Fortinet black logo

Administration Guide

Home FortiNAC 9.4.0 Administration Guide

Add or modify a device

9.4.0
9.4.0
9.2.0
9.1.0
8.8.0
8.7.0
8.6.0
8.5.2
8.3.0
Copy Link
Copy Doc ID 3c991e35-cb27-11ec-81de-fa163e15d75b:614635
Download PDF

Add or modify a device

You can manually add devices to a container. This process adds a single SNMP-enabled device at a time. Devices may be configured for SNMPv1 or SNMPv3 communication.

Note

A device must be given a unique name in order to appear in Inventory. You cannot add devices with duplicate names.

Note

If your device has multiple interfaces, each with a different IP address that is configured with its own SNMP settings, multiple representations of the same device will be added to FortiNAC. FortiNAC does not consolidate the duplicates in this case.
Note

Discovering devices with sysNames containing multiple periods (FortiNAC versions 9.4.5 and greater):

By default, FortiNAC parses out the hostname by getting the first element after a split by "." (FQDN parsing).

Example: Device with sysName "NamePart1.NamePart2" would be added to Inventory as "NamePart1".

To preserve the full sysName during discovery, enable the GlobalOption tool prior to adding devices. In the CLI type

globaloptiontool -name networkDevice.preserveFullName -set true

Once enabled, FortiNAC will skip FQDN parsing during discovery and pull in the full sysName.
  1. Click Network > Inventory.
  2. Select the Container icon.
  3. Right-click a container and select Add Device or right-click on a device in the Devices Tab and select Modify.
  4. Click in the Add To Container field and select a container for this device. If the container you need does not exist, click the New icon and add the container first.
  5. Enter the IP address of the device.

  6. Select an SNMP protocol.

    For SNMPv1 communication, enter the security string to use when communicating with the device.

    Note

    If the device has multiple security strings, enter only the Read/Write security string. This is the string that will ensure that FortiNAC has the ability to control the device.

    For SNMPv3 communication enter the User Name, select the Authentication Protocol, and then enter the Authentication Password you used when you configured the device. For SNMPv3-AuthPriv, you must enter the Privacy Protocol and Privacy Password. These settings must match the corresponding settings on the device you are adding.

    Settings

    Field

    Definition

    SNMP Protocol

    Available options are AuthPriv or AuthNo Priv.

    User Name

    User Name for access to the device. Recommended but not required.

    Authentication Protocol

    Available options are:

    • MD5

    • SHA1

    • SHA224

    • SHA256

    • SHA384

    • SHA512 (Recommended)

    Authentication
    Password

    Specify password to match what the device is using.

    Privacy Protocol

    Available options are:

    • DES

    • Triple DES

    • AES-128

    • AES-192

    • AES-256 (Recommended)

    • AES-192 Cisco

    • AES-256 Cisco

    Privacy Password

    Specify password to match what the device is using.

    Note: Ensure that passwords are at least 8 characters in length. Please note that longer passwords with repetitive strings may result in exactly the same key. For example, a password 'fortfort' will result in exactly the same key as password 'fortfortfort'.

    If the device is configured for AuthPriv, the Authentication password, Privacy Protocol and Privacy password are required. If the device is configured for AuthNoPriv, only the Authentication password is required.

    In the CLI Settings section, enter the Username, Passwords and Protocol for CLI access to this device. FortiNAC requires CLI access to manage hosts on the device.

    CLI settings

    Field

    Definition

    User Name

    User name used to log on to the device for configuration.

    The user account must have the appropriate permissions configured on the device.

    For network devices using API credentials, the User Name is the serial number of the appliance.

    Password

    Password required to configure the device.

    For network devices using API credentials, the Password is the REST API Key.

    Enable Password

    Enable password for the device, if applicable.

    Note: Version 8.7.2 and higher: Arista switches can be configured to require typing "enable" to enter enable mode, but no password is needed. For such configurations, populate this field with the # character.

