Fortinet Document Library

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:


Table of Contents

Administration Guide

Creating FortiSwitch security policies

To create a FortiSwitch security policy:
  1. On the FortiSwitch Security Policies pane, click Create New in the toolbar. The Create New Security Policies window opens.

  2. Enter the following information, then click OK to create the new security policy.

    Name

    Type a name for the template.

    Security mode

    Select the security mode, Port-based or MAC-based.

    User groups

    Select the user groups that the security policy will apply to.

    Guest VLAN

    Enable a guest VLAN, and select the VLAN from the available VLAN objects. See FortiSwitch VLANs.

    Guest authentication delay

    Set the guest authentication delay, in seconds (1 - 900, default = 30).

    Authentication fail VLAN

    Enable an authentication failure VLAN, and select the VLAN from the available VLAN objects. See FortiSwitch VLANs.

    This option is not available when Security mode is MAC-based.

    MAC authentication bypass

    Enable MAC Authentication Bypass (MAB).

    EAP pass-through

    Enable EAP pass-through.

    Override RADIUS timeout

    Enable overriding the RADIUS timeout.

Creating FortiSwitch security policies

To create a FortiSwitch security policy:
  1. On the FortiSwitch Security Policies pane, click Create New in the toolbar. The Create New Security Policies window opens.

  2. Enter the following information, then click OK to create the new security policy.

    Name

    Type a name for the template.

    Security mode

    Select the security mode, Port-based or MAC-based.

    User groups

    Select the user groups that the security policy will apply to.

    Guest VLAN

    Enable a guest VLAN, and select the VLAN from the available VLAN objects. See FortiSwitch VLANs.

    Guest authentication delay

    Set the guest authentication delay, in seconds (1 - 900, default = 30).

    Authentication fail VLAN

    Enable an authentication failure VLAN, and select the VLAN from the available VLAN objects. See FortiSwitch VLANs.

    This option is not available when Security mode is MAC-based.

    MAC authentication bypass

    Enable MAC Authentication Bypass (MAB).

    EAP pass-through

    Enable EAP pass-through.

    Override RADIUS timeout

    Enable overriding the RADIUS timeout.