink"

config policy

edit policy1

set description "Rule applies only to VMware devices"

set status enable

set hw-vendor "VMware"

set lldp-profile "LLDPprofile1"

set bounce-port-link enable

next

end

next

end

Previous
Next

Support hardware vendor matching in dynamic port policies 7.0.4

When you define the dynamic port policy rules for a dynamic port policy, you can now specify that a rule matches a specific hardware vendor before the switch controller changes the portʼs properties.

To create a dynamic port policy rule that matches a specific hardware vendor in the GUI:

  1. On the Dynamic Port Policies page, select the dynamic port policy that you want to add dynamic port policy rules to.

  2. Click Edit.

  3. Click Create New.

  4. In the Name field, enter a name for the dynamic port policy rule.

  5. Make certain that the status is set to Enabled.

  6. In the Description field, enter a description of the dynamic port policy rule.

  7. Enable Hardware vendor and enter the name of the hardware vendor to match in the Hardware vendor field.

  8. If you want to assign an LLDP profile to the device that matches the specified criteria, enable LLDP profile and select the LLDP profile.

  9. If you want to assign a QoS policy to the device that matches the specified criteria, enable QoS policy and select the QoS policy.

  10. If you want to assign an 802.1x policy to the device that matches the specified criteria, enable 802.1X policy and select the 802.1x policy.

  11. If you want to assign a VLAN policy to the device that matches the specified criteria, enable VLAN policy and select the VLAN policy.

  12. Click OK.

To create a dynamic port policy rule that matches a specific hardware vendor in the CLI:

config switch-controller dynamic-port-policy

edit <dynamic_port_policy_name>

set description <string>

set fortilink <FortiLink_interface_name>

config policy

edit <policy_name>

set description <string>

set status {enable | disable}

set hw-vendor <hardware_vendor>

set lldp-profile <LLDP_profile_name>

set qos-policy <QoS_policy_name>

set 802-1x <802.1x_policy_name>

set vlan-policy <VLAN_policy_name>

set bounce-port-link {disable | enable}

next

end

next

end

For example:

config switch-controller dynamic-port-policy

edit DPP1

set description "Policy for VMware devices"

set fortilink "flink"

config policy

edit policy1

set description "Rule applies only to VMware devices"

set status enable

set hw-vendor "VMware"

set lldp-profile "LLDPprofile1"

set bounce-port-link enable

next

end

next

end

Previous
Next