Fortinet black logo

FortiSwitch Integration

Home FortiNAC-F 7.2.0 FortiSwitch Integration
7.2.0
7.4.0
7.2.0

Standalone Mode

Standalone Mode

FortiSwitches configured in standalone mode behave like typical network switches in FortiNAC. Management of endpoints connecting to the switches is accomplished using VLANs by assigning either ports or the endpoints themselves to VLANs according to their state within the FortiNAC system. As the state of an endpoint changes, its VLAN assignment is changed to reflect it.

FortiSwitch notifies FortiNAC of endpoint connectivity using either SNMP Traps or RADIUS. All other communication between FortiNAC and FortiSwitches occur using HTTPS (RESTful API). HTTPS access must be allowed on the FortiSwitch interface used to communicate to FortiNAC.

Device Support Methods (Standalone Mode)

Endpoint Connectivity Notification

Reading MAC Address Tables

(L2 Poll)

Reading IP Tables

(L3 Poll)

Reading VLANs

Switching VLANs

De-auth

SNMP MAC Notification Traps**

SNMP Link Traps

SSH (TCP 22)

REST API

SSH (TCP 22)

REST API

REST API

REST API

RADIUS

RADIUS Disconnect*

*Some FortiSwitch models (such as the 1xxE) do not support RADIUS CoA and Disconnect. Refer to the list of supported features in the FortiSwitch Release Notes in the Fortinet Document Library for more details. FortiNAC must disconnect (de-auth) in order to change network access.

**Requires specific FortiNAC software and FortiOS firmware versions.Click on the appropriate link below to begin configuration:

FortiSwitch FortiLink Integration

FortiSwitch Standalone Integration

Previous
Next

Standalone Mode

FortiSwitches configured in standalone mode behave like typical network switches in FortiNAC. Management of endpoints connecting to the switches is accomplished using VLANs by assigning either ports or the endpoints themselves to VLANs according to their state within the FortiNAC system. As the state of an endpoint changes, its VLAN assignment is changed to reflect it.

FortiSwitch notifies FortiNAC of endpoint connectivity using either SNMP Traps or RADIUS. All other communication between FortiNAC and FortiSwitches occur using HTTPS (RESTful API). HTTPS access must be allowed on the FortiSwitch interface used to communicate to FortiNAC.

Device Support Methods (Standalone Mode)

Endpoint Connectivity Notification

Reading MAC Address Tables

(L2 Poll)

Reading IP Tables

(L3 Poll)

Reading VLANs

Switching VLANs

De-auth

SNMP MAC Notification Traps**

SNMP Link Traps

SSH (TCP 22)

REST API

SSH (TCP 22)

REST API

REST API

REST API

RADIUS

RADIUS Disconnect*

*Some FortiSwitch models (such as the 1xxE) do not support RADIUS CoA and Disconnect. Refer to the list of supported features in the FortiSwitch Release Notes in the Fortinet Document Library for more details. FortiNAC must disconnect (de-auth) in order to change network access.

**Requires specific FortiNAC software and FortiOS firmware versions.Click on the appropriate link below to begin configuration:

FortiSwitch FortiLink Integration

FortiSwitch Standalone Integration

Previous
Next