Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
JohnHogman
New Contributor

Dynamic VLANs on Fortigate ports with Radius

Hi,

 

Was wondering if it's possible to use Radius authentication on the Fortigate ports, and send back Dynamic VLANs from the Radius server?

I wan't to use the Fortigate ports as switched dot1x ports to authenticate different types of devices.

5 REPLIES 5
xshkurti
Staff
Staff

@JohnHogman 
You have some options depending on the infrastructure you are building.

1. How to configure 802.1x on the FortiGate ... - Fortinet Community this is to create dot1x on fortigate ports

2. Port-based 802.1X authentication | FortiGate / FortiOS 6.2.16 | Fortinet Document Library this is to use Switch-Controller to manage switch ports if you have some FortiSwitch in infrastructure.

Check the first link because it seems more like what you are looking for.

JohnHogman

Yes I have the dot1x and mac-auth working but it's the dynamic VLANs I don't get to work on the Fortigate interfaces.

 

To be clear, I'm not using Fortiswitch, Just the Fortigate.

jguerra
Staff
Staff

Found some documentation about it but using the FortiGate in combination with a FortiSwitch or FortiAPs.  See below:
Dynamic VLAN 'Name' Assignment from RADIUS Attribute 
VLAN assignment by RADIUS | FortiAP / FortiWiFi 7.6.0 

JohnHogman

Yes that's all I've found too, but not much on using the hardware switch in Fortigate for dot1x and dynamic VLANs.

JohnHogman

Okey, Do you know what to send back from the Radius server to get the dynamic VLANs to work?

 

I have dot1x and mac-auth working already.

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors