Hi,
Was wondering if it's possible to use Radius authentication on the Fortigate ports, and send back Dynamic VLANs from the Radius server?
I wan't to use the Fortigate ports as switched dot1x ports to authenticate different types of devices.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
@JohnHogman
You have some options depending on the infrastructure you are building.
1. How to configure 802.1x on the FortiGate ... - Fortinet Community this is to create dot1x on fortigate ports
2. Port-based 802.1X authentication | FortiGate / FortiOS 6.2.16 | Fortinet Document Library this is to use Switch-Controller to manage switch ports if you have some FortiSwitch in infrastructure.
Check the first link because it seems more like what you are looking for.
Yes I have the dot1x and mac-auth working but it's the dynamic VLANs I don't get to work on the Fortigate interfaces.
To be clear, I'm not using Fortiswitch, Just the Fortigate.
Found some documentation about it but using the FortiGate in combination with a FortiSwitch or FortiAPs. See below:
Dynamic VLAN 'Name' Assignment from RADIUS Attribute
VLAN assignment by RADIUS | FortiAP / FortiWiFi 7.6.0
Yes that's all I've found too, but not much on using the hardware switch in Fortigate for dot1x and dynamic VLANs.
Okey, Do you know what to send back from the Radius server to get the dynamic VLANs to work?
I have dot1x and mac-auth working already.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1518 | |
1018 | |
749 | |
443 | |
209 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.