Determine FortiNAC Service Configuration (Network Type)
The FortiNAC Service Interface (port2) can be configured for either a Layer 2 or Layer 3 implementation. This configuration is referred to as Network Type in the Configuration Wizard. See below for descriptions and logical diagrams for each implementation type. The most common Network Type used by customers is Layer 3.
Layer 3 Implementation
-
Required for Layer 3 High Availability configurations. See Configuration Wizard reference manual or Guided Install in the Administration Guide.
-
The FortiNAC Service Interface is a standard interface (IP and VLAN values below are for illustration purposes)
-
The interface exists on a single network
-
The interface is not within the same broadcast domain as a host assigned to an isolation network
-
The interface uses multiple IP addresses within the same subnet
-
DHCP relays must be configured on each isolation network pointing back to the isolation interface
-
The individual IP address is used by DNS
-
Layer 2 Implementation
-
The FortiNAC Service Interface
-
802.1q trunk
-
The interface accepts traffic tagged from any of the isolation VLANs
-
Same broadcast domain as hosts
-
IP address for each “isolation” subnet
-