    Protocol Type

    Protocol used for communication with the device. Options include: Telnet, SSH1 and SSH2.
  7. Click Validate Credentials to test the CLI and SNMP credentials entered.
  8. Click OK.
  9. Go to the Model Configuration view for this device to complete the configuration. See Model configuration for instructions.
Previous
Next

Add or modify a device

You can manually add devices to a container. This process adds a single SNMP-enabled device at a time. Devices may be configured for SNMPv1 or SNMPv3 communication.

Note

A device must be given a unique name in order to appear in Inventory. You cannot add devices with duplicate names.

Note

If your device has multiple interfaces, each with a different IP address that is configured with its own SNMP settings, multiple representations of the same device will be added to FortiNAC. FortiNAC does not consolidate the duplicates in this case.
Note

Discovering devices with sysNames containing multiple periods (FortiNAC versions 9.4.5 and greater):

By default, FortiNAC parses out the hostname by getting the first element after a split by "." (FQDN parsing).

Example: Device with sysName "NamePart1.NamePart2" would be added to Inventory as "NamePart1".

To preserve the full sysName during discovery, enable the GlobalOption tool prior to adding devices. In the CLI type

globaloptiontool -name networkDevice.preserveFullName -set true

Once enabled, FortiNAC will skip FQDN parsing during discovery and pull in the full sysName.
  1. Click Network > Inventory.
  2. Select the Container icon.
  3. Right-click a container and select Add Device or right-click on a device in the Devices Tab and select Modify.
  4. Click in the Add To Container field and select a container for this device. If the container you need does not exist, click the New icon and add the container first.
  5. Enter the IP address of the device.

  6. Select an SNMP protocol.

    For SNMPv1 communication, enter the security string to use when communicating with the device.

    Note

    If the device has multiple security strings, enter only the Read/Write security string. This is the string that will ensure that FortiNAC has the ability to control the device.

    For SNMPv3 communication enter the User Name, select the Authentication Protocol, and then enter the Authentication Password you used when you configured the device. For SNMPv3-AuthPriv, you must enter the Privacy Protocol and Privacy Password. These settings must match the corresponding settings on the device you are adding.

    Settings

    Field

    Definition

    SNMP Protocol

    Available options are AuthPriv or AuthNo Priv.

    User Name

    User Name for access to the device. Recommended but not required.

    Authentication Protocol

    Available options are:

    • MD5

    • SHA1

    • SHA224

    • SHA256

    • SHA384

    • SHA512 (Recommended)

    Authentication
    Password

    Specify password to match what the device is using.

    Privacy Protocol

    Available options are:

    • DES

    • Triple DES

    • AES-128

    • AES-192

    • AES-256 (Recommended)

    • AES-192 Cisco

    • AES-256 Cisco

    Privacy Password

    Specify password to match what the device is using.

    Note: Ensure that passwords are at least 8 characters in length. Please note that longer passwords with repetitive strings may result in exactly the same key. For example, a password 'fortfort' will result in exactly the same key as password 'fortfortfort'.

    If the device is configured for AuthPriv, the Authentication password, Privacy Protocol and Privacy password are required. If the device is configured for AuthNoPriv, only the Authentication password is required.

    In the CLI Settings section, enter the Username, Passwords and Protocol for CLI access to this device. FortiNAC requires CLI access to manage hosts on the device.

    CLI settings

    Field

    Definition

    User Name

    User name used to log on to the device for configuration.

    The user account must have the appropriate permissions configured on the device.

    For network devices using API credentials, the User Name is the serial number of the appliance.

    Password

    Password required to configure the device.

    For network devices using API credentials, the Password is the REST API Key.

    Enable Password

    Enable password for the device, if applicable.

    Note: Version 8.7.2 and higher: Arista switches can be configured to require typing "enable" to enter enable mode, but no password is needed. For such configurations, populate this field with the # character.

    Protocol Type

    Protocol used for communication with the device. Options include: Telnet, SSH1 and SSH2.
  7. Click Validate Credentials to test the CLI and SNMP credentials entered.
  8. Click OK.
  9. Go to the Model Configuration view for this device to complete the configuration. See Model configuration for instructions.
Previous
Next