Supplicant configurations
Supplicant configurations define an SSID and security parameters required to configure the native supplicant available on a connecting host as part of its operating system. The supplicant configuration that is used for a particular host is determined by the pairing of a supplicant configuration and a user/host profile within a supplicant policy.
When a host connects to the network and requires the use of a supplicant, the host and user data are compared to each supplicant policy starting with the first policy in the list. When a policy is found where the host and user data match the user/host profile in the policy, that policy is applied. The supplicant configuration contained within that policy configures the supplicant on the host.
The host supplicant configuration setup process is as follows:
- Host connects to the network.
- Host connects to an open SSID based on the operating system of the host. If authenticating through LDAP, the user must be in the selected directory group configured in the SSID mapping. You configure SSID mapping with a supplicant configuration.
- If the user is on a Windows or macOS device, the user downloads either the Persistent Agent or the Dissolvable Agent. The agent applies the Supplicant Configuration after scanning and registering the host.
- If the user is on an Android device, the user downloads and runs the Mobile Agent. The agent applies the Supplicant Configuration after scanning and registering the host. See Mobile Agent for download requirements.
- FortiNAC compares user and host data to supplicant policies and finds the first match starting from the top of the list of policies.
- The user registers or authenticates.
- The supplicant configuration is applied.
- The Agent attempts to move the host to the SSID that was just configured.
Settings
An empty field in a column indicates that the option has not been set.
Field |
Definition |
||
---|---|---|---|
Name |
User defined name for the configuration. |
||
SSID |
Name of the SSID being configured. This is not necessarily the SSID to which the host is connected. However, the agent will attempt to move the host to this SSID when the configuration is applied.
|
||
Security |
Indicates the type of encryption that will be used for connections to this SSID. Options include:
|
||
Cipher |
Encryption/decryption method used in conjunction with the information in the Security field to secure this connection. Options include:
|
||
EAP Type |
Currently only PEAP is supported. |
||
Note |
User specified note field. |
||
Last Modified By |
User name of the last user to modify the record. |
||
Last Modified Date |
Date and time of the last modification to this configuration. |
||
Right click options |
|||
Delete |
Deletes the selected Supplicant Configuration. |
||
In Use |
Indicates whether or not the selected configuration is currently being used by any other FortiNAC element. See Configurations in use. |
||
Modify |
Opens the Modify Supplicant Configuration window for the selected configuration. |
||
Show Audit Log |
Opens the admin auditing log showing all changes made to the selected item. For information about the admin auditing log, see Admin auditing.
|
||
Buttons |
|||
Export |
Exports the data displayed to a file in the default downloads location. File types include CSV, Excel, PDF, or RTF. See Export data. |