Fortinet black logo

FortiGate VPN Integration

Home FortiNAC 9.4.0 FortiGate VPN Integration
9.4.0
9.4.0

Add Device Model

Add Device Model

  1. In the FortiNAC Administration UI, navigate to Network > Inventory.

  2. Discover or add the FortiGate using an IP address owned by the Management VDOM. Include the following:

    SNMP Settings: SNMP v1 or v3 credentials used for device discovery and ARP collection/L3 polling

    CLI Settings: Administrator account credentials used for API access.

    Instructions in the Administration Guide:

    Single device: Add or modify a device

    Multiple devices: Discovery

    Note: If a “?” appears as the icon, then support needs to be added for that device. See KB article Options for Devices Unable to Be Modeled in Topology for instructions.

  3. Once added, right click on the model and select Resync Interfaces. The ports will be listed under the Ports tab.

  4. Enable L3 Polling. Right click on the model in the left panel and select Group Membership.

  5. Check the box next to L3 Polling (IPàMAC) and click OK.

  6. Click the Polling tab.

    1. Check the box next to L2 (hosts) Polling. If configuring Device Detection traps, set the L2 (hosts) Polling value for 15 minutes.

    2. Check the box next to L3 (IPàMAC) Polling.

    3. Click Save.

      Once the FortiGate is discovered, new VPN interfaces in the Ports view will appear. The new interface is created for the FortiGate device model with the name format:

      <VDOM name>_<IPSEC_VPN or SSL_VPN>

  7. If utilizing the FortiGate REST API key (FortiNAC versions 8.8.3 and greater), login to the FortiNAC CLI as root and enter the following:

    Device -ip <FortiGate model IP> -SetAttr -name APIToken -value <API Key>

Previous
Next

Add Device Model

  1. In the FortiNAC Administration UI, navigate to Network > Inventory.

  2. Discover or add the FortiGate using an IP address owned by the Management VDOM. Include the following:

    SNMP Settings: SNMP v1 or v3 credentials used for device discovery and ARP collection/L3 polling

    CLI Settings: Administrator account credentials used for API access.

    Instructions in the Administration Guide:

    Single device: Add or modify a device

    Multiple devices: Discovery

    Note: If a “?” appears as the icon, then support needs to be added for that device. See KB article Options for Devices Unable to Be Modeled in Topology for instructions.

  3. Once added, right click on the model and select Resync Interfaces. The ports will be listed under the Ports tab.

  4. Enable L3 Polling. Right click on the model in the left panel and select Group Membership.

  5. Check the box next to L3 Polling (IPàMAC) and click OK.

  6. Click the Polling tab.

    1. Check the box next to L2 (hosts) Polling. If configuring Device Detection traps, set the L2 (hosts) Polling value for 15 minutes.

    2. Check the box next to L3 (IPàMAC) Polling.

    3. Click Save.

      Once the FortiGate is discovered, new VPN interfaces in the Ports view will appear. The new interface is created for the FortiGate device model with the name format:

      <VDOM name>_<IPSEC_VPN or SSL_VPN>

  7. If utilizing the FortiGate REST API key (FortiNAC versions 8.8.3 and greater), login to the FortiNAC CLI as root and enter the following:

    Device -ip <FortiGate model IP> -SetAttr -name APIToken -value <API Key>

Previous
Next