Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
JohnHogman
New Contributor

Created on ‎08-21-2024 05:33 AM

Dynamic VLANs on Fortigate ports with Radius

Hi,

 

Was wondering if it's possible to use Radius authentication on the Fortigate ports, and send back Dynamic VLANs from the Radius server?

I wan't to use the Fortigate ports as switched dot1x ports to authenticate different types of devices.

Labels:
931
0 Kudos
5 REPLIES 5
xshkurti
Staff
Staff

Created on ‎08-21-2024 07:53 AM Edited on ‎08-21-2024 07:54 AM

@JohnHogman 
You have some options depending on the infrastructure you are building.

1. How to configure 802.1x on the FortiGate ... - Fortinet Community this is to create dot1x on fortigate ports

2. Port-based 802.1X authentication | FortiGate / FortiOS 6.2.16 | Fortinet Document Library this is to use Switch-Controller to manage switch ports if you have some FortiSwitch in infrastructure.

Check the first link because it seems more like what you are looking for.

904
0 Kudos
JohnHogman
New Contributor
In response to xshkurti

Created on ‎08-22-2024 03:18 AM

Yes I have the dot1x and mac-auth working but it's the dynamic VLANs I don't get to work on the Fortigate interfaces.

 

To be clear, I'm not using Fortiswitch, Just the Fortigate.

830
0 Kudos
jguerra
Staff
Staff

Created on ‎08-21-2024 09:37 AM

Found some documentation about it but using the FortiGate in combination with a FortiSwitch or FortiAPs.  See below:
Dynamic VLAN 'Name' Assignment from RADIUS Attribute 
VLAN assignment by RADIUS | FortiAP / FortiWiFi 7.6.0 

897
0 Kudos
JohnHogman
New Contributor
In response to jguerra

Created on ‎08-22-2024 03:17 AM

Yes that's all I've found too, but not much on using the hardware switch in Fortigate for dot1x and dynamic VLANs.

834
0 Kudos
JohnHogman
New Contributor
In response to stuntstand1

Created on ‎08-22-2024 03:16 AM

Okey, Do you know what to send back from the Radius server to get the dynamic VLANs to work?

 

I have dot1x and mac-auth working already.

834
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.