Fortinet Document Library

Version:

Version:


Table of Contents

Administration Guide

Download PDF
Copy Link

Add or modify a configuration

  1. Select Policy > Policy Configuration.
  2. Expand Network Access.
  3. Select Configuration.
  4. On the Network Access Configurations window, click Add or select an existing configuration and click Modify.
  5. Click in the Name field and enter a name for this configuration.
  6. In the Access Value/VLAN field, type the network access identifier for this mapping, such as a VLAN ID, VLAN Name, Aruba Role, or for a VPN concentrator enter a VPN group policy name. If you use an alias to represent VLANs across multiple devices, enter the Alias here.
  7. If you are using an alias instead of an actual Access Value, enable the Access Value is an alias check box. This indicates that the Access Value/VLAN field contains an Alias that represents many VLANs across multiple devices on your network.

    For example, if one device has a VLAN named Accounting that is actually VLAN 10 and another device has a VLAN named Accounting that is actually VLAN 20, both can be included in a network access policy by using the VLAN Alias of Accounting. Using the Alias allows you to create one network access policy that assigns users to VLAN 10 on one device and VLAN 20 on another device.

    Note

    The Access Value is an alias option is supported only for Cisco and Brocade devices.

  8. To apply a CLI configuration to a device or port, click the CLI check box to enable it and select the CLI configuration from the drop-down list. This field is optional. For additional information on CLI configurations see CLI configuration.
  9. You can use the icons next to the CLI configuration field to add a new CLI configuration or modify the CLI configuration shown in the drop-down menu. Note that if you modify this CLI configuration, it is modified for all features that make use of the CLI configuration.
  10. The Note field is optional.
  11. Click OK to save the configuration.

Add or modify a configuration

  1. Select Policy > Policy Configuration.
  2. Expand Network Access.
  3. Select Configuration.
  4. On the Network Access Configurations window, click Add or select an existing configuration and click Modify.
  5. Click in the Name field and enter a name for this configuration.
  6. In the Access Value/VLAN field, type the network access identifier for this mapping, such as a VLAN ID, VLAN Name, Aruba Role, or for a VPN concentrator enter a VPN group policy name. If you use an alias to represent VLANs across multiple devices, enter the Alias here.
  7. If you are using an alias instead of an actual Access Value, enable the Access Value is an alias check box. This indicates that the Access Value/VLAN field contains an Alias that represents many VLANs across multiple devices on your network.

    For example, if one device has a VLAN named Accounting that is actually VLAN 10 and another device has a VLAN named Accounting that is actually VLAN 20, both can be included in a network access policy by using the VLAN Alias of Accounting. Using the Alias allows you to create one network access policy that assigns users to VLAN 10 on one device and VLAN 20 on another device.

    Note

    The Access Value is an alias option is supported only for Cisco and Brocade devices.

  8. To apply a CLI configuration to a device or port, click the CLI check box to enable it and select the CLI configuration from the drop-down list. This field is optional. For additional information on CLI configurations see CLI configuration.
  9. You can use the icons next to the CLI configuration field to add a new CLI configuration or modify the CLI configuration shown in the drop-down menu. Note that if you modify this CLI configuration, it is modified for all features that make use of the CLI configuration.
  10. The Note field is optional.
  11. Click OK to save the configuration.