Fortinet Document Library

Version:

Version:

Version:


Table of Contents

Administration Guide

Download PDF
Copy Link

Control access on devices in a container

This option is used to modify membership of devices and ports in the selected container in system access control groups. This information can also be modified in the Groups View.

Percentage Enforced indicates the percentage of ports that are in the selected access control group. For example, if a switch has 10 ports, and % Enforced displays 80%, then 8 of the 10 ports for that switch are an access control group, such as Registration. Unregistered hosts connecting to one of the 8 ports would be forced to register.

If a device group has 5 switches, and % Enforced for the group displays 20%, then one of the 5 switches in the device group has some ports in the access control group selected.

  1. Log into your administrator account.
  2. Click Network Devices > Topology.
  3. In the navigation pane, right-click on the container and select Control Access.
  4. This view shows the device and port groups that have been created and their names. If no device or port groups have been created, NONE is displayed.
  5. In the Type field select the system access group to be modified. Options include: Authentication, Registration, Remediation, Dead End and Role-Based access. When a Remediation group is created it enables the Quarantine VLAN switching option under System > Settings > Control > Quarantine.
  6. The bottom half of the screen allows you to check the status of the container.
  7. To create device and port groups for all devices in the container, click Create Groups.
  8. To add all switches in the container to the system access control group selected in the Type field click Enforce. This also creates the necessary device and port groups if they do not exist.
  9. To remove all switches in the container from the selected system access group click Clear Enforce.
  10. To delete the device and port groups, click Delete Groups. This also removes all of the devices and ports from the selected system access group.
  11. A confirmation screen appears. Click OK. The screen refreshes and displays the new settings.

See Control access and Network summary for additional information.

Control access on devices in a container

This option is used to modify membership of devices and ports in the selected container in system access control groups. This information can also be modified in the Groups View.

Percentage Enforced indicates the percentage of ports that are in the selected access control group. For example, if a switch has 10 ports, and % Enforced displays 80%, then 8 of the 10 ports for that switch are an access control group, such as Registration. Unregistered hosts connecting to one of the 8 ports would be forced to register.

If a device group has 5 switches, and % Enforced for the group displays 20%, then one of the 5 switches in the device group has some ports in the access control group selected.

  1. Log into your administrator account.
  2. Click Network Devices > Topology.
  3. In the navigation pane, right-click on the container and select Control Access.
  4. This view shows the device and port groups that have been created and their names. If no device or port groups have been created, NONE is displayed.
  5. In the Type field select the system access group to be modified. Options include: Authentication, Registration, Remediation, Dead End and Role-Based access. When a Remediation group is created it enables the Quarantine VLAN switching option under System > Settings > Control > Quarantine.
  6. The bottom half of the screen allows you to check the status of the container.
  7. To create device and port groups for all devices in the container, click Create Groups.
  8. To add all switches in the container to the system access control group selected in the Type field click Enforce. This also creates the necessary device and port groups if they do not exist.
  9. To remove all switches in the container from the selected system access group click Clear Enforce.
  10. To delete the device and port groups, click Delete Groups. This also removes all of the devices and ports from the selected system access group.
  11. A confirmation screen appears. Click OK. The screen refreshes and displays the new settings.

See Control access and Network summary for additional information.