Help
FortiNAC
NOTE: FortiNAC is now named FortiNAC-F. For post-9.4 articles, see FortiNAC-F. FortiNAC is a zero-trust network access solution that provides users with enhanced visibility into the Internet of Things (IoT) devices on their enterprise networks.
FortiKoala
Staff
Staff

Created on ‎09-27-2018 08:28 AM Edited on ‎03-24-2023 06:05 AM By Moderator

Article Id 198447

Troubleshooting Tip: FortiNAC fails to move rogue switches to registration VLAN

Description

 
This article describes how to solve an issue where FortiSwitch fails to move rogue switches to the registration VLAN.


Scope

 

All supported versions of FortiNAC.


Solution

 

When a switch fails to move rogues to the registration VLAN, check the following:
- SNMP v1 link state or Mac Notification traps are being sent by the switch to FortiNAC.
- Traps are being sent from the same IP address as is modeled in inventory view (Elements tab). 
- The switch model configuration is set up with the Registration VLAN defined.
- The VLAN defined in the model configuration is created in the switch.
- Topology Port View in FortiNAC shows the host connected to the correct port.
- The host displays as a rogue in FortiNAC.
- Communication is successful (SNMP and SSH) between FortiNAC and the switch. (Validate Credentials)
- Port is in Forced Registration Group.
 
See this article for more information about Wired Enforcement groups.
479
0 Kudos
Submit Article Idea
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.