Fortinet black logo

IOT Deployment Guide

Home FortiNAC-F 7.2.0 IOT Deployment Guide
7.2.0
7.4.0
7.2.0

Create the Port Group and associate the Switch Ports

Create the Port Group and associate the Switch Ports

FortiNAC has the option to define User-owned groups that are typically created to associate devices, ports, IP phones or hosts. You can associate these groups with scheduled actions to perform a variety functions.

Based on our guide, we will use the Port Groups to associate the selected Switch Ports to take actions, so all other ports can be continued inactive or be defined for us in the other role. Port groups can be used for a variety of purposes. Use the Fixed Day Task option in the Scheduler with the Disable Ports and Enable Ports actions to disable or enable ports on a date or time schedule.

You can nest port groups to make it easier to add ports to the FortiNAC owned groups, such as Forced Registration groups.

Below we can see the purpose of each of the Port Groups:

  • Forced Registration: Ports that participate in forced authentication when unauthenticated users connect. If you have a port in this group, when a host connects to this port and is unauthenticated, the port is put into an isolation VLAN and the host is forced to authenticate.

  • Role Based Access: Ports that participate in role-based access and switch VLANs, based on the role of network devices, such as printers, when they connect. Add switch ports that participate in VLAN switching. Ports that participate have their VLAN ID set to the role specified for the connected network device.

  • Reset Forced Default: Ports that return to default VLAN when the host is disconnected.

Moving forward with our configuration steps, now we will define the Groups for PLC and IP Camera ports:

  1. Navigate to System > Groups and click Add.

  2. Name the group “PLC and IP Cameras Ports”.

  3. In the Members tab, navigate in the containers and select full ports switch or choose the specific ports you want to manage:


    Graphical user interface, text, application Description automatically generated

  4. Click OK to save the Port Group.

    Table Description automatically generated

  5. Right click on the Port Group PLC and IP Cameras Ports and click on Group Member of. Check the boxes for Forced Registration, Role Based Access and Reset Forced Default.

    Graphical user interface, application, Word Description automatically generated

  6. Click OK to finalize the configuration of Port Group settings.

Previous
Next

Create the Port Group and associate the Switch Ports

FortiNAC has the option to define User-owned groups that are typically created to associate devices, ports, IP phones or hosts. You can associate these groups with scheduled actions to perform a variety functions.

Based on our guide, we will use the Port Groups to associate the selected Switch Ports to take actions, so all other ports can be continued inactive or be defined for us in the other role. Port groups can be used for a variety of purposes. Use the Fixed Day Task option in the Scheduler with the Disable Ports and Enable Ports actions to disable or enable ports on a date or time schedule.

You can nest port groups to make it easier to add ports to the FortiNAC owned groups, such as Forced Registration groups.

Below we can see the purpose of each of the Port Groups:

  • Forced Registration: Ports that participate in forced authentication when unauthenticated users connect. If you have a port in this group, when a host connects to this port and is unauthenticated, the port is put into an isolation VLAN and the host is forced to authenticate.

  • Role Based Access: Ports that participate in role-based access and switch VLANs, based on the role of network devices, such as printers, when they connect. Add switch ports that participate in VLAN switching. Ports that participate have their VLAN ID set to the role specified for the connected network device.

  • Reset Forced Default: Ports that return to default VLAN when the host is disconnected.

Moving forward with our configuration steps, now we will define the Groups for PLC and IP Camera ports:

  1. Navigate to System > Groups and click Add.

  2. Name the group “PLC and IP Cameras Ports”.

  3. In the Members tab, navigate in the containers and select full ports switch or choose the specific ports you want to manage:


    Graphical user interface, text, application Description automatically generated

  4. Click OK to save the Port Group.

    Table Description automatically generated

  5. Right click on the Port Group PLC and IP Cameras Ports and click on Group Member of. Check the boxes for Forced Registration, Role Based Access and Reset Forced Default.

    Graphical user interface, application, Word Description automatically generated

  6. Click OK to finalize the configuration of Port Group settings.

Previous
Next