Fortinet white logo
Fortinet white logo

Administration Guide

Network devices

Network devices

The Network Devices window is one in a series of initial setup windows designed to help you get your FortiNAC program up and running as quickly as possible. Similar functions exist in other parts of the software, but this window provides access to the most essential device configuration information.

The Network Devices window displays devices connected to your network. The window is divided into two panels, Containers and Network Devices.

The list of existing network devices includes both those managed via SNMP and non-SNMP or pingable devices, such as a security camera or an alarm system. Configuration can be done individually or by brand/type of device. Devices can be added, deleted or configured. Use Discover on the Containers panel to search for connected devices within an IP address range.

Network devices should have static IP addresses or dynamic IP addresses that are reserved. Once a device that provides network services had been identified in FortiNAC there is no mechanism to automatically update the IP address for that device if there is a change. If the IP address on the device itself is changed, the device appears in FortiNAC to be offline or to have a communication error.

Set filter

  1. Click Set Filter on Network Devices.
  2. To filter by Container, mark the Container check box with a check mark to enable it. Select the container from the drop-down list. This is the Container from the Topology.
  3. To filter by Type, mark the Type check box with a check mark to enable it. Enter the name of the type to use as the filter. This data corresponds to the Type column in the Network Devices window. Wildcard entries can be used. This field is case sensitive.
  4. Enable one of the Show options:

    • Show All Devices: Shows both SNMP Devices and Non-SNMP devices.
    • Show Only SNMP Devices: Shows only those devices that are managed via SNMP, such as switches or routers.
    • Show Only Non-SNMP Devices: Shows only pingable devices. Pingable devices are devices that are not managed via SNMP but are connected to your network, such as HVAC systems, security cameras, alarms or cash registers. For more information on pingable devices see Add or modify a pingable device.
  5. Click OK.

Filter settings are stored for each user.

Settings

Field

Definition

#

Indicates the order of display.

Name

Name of the selected device.

IP address

IP address of the selected device. IP addresses or Address Ranges are used to add or discover devices.

Type

Indicate the type of devices, such as, switch, printer, router, etc.

Status

Indicates whether or not communication has been established with the device. Displays either Established or Lost.

SSID Mappings

Number of SSID configurations for the selected wireless device. An SSID mapping contains SSID configuration information such as the RADIUS server, access and isolation VLANs, and supplicant configuration information.

A red zero, 0, indicates that no SSID Mappings have been configured for a device that supports SSID Mappings.

Container

Container where the device resides. Containers are used to group devices.

Views

Series of icons that can be clicked to provide additional details about the selected device. Icons provide access to Device Properties, group membership, Ports and Hosts List, and SSIDs List. Click an icon to access the view.

Last Polled

Date and time the server last attempted to poll the device.

Last Polled Success

Date and time that the device was last polled successfully.

Role

Displays the role assigned to this device. To modify the role go to Device Properties for this device. This field does not list the roles associated with this device through network device roles. To view role membership, right-click on the device in the Topology.

CDP Polling

Indicates whether CDP polling is enabled or disabled for the device and displays the polling interval. Disabled (unsupported) displayed in this column, indicates that the first CDP poll was unsuccessful because CDP queries are not supported by the device or may not be configured on the device. If the device has ever been successfully polled for CDP, later unsuccessful polls are not interpreted as a problem with CDP on the device.

CDP Last Polled

Date and time the server last attempted a CDP poll of the device.

CDP Last Poll Success

Date and time of the last successful CDP poll.

Right click options

Export

Exports the data displayed to a file in the default downloads location. File types include CSV, Excel, PDF, or RTF. See Export data.

Delete

Deletes the selected devices.

Resync Interfaces

Reads the interface information from a modeled device and updates FortiNAC's representation of that device. This information includes the interface's index, description, name, and status. See Resync interfaces.

Model Config

Opens model configuration for the selected device to configure data such as passwords for communication with the device, VLANs, and RADIUS server information. See Model configuration.

Global Model Config

Opens the Global Model Configuration window to configure data for multiple devices of the same brand, such as passwords for communication with the device, VLANs, and RADIUS server information. See Global model configuration.

Running Configuration

View the configuration running on the selected device (device dependant). This option is only available for some devices.

Static Port
Configuration

Allows you to designate a specific port as a Dead-End VLAN and use that port to disable hosts. The MAC address of the disabled host is placed in a list on the device which indicates it only has permission to use the port designated as secure or static. See Secure port/static port overview.

Modify

Modify the selected device.

Moves multiple devices selected in the Network Devices window to the container you specify. Accessed using Modify when more than one device is selected. See Move a device to a different container.

Convert To Host

Converts one or more selected non-SNMP or pingable devices to hosts. After conversion these devices are removed from Network Devices but do display both in the Topology and the Host View. See Convert all pingables to hosts.

Note

Wireless Access Points added as pingables cannot be converted to hosts.

Set CDP Polling

Performs two functions. Allows you to enable or disable the Global CDP (Cisco Discovery Protocol) feature. When the Global option is disabled, settings on individual switches are ignored and the CDP feature is not used.

Allows you to enable CDP polling for one or more selected devices and set the polling interval.

When enabled, CDP polling allows FortiNAC to query devices about other connected devices on the network. If a device has this discovery protocol enabled it gathers and stores information about devices it manages and devices it can contact on the network. Only devices with CDP enabled will respond to a CDP query.

The device must be CDP capable and have CDP configured. See Set CDP polling.

Wireless Security

Allows you to configure SSID Mappings for the selected wireless device.

Network devices

Network devices

The Network Devices window is one in a series of initial setup windows designed to help you get your FortiNAC program up and running as quickly as possible. Similar functions exist in other parts of the software, but this window provides access to the most essential device configuration information.

The Network Devices window displays devices connected to your network. The window is divided into two panels, Containers and Network Devices.

The list of existing network devices includes both those managed via SNMP and non-SNMP or pingable devices, such as a security camera or an alarm system. Configuration can be done individually or by brand/type of device. Devices can be added, deleted or configured. Use Discover on the Containers panel to search for connected devices within an IP address range.

Network devices should have static IP addresses or dynamic IP addresses that are reserved. Once a device that provides network services had been identified in FortiNAC there is no mechanism to automatically update the IP address for that device if there is a change. If the IP address on the device itself is changed, the device appears in FortiNAC to be offline or to have a communication error.

Set filter

  1. Click Set Filter on Network Devices.
  2. To filter by Container, mark the Container check box with a check mark to enable it. Select the container from the drop-down list. This is the Container from the Topology.
  3. To filter by Type, mark the Type check box with a check mark to enable it. Enter the name of the type to use as the filter. This data corresponds to the Type column in the Network Devices window. Wildcard entries can be used. This field is case sensitive.
  4. Enable one of the Show options:

    • Show All Devices: Shows both SNMP Devices and Non-SNMP devices.
    • Show Only SNMP Devices: Shows only those devices that are managed via SNMP, such as switches or routers.
    • Show Only Non-SNMP Devices: Shows only pingable devices. Pingable devices are devices that are not managed via SNMP but are connected to your network, such as HVAC systems, security cameras, alarms or cash registers. For more information on pingable devices see Add or modify a pingable device.
  5. Click OK.

Filter settings are stored for each user.

Settings

Field

Definition

#

Indicates the order of display.

Name

Name of the selected device.

IP address

IP address of the selected device. IP addresses or Address Ranges are used to add or discover devices.

Type

Indicate the type of devices, such as, switch, printer, router, etc.

Status

Indicates whether or not communication has been established with the device. Displays either Established or Lost.

SSID Mappings

Number of SSID configurations for the selected wireless device. An SSID mapping contains SSID configuration information such as the RADIUS server, access and isolation VLANs, and supplicant configuration information.

A red zero, 0, indicates that no SSID Mappings have been configured for a device that supports SSID Mappings.

Container

Container where the device resides. Containers are used to group devices.

Views

Series of icons that can be clicked to provide additional details about the selected device. Icons provide access to Device Properties, group membership, Ports and Hosts List, and SSIDs List. Click an icon to access the view.

Last Polled

Date and time the server last attempted to poll the device.

Last Polled Success

Date and time that the device was last polled successfully.

Role

Displays the role assigned to this device. To modify the role go to Device Properties for this device. This field does not list the roles associated with this device through network device roles. To view role membership, right-click on the device in the Topology.

CDP Polling

Indicates whether CDP polling is enabled or disabled for the device and displays the polling interval. Disabled (unsupported) displayed in this column, indicates that the first CDP poll was unsuccessful because CDP queries are not supported by the device or may not be configured on the device. If the device has ever been successfully polled for CDP, later unsuccessful polls are not interpreted as a problem with CDP on the device.

CDP Last Polled

Date and time the server last attempted a CDP poll of the device.

CDP Last Poll Success

Date and time of the last successful CDP poll.

Right click options

Export

Exports the data displayed to a file in the default downloads location. File types include CSV, Excel, PDF, or RTF. See Export data.

Delete

Deletes the selected devices.

Resync Interfaces

Reads the interface information from a modeled device and updates FortiNAC's representation of that device. This information includes the interface's index, description, name, and status. See Resync interfaces.

Model Config

Opens model configuration for the selected device to configure data such as passwords for communication with the device, VLANs, and RADIUS server information. See Model configuration.

Global Model Config

Opens the Global Model Configuration window to configure data for multiple devices of the same brand, such as passwords for communication with the device, VLANs, and RADIUS server information. See Global model configuration.

Running Configuration

View the configuration running on the selected device (device dependant). This option is only available for some devices.

Static Port
Configuration

Allows you to designate a specific port as a Dead-End VLAN and use that port to disable hosts. The MAC address of the disabled host is placed in a list on the device which indicates it only has permission to use the port designated as secure or static. See Secure port/static port overview.

Modify

Modify the selected device.

Moves multiple devices selected in the Network Devices window to the container you specify. Accessed using Modify when more than one device is selected. See Move a device to a different container.

Convert To Host

Converts one or more selected non-SNMP or pingable devices to hosts. After conversion these devices are removed from Network Devices but do display both in the Topology and the Host View. See Convert all pingables to hosts.

Note

Wireless Access Points added as pingables cannot be converted to hosts.

Set CDP Polling

Performs two functions. Allows you to enable or disable the Global CDP (Cisco Discovery Protocol) feature. When the Global option is disabled, settings on individual switches are ignored and the CDP feature is not used.

Allows you to enable CDP polling for one or more selected devices and set the polling interval.

When enabled, CDP polling allows FortiNAC to query devices about other connected devices on the network. If a device has this discovery protocol enabled it gathers and stores information about devices it manages and devices it can contact on the network. Only devices with CDP enabled will respond to a CDP query.

The device must be CDP capable and have CDP configured. See Set CDP polling.

Wireless Security

Allows you to configure SSID Mappings for the selected wireless device.