Description
This article describes how to solve an issue where FortiSwitch fails to move rogue switches to the registration VLAN.
Scope
All supported versions of FortiNAC.
Solution
When a switch fails to move rogues to the registration VLAN, check the following:
- SNMP v1 link state or Mac Notification traps are being sent by the switch to FortiNAC.
- Traps are being sent from the same IP address as is modeled in inventory view (Elements tab).
- The switch model configuration is set up with the Registration VLAN defined.
- The VLAN defined in the model configuration is created in the switch.
- Topology Port View in FortiNAC shows the host connected to the correct port.
- The host displays as a rogue in FortiNAC.
- Communication is successful (SNMP and SSH) between FortiNAC and the switch. (Validate Credentials)
- Port is in Forced Registration Group.
See this article for more information about Wired Enforcement groups.