Fortinet Document Library

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:


Table of Contents

CLI Reference

config switch-controller fortilink-settings

Configure integrated FortiLink settings for FortiSwitch.

config switch-controller fortilink-settings

Description: Configure integrated FortiLink settings for FortiSwitch.

edit <name>

set inactive-timer {integer}

set link-down-flush [disable|enable]

config nac-ports

Description: NAC specific configuration.

set onboarding-vlan {string}

set bounce-nac-port [disable|enable]

set lan-segment [enabled|disabled]

set nac-lan-interface {string}

set nac-segment-vlans <vlan-name1>, <vlan-name2>, ...

set parent-key {string}

set member-change {integer}

end

next

end

config switch-controller fortilink-settings

Parameter

Description

Type

Size

Default

inactive-timer

Time interval(minutes) to be included in the inactive devices expiry calculation (mac age-out + inactive-time + periodic scan interval).

integer

Minimum value: 1 Maximum value: 1440

15

link-down-flush

Clear NAC and dynamic devices on switch ports on link down event.

option

-

enable

 

Option

Description

disable

Disable clearing NAC and dynamic devices on a switch port when link down event happens.

enable

Enable clearing NAC and dynamic devices on a switch port when link down event happens.

config nac-ports

Parameter

Description

Type

Size

Default

onboarding-vlan

Default NAC Onboarding VLAN when NAC devices are discovered.

string

Maximum length: 15

bounce-nac-port

Enable/disable bouncing (administratively bring the link down, up) of a switch port when NAC mode is configured on the port. Helps to re-initiate the DHCP process for a device.

option

-

enable

 

Option

Description

disable

Disable bouncing (administratively bring the link down, up) of a switch port when NAC mode is configured.

enable

Enable bouncing (administratively bring the link down, up) of a switch port when NAC mode is configured.

lan-segment

Enable/disable LAN segment feature on the FortiLink interface.

option

-

disabled

 

Option

Description

enabled

Enable lan-segment on this interface.

disabled

Disable lan-segment on this interface.

nac-lan-interface

Configure NAC LAN interface.

string

Maximum length: 15

nac-segment-vlans <vlan-name>

Configure NAC segment VLANs.

VLAN interface name.

string

Maximum length: 79

parent-key

Parent key name.

string

Maximum length: 35

member-change

Member change flag.

integer

Minimum value: 0 Maximum value: 255

0

config switch-controller fortilink-settings

Configure integrated FortiLink settings for FortiSwitch.

config switch-controller fortilink-settings

Description: Configure integrated FortiLink settings for FortiSwitch.

edit <name>

set inactive-timer {integer}

set link-down-flush [disable|enable]

config nac-ports

Description: NAC specific configuration.

set onboarding-vlan {string}

set bounce-nac-port [disable|enable]

set lan-segment [enabled|disabled]

set nac-lan-interface {string}

set nac-segment-vlans <vlan-name1>, <vlan-name2>, ...

set parent-key {string}

set member-change {integer}

end

next

end

config switch-controller fortilink-settings

Parameter

Description

Type

Size

Default

inactive-timer

Time interval(minutes) to be included in the inactive devices expiry calculation (mac age-out + inactive-time + periodic scan interval).

integer

Minimum value: 1 Maximum value: 1440

15

link-down-flush

Clear NAC and dynamic devices on switch ports on link down event.

option

-

enable

 

Option

Description

disable

Disable clearing NAC and dynamic devices on a switch port when link down event happens.

enable

Enable clearing NAC and dynamic devices on a switch port when link down event happens.

config nac-ports

Parameter

Description

Type

Size

Default

onboarding-vlan

Default NAC Onboarding VLAN when NAC devices are discovered.

string

Maximum length: 15

bounce-nac-port

Enable/disable bouncing (administratively bring the link down, up) of a switch port when NAC mode is configured on the port. Helps to re-initiate the DHCP process for a device.

option

-

enable

 

Option

Description

disable

Disable bouncing (administratively bring the link down, up) of a switch port when NAC mode is configured.

enable

Enable bouncing (administratively bring the link down, up) of a switch port when NAC mode is configured.

lan-segment

Enable/disable LAN segment feature on the FortiLink interface.

option

-

disabled

 

Option

Description

enabled

Enable lan-segment on this interface.

disabled

Disable lan-segment on this interface.

nac-lan-interface

Configure NAC LAN interface.

string

Maximum length: 15

nac-segment-vlans <vlan-name>

Configure NAC segment VLANs.

VLAN interface name.

string

Maximum length: 79

parent-key

Parent key name.

string

Maximum length: 35

member-change

Member change flag.

integer

Minimum value: 0 Maximum value: 255

0