Fortinet black logo

ExtremeCloud/Aerohive Wireless Integration

Home FortiNAC 9.4.0 ExtremeCloud/Aerohive Wireless Integration
9.4.0
9.4.0
9.2.0
9.1.0

Step 8: Enable Enforcement

Step 8: Enable Enforcement

To place SSIDs under FortiNAC’s control, assign VLANs and enable enforcement for the various host states. This can be done in two ways

  • Per Device Model – Applies to all SSIDs belonging to that model, unless there is a custom configuration applied to the SSID.

  • Per SSID – Applies to the specific SSID. Can use configuration set in the model as well as custom configurations specific to the SSID.

Important:

  • Always validate behavior on a test SSID first.

  • The RADIUS Secret used must be exactly the same on the wireless device, on the RADIUS server and in the FortiNAC software under RADIUS Settings and Model Configuration.

  1. Under Network > Inventory select the device model and click Model Configuration.

  2. Fill in the fields as appropriate for the below sections. For details on each option see Model configuration in the Administration Guide.

    • RADIUS

      If RADIUS Mode = Local: Set Attribute Group to the group previously configured (ExtremeCloud or Aerohive)

    • Detail Configuration - Wireless AP Preferred Container

  3. Click Save.

  4. Click the Read VLANs or Read Roles button. This does the following:

    • Populates the drop-down lists for the different connection states, such as Registration. Data in the drop-down lists represents the roles or VLANs created on the device.

    • Discovers the Access Points managed by the WLC and places them in the Preferred Container field.

  5. Set the Access Enforcement and Access Value for each Logical Network.

    If configuring a specific SSID, see SSID configuration in the Administration Guide.

Click Save.

Previous
Next

Step 8: Enable Enforcement

To place SSIDs under FortiNAC’s control, assign VLANs and enable enforcement for the various host states. This can be done in two ways

  • Per Device Model – Applies to all SSIDs belonging to that model, unless there is a custom configuration applied to the SSID.

  • Per SSID – Applies to the specific SSID. Can use configuration set in the model as well as custom configurations specific to the SSID.

Important:

  • Always validate behavior on a test SSID first.

  • The RADIUS Secret used must be exactly the same on the wireless device, on the RADIUS server and in the FortiNAC software under RADIUS Settings and Model Configuration.

  1. Under Network > Inventory select the device model and click Model Configuration.

  2. Fill in the fields as appropriate for the below sections. For details on each option see Model configuration in the Administration Guide.

    • RADIUS

      If RADIUS Mode = Local: Set Attribute Group to the group previously configured (ExtremeCloud or Aerohive)

    • Detail Configuration - Wireless AP Preferred Container

  3. Click Save.

  4. Click the Read VLANs or Read Roles button. This does the following:

    • Populates the drop-down lists for the different connection states, such as Registration. Data in the drop-down lists represents the roles or VLANs created on the device.

    • Discovers the Access Points managed by the WLC and places them in the Preferred Container field.

  5. Set the Access Enforcement and Access Value for each Logical Network.

    If configuring a specific SSID, see SSID configuration in the Administration Guide.

Click Save.

Previous
Next