Fortinet black logo

Administration Guide

Home FortiNAC 9.4.0 Administration Guide
9.4.0
9.4.0
9.2.0
9.1.0
8.8.0
8.7.0
8.6.0
8.5.2
8.3.0

Port properties

Port properties

View and configure the default network access settings for the selected port.

  1. Click Network > Inventory.

  2. Expand the container where the device is located.

  3. Select a device.

  4. In the Ports tab on the right, right-click on a port and select Port Properties.

  5. The Port option is displayed.

  6. Use the table below to make any desired changes. Click OK to save.

Settings

Mode

Description

Name

The default name displayed for the port is comprised of the sysName of the device, the ifName and, in curly braces, the ifAlias or Port Description. All of this information is read from the switch.

For example, Cisco_2600 Fa/07 {Library Front Desk}, where Cisco_2600 is the system name of the device, Fa/07 is the ifName and {Library Front Desk} is the Port Description.

Note

Use only letters, numbers and hyphens (-) when creating port descriptions. Other characters, such as #, may prevent FortiNAC from communicating properly with the device.


Interface ID

Internal ifIndex of the port.

IP Address

IP address of the device containing the port.

Physical Address

Switch port MAC address

Admin Status

Select On or Off.

Connection State

Defines the state and type of device connected to this port. See Ports view for a list of connection states.

Uplink Mode

  • Dynamic: Allows FortiNAC to set the port as an uplink when the threshold for connections is reached. If the MAC address on the port is that of a switch that is modeled in the Inventory, the port is set as an Uplink.

  • Clear: Check this box to clear all dynamic uplink settings for this port. Settings are cleared when you click Apply. Once the settings are cleared the check mark is removed from the Clear box by FortiNAC.

  • Always Uplink: Sets the port to always be an uplink.

  • Never Uplink: Sets the port to never be an uplink.

Current VLAN

VLAN where the port has been placed based on the network access policy for the connected host or device.

To modify, enter the value for the Current VLAN and select OK. A warning message appears. Click Yes to confirm that you wish to modify the Current VLAN and save the port properties.

Default VLAN

Default VLAN for the port read from the device.

To modify, enter the value for the Default VLAN and select OK.

CLI Configuration

Displays the most recent CLI configuration that has been applied to this port.

Port Mode

(v9.4.6 and greater)

Current mode of the port. Possible modes include:

  • 8021x: Using RADIUS 802.1x authentication on this port. The mode is triggered when a RADIUS 802.1x authentication request is received on the port. Use the Clear checkbox to reset mode to NORMAL.

  • RADMAC: Using RADIUS MAC authentication on this port. The mode is triggered when a RADIUS MAC authentication request is received on the port. Use the Clear checkbox to reset mode to NORMAL.

  • NORMAL: RADIUS authentication is not in use on this port.

Clear checkbox: Resets mode to NORMAL.

Dot1x Auto Registration

Disabled by default. Automatic registration of a host based upon the user's 802.1x authentication with the RADIUS server. Upon successful 802.1x authentication, FortiNAC registers the host to the authenticated user prior to the network policy being determined.

Requirement: RADIUS request from Controller/Access Point must contain RADIUS Attribute 30 and include the port value

Port Changes

Click to display the Port Changes View.

Group Membership

Click to display Port Group Membership to view and modify the groups in which this port is a member.

Group Membership only appears if the user has permission to view group membership. If the user has permission to view but not modify group membership, the user cannot save changes to group membership.
Previous
Next

Port properties

View and configure the default network access settings for the selected port.

  1. Click Network > Inventory.

  2. Expand the container where the device is located.

  3. Select a device.

  4. In the Ports tab on the right, right-click on a port and select Port Properties.

  5. The Port option is displayed.

  6. Use the table below to make any desired changes. Click OK to save.

Settings

Mode

Description

Name

The default name displayed for the port is comprised of the sysName of the device, the ifName and, in curly braces, the ifAlias or Port Description. All of this information is read from the switch.

For example, Cisco_2600 Fa/07 {Library Front Desk}, where Cisco_2600 is the system name of the device, Fa/07 is the ifName and {Library Front Desk} is the Port Description.

Note

Use only letters, numbers and hyphens (-) when creating port descriptions. Other characters, such as #, may prevent FortiNAC from communicating properly with the device.


Interface ID

Internal ifIndex of the port.

IP Address

IP address of the device containing the port.

Physical Address

Switch port MAC address

Admin Status

Select On or Off.

Connection State

Defines the state and type of device connected to this port. See Ports view for a list of connection states.

Uplink Mode

  • Dynamic: Allows FortiNAC to set the port as an uplink when the threshold for connections is reached. If the MAC address on the port is that of a switch that is modeled in the Inventory, the port is set as an Uplink.

  • Clear: Check this box to clear all dynamic uplink settings for this port. Settings are cleared when you click Apply. Once the settings are cleared the check mark is removed from the Clear box by FortiNAC.

  • Always Uplink: Sets the port to always be an uplink.

  • Never Uplink: Sets the port to never be an uplink.

Current VLAN

VLAN where the port has been placed based on the network access policy for the connected host or device.

To modify, enter the value for the Current VLAN and select OK. A warning message appears. Click Yes to confirm that you wish to modify the Current VLAN and save the port properties.

Default VLAN

Default VLAN for the port read from the device.

To modify, enter the value for the Default VLAN and select OK.

CLI Configuration

Displays the most recent CLI configuration that has been applied to this port.

Port Mode

(v9.4.6 and greater)

Current mode of the port. Possible modes include:

  • 8021x: Using RADIUS 802.1x authentication on this port. The mode is triggered when a RADIUS 802.1x authentication request is received on the port. Use the Clear checkbox to reset mode to NORMAL.

  • RADMAC: Using RADIUS MAC authentication on this port. The mode is triggered when a RADIUS MAC authentication request is received on the port. Use the Clear checkbox to reset mode to NORMAL.

  • NORMAL: RADIUS authentication is not in use on this port.

Clear checkbox: Resets mode to NORMAL.

Dot1x Auto Registration

Disabled by default. Automatic registration of a host based upon the user's 802.1x authentication with the RADIUS server. Upon successful 802.1x authentication, FortiNAC registers the host to the authenticated user prior to the network policy being determined.

Requirement: RADIUS request from Controller/Access Point must contain RADIUS Attribute 30 and include the port value

Port Changes

Click to display the Port Changes View.

Group Membership

Click to display Port Group Membership to view and modify the groups in which this port is a member.

Group Membership only appears if the user has permission to view group membership. If the user has permission to view but not modify group membership, the user cannot save changes to group membership.
Previous
Next