FortiLAN
This feature can be found in Network > Service Connectors > FortiLAN.
FortiAP has three wireless management topologies (integrated via FortiGate, FortiLAN Cloud, or dedicated controller), currently FortiNAC is supporting the first two topologies:Integrated via Fortigate and FortiLAN Cloud.
FortiLAN Cloud is a unified management platform for standalone FortiAP and FortiSwitch deployments. When FortiAPs are registered with FortiLAN Cloud, wireless configurations and endpoint discovery are managed by the FortiLAN Cloud. This allows users to manage FortiAP's without requiring a FortiGate
Configure FortiLAN Cloud integration on FortiNAC
To build a connection between FortiNAC and FortiLAN Cloud, a FortiLAN service connector will be required.
After the FortiLAN Cloud account has been added to FortiNAC service connector, FortiNAC will be able to support endpoint visibility and access control.
Steps
-
Go to Network > Service Connectors. Click Create New and add FortiLAN as a service connector.
-
Configure the following:
Field Description Connector settings Name You can specify this service connector name here. API URL The URL for the FortiLAN Cloud service, the default is used for local/US-based customers. User Type Choose user type on FortiLAN Cloud. (Email, IAM, API) Account ID FortiLAN account ID. Note: Account ID can be found on the right side of the dashboard. 
User ID FortiLAN Cloud user account Password FortiLAN Cloud user password Connect
Click to check connection status.
Discovery settings
Container Click the dropdown list to choose an existing container or leave it empty. If it is left empty, a container called “FortiLAN Cloud” will be generated automatically. Managed Networks Type the network in FortiLAN Cloud that needs to be managed. Enable Automatic polling Automatic poll service connector to update network, AP, SSID info. The default automatic polling interval is 1 hour. Advanced settings
Connect Timeout:
Total time to wait to connect to FortiLAN Cloud (defaults is 10 secs).
Read Timeout
Total time to wait for FortiLAN Cloud to respond (defaults is 10 secs).
Debug
Enables debug for this service connector.
Your FortiLAN Cloud Service Connector should be created.
Inventory
Once the service connector has been successfully created and polled, the container with managed FortiLAN network and AP as well as SSIDs will be discovered and shown in Network > Inventory.
SSID can be configured by double clicking on the SSID.
VLAN's can be created on FortiNAC. After polling, it will automatically be added to the FortiLAN Cloud network model as virtual ports.
To create and assign a VLAN on FortiNAC
-
To create VLAN on FortiNAC, navigate to Network > Inventory, right click the FortiLAN Cloud network, choose Model Configuration.
(optional) Model configuration can also be entered here in SSID configuration.
-
In Model configuration, click Add under Access Enforcement Descriptions and enter the VLAN ID to add additional access values.
-
Navigate to FortiLAN Cloud network, choose the SSID and double click it; after polling, access values can be chosen for different host state.
Additional features
Test connector status and Poll FortiLAN Cloud
Once the service connector has been created successfully, the user can right click to edit the current configurations, delete the service connector, or poll and test connection.
Steps
-
Go to Network > Service Connectors, where the FortiLAN Cloud should be visible.
-
Right click Test Connection to test if the FortiLAN Cloud account has been added successfully.
-
Click Poll for FortiLAN Cloud network, AP and SSID changes.
|
See the FortiLAN Cloud Integration Guide. |