Fortinet 548B User Manual
Page 632
- 632 -
802.1x Port Security Users The users you assigned to this login list on the Port Access Control
User Login Configuration screen - This list is used to authenticate the users for port access, using
the IEEE 802.1x protocol.
Command Buttons
Refresh - Update the information on the page.
11.2.3.15 Defining User Login Page
Each configured user is assigned to a login list that specifies how the user should be authenticated when
attempting to access the switch or a port on the switch. After creating a new user account on the User
Account screen, you should assign that user to a login list for the switch using this screen and, if
necessary, to a login list for the ports using the Port Access Control User Login Configuration screen. If
you need to create a new login list for the user, you would do so on the Login Configuration screen.
The pre-configured users, admin and guest, are assigned to a pre-configured list named defaultList,
which you may not delete. All newly created users are also assigned to the defaultList until you
specifically assign them to a different list.
A user that does not have an account configured on the switch is termed the 'default' or 'non-configured'
user. If you assign the 'non-configured user' to a login list that specifies authentication via the RADIUS
server, you will not need to create an account for all users on each switch. However, by default the
'non-configured user' is assigned to 'defaultList', which by default uses local authentication.
!
This page provides a user account (from those already created) to be added into the
Authentication List.
Selection Criteria
User - Select the user you want to assign to a login list. Note that you must always associate the
admin user with the default list. This forces the admin user to always be authenticated locally to
prevent full lockout from switch configuration. If you assign a user to a login list that requires remote
authentication, the user's access to the switch from all CLI, web, and telnet sessions will be blocked
until the authentication is complete. Refer to the discussion of maximum delay in the RADIUS
configuration help.
Configurable Data
Authentication List - Select the authentication login list you want to assign to the user for system
login.