Fortinet black logo

Administration Guide

Network access configurations

Copy Link
Copy Doc ID 825689eb-200d-11e9-b6f6-f8bc1258b856:141175
Download PDF

Network access configurations

Network Access Configurations define access treatments for connecting hosts and users. Hosts can be placed in a particular VLAN, have a CLI configuration applied or be passed a VPN Group Policy. The Network Access Configuration that is assigned to a particular host is determined by the pairing of a Network Access Configuration and a User/Host Profile within a Network Access Policy.

When a host requires network access, the host and user are compared to the User/Host Profile in each Network Access Policy starting with the first policy in the list. When a policy is found where the host and user data match the User/Host Profile in the policy, that policy is assigned. The Network Access Configuration contained within that policy specifies the treatment received by the host.

Settings

An empty field in a column indicates that the option has not been set.

Field

Definition

Name

User defined name for the Configuration.

Access Value/VLAN

Name or number of the Network Access identifier where the host or device will be placed, such as VLAN ID, VLAN Name or Aruba Role.

CLI

CLI configuration that will be applied. CLI configurations are applied to the port where the host or device connects. See CLI configuration.

Note

User specified note field. This field may contain notes regarding the conversion from a previous version of FortiNAC.

Last Modified By

User name of the last user to modify the configuration.

Last Modified Date

Date and time of the last modification to this configuration.

Is Alias

Indicates whether the Access Value/VLAN field contains the actual VLAN Name, VLAN ID, Aruba Role, Group Policy or if it contains an Alias that represents many VLANs across multiple devices on your network.

For example, if one device has a VLAN named Accounting that is actually VLAN 10 and another device has a VLAN named Accounting that is actually VLAN 20, both can be included in a Network Access Policy by using the VLAN Alias of Accounting.

Note

The Access Value is an alias option is supported only for Cisco and Brocade devices.

Right click options

Delete

Deletes the selected Network Access Configuration.

In Use

Indicates whether or not the selected configuration is currently being used by any other FortiNAC element. See Configurations in use.

Modify

Opens the Modify Network Access Configuration window for the selected configuration.

Show Audit Log

Opens the Admin Auditing Log showing all changes made to the selected item.

For information about the Admin Auditing Log, see Admin auditing.

Note

You must have permission to view the Admin Auditing Log. See Add an admin profile.

Buttons

Export

Exports the data displayed to a file in the default downloads location. File types include CSV, Excel, PDF or RTF. See Export data.

Network access configurations

Network Access Configurations define access treatments for connecting hosts and users. Hosts can be placed in a particular VLAN, have a CLI configuration applied or be passed a VPN Group Policy. The Network Access Configuration that is assigned to a particular host is determined by the pairing of a Network Access Configuration and a User/Host Profile within a Network Access Policy.

When a host requires network access, the host and user are compared to the User/Host Profile in each Network Access Policy starting with the first policy in the list. When a policy is found where the host and user data match the User/Host Profile in the policy, that policy is assigned. The Network Access Configuration contained within that policy specifies the treatment received by the host.

Settings

An empty field in a column indicates that the option has not been set.

Field

Definition

Name

User defined name for the Configuration.

Access Value/VLAN

Name or number of the Network Access identifier where the host or device will be placed, such as VLAN ID, VLAN Name or Aruba Role.

CLI

CLI configuration that will be applied. CLI configurations are applied to the port where the host or device connects. See CLI configuration.

Note

User specified note field. This field may contain notes regarding the conversion from a previous version of FortiNAC.

Last Modified By

User name of the last user to modify the configuration.

Last Modified Date

Date and time of the last modification to this configuration.

Is Alias

Indicates whether the Access Value/VLAN field contains the actual VLAN Name, VLAN ID, Aruba Role, Group Policy or if it contains an Alias that represents many VLANs across multiple devices on your network.

For example, if one device has a VLAN named Accounting that is actually VLAN 10 and another device has a VLAN named Accounting that is actually VLAN 20, both can be included in a Network Access Policy by using the VLAN Alias of Accounting.

Note

The Access Value is an alias option is supported only for Cisco and Brocade devices.

Right click options

Delete

Deletes the selected Network Access Configuration.

In Use

Indicates whether or not the selected configuration is currently being used by any other FortiNAC element. See Configurations in use.

Modify

Opens the Modify Network Access Configuration window for the selected configuration.

Show Audit Log

Opens the Admin Auditing Log showing all changes made to the selected item.

For information about the Admin Auditing Log, see Admin auditing.

Note

You must have permission to view the Admin Auditing Log. See Add an admin profile.

Buttons

Export

Exports the data displayed to a file in the default downloads location. File types include CSV, Excel, PDF or RTF. See Export data.