FortiNAC
NOTE: FortiNAC is now named FortiNAC-F. For post-9.4 articles, see FortiNAC-F. FortiNAC is a zero-trust network access solution that provides users with enhanced visibility into the Internet of Things (IoT) devices on their enterprise networks.
FortiKoala
Staff
Staff
Article Id 195587
Description
The following symptoms are experienced...
  • Registered host not getting an IP address from the correct production network.
  • The host does not match the correct network access policy.  This can be validated in Hosts > Host View.  (Right click on host record and select Policy Details.  Host must be online for accurate results).
  • The host is assigned the default VLAN (this occurs when host does not match any network access policy).
One of the most common reasons why hosts do not match a location based network access policy is
because the switch/port/SSID/AP has not been added to the location group in the user host profile.

Solution
Add the switch/port/SSID/AP to the location group.
1.  Navigate to Policy > Policy Configuration.
2.  Click on Network Access.
3.  Select the Network Access Policy and click Modify.
4.  Click the Modify icon for the User/Host profile (pencil and paper).
5.  Next to the Where (Location): field, click the Select... button.
6.  If the appropriate location group is already under Selected Groups, click on the group and click Modify Group and add the switch/port/SSID/AP.  
7.  Click OK to save changes.

Review Policy Details in Host View to validate the host matches the policy.



Related Articles

Troubleshooting Tip: VLANs not changing on a wired switch

Contributors