Fortinet black logo

Administration Guide

Home FortiNAC 8.5.2 Administration Guide

Control access on a device

8.5.2
9.4.0
9.2.0
9.1.0
8.8.0
8.7.0
8.6.0
8.5.2
8.3.0
Copy Link
Copy Doc ID 868f1267-7299-11e9-81a4-00505692583a:422351
Download PDF

Control access on a device

  1. Log into your administrator account.
  2. Click Network Devices > Topology.
  3. In the navigation pane, Expand the container where the device is located.
  4. Right-click on the device for which you want to enforce isolation and select Control Access.
  5. In the Control Access screen check the status of the device.
  6. In the Type field, select the system access group to be modified. Options include: Authentication, Registration, Remediation, Dead End and Role-Based access. When a Remediation group is created it enables the Quarantine VLAN switching option under System > Settings > Control > Quarantine.
  7. To add all ports on the device to the system access control group selected in the Type field, click Enforce. This also creates the necessary device and port groups if they do not exist.
  8. To remove all ports on the device from the system access control group selected in the Type field click Clear Enforce. Device and port groups are not removed.
  9. A confirmation screen appears. Click OK.
  10. The screen refreshes and displays the new settings.

Percentage Enforced indicates the percentage of ports that are in the selected access control group. For example, if a switch has 10 ports, and % Enforced displays 80%, then 8 of the 10 ports for that switch are an access control group, such as Registration. Unregistered hosts connecting to one of the 8 ports would be forced to register.

See Control access and Network summary for additional information.

Previous
Next

Control access on a device

  1. Log into your administrator account.
  2. Click Network Devices > Topology.
  3. In the navigation pane, Expand the container where the device is located.
  4. Right-click on the device for which you want to enforce isolation and select Control Access.
  5. In the Control Access screen check the status of the device.
  6. In the Type field, select the system access group to be modified. Options include: Authentication, Registration, Remediation, Dead End and Role-Based access. When a Remediation group is created it enables the Quarantine VLAN switching option under System > Settings > Control > Quarantine.
  7. To add all ports on the device to the system access control group selected in the Type field, click Enforce. This also creates the necessary device and port groups if they do not exist.
  8. To remove all ports on the device from the system access control group selected in the Type field click Clear Enforce. Device and port groups are not removed.
  9. A confirmation screen appears. Click OK.
  10. The screen refreshes and displays the new settings.

Percentage Enforced indicates the percentage of ports that are in the selected access control group. For example, if a switch has 10 ports, and % Enforced displays 80%, then 8 of the 10 ports for that switch are an access control group, such as Registration. Unregistered hosts connecting to one of the 8 ports would be forced to register.

See Control access and Network summary for additional information.

Previous
Next