I am looking to upgrade the firmware on my 300D and have been reading through the release notes. There is one section I am hoping to get some clarification on.
Under the Upgrade Information section there is a little note:
After upgrading, if FortiLink mode is enabled, you must manually create an explicit firewall policy to allow RADIUS traffic for 802.1x authentication from the FortiSwitch (such as from the FortiLink interface) to the RADIUS server through the FortiGate.
I have fortilink mode enabled but I haven't configured any 802.1x settings at all. We have a FortiAuthenticator that we use for SSL-VPN but otherwise I don't believe we are using the RADIUS server for anything else.
Has anyone else had issues with the upgrade in regards to these settings? What did you have to do and what did your policy look like.
Any help or advice would be greatly appreciated.
Our network is fairly small, only about 100 users with around 8 switches.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
BBOUCHER wrote:I am looking to upgrade the firmware on my 300D and have been reading through the release notes. There is one section I am hoping to get some clarification on.
Under the Upgrade Information section there is a little note:
After upgrading, if FortiLink mode is enabled, you must manually create an explicit firewall policy to allow RADIUS traffic for 802.1x authentication from the FortiSwitch (such as from the FortiLink interface) to the RADIUS server through the FortiGate.
I have fortilink mode enabled but I haven't configured any 802.1x settings at all. We have a FortiAuthenticator that we use for SSL-VPN but otherwise I don't believe we are using the RADIUS server for anything else.
Has anyone else had issues with the upgrade in regards to these settings? What did you have to do and what did your policy look like.
Any help or advice would be greatly appreciated.
Our network is fairly small, only about 100 users with around 8 switches.
Hi there,
The potential reason of that issue is because FortiAuthenticator is moving down to FSW. So for allowing traffic passing from fortilink to the gateway port of the FGT, you would need to configure an explicit firewall policy from the fortilink interface, to allow Radius traffic.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1733 | |
1106 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.