Description
For new installs and upgrades from older than 8.2, the 'Default UDP' Persistent Agent Transport Configuration (UDP 4567) is disabled.
Communication will no longer work properly for agents that use both TCP 4568 and UDP 4567. This includes:
- Agent versions 3.x and 4.x.
- Agents with the Security Persistent Agent setting disabled.
The Security setting is modified through GPO or software management program.
Refer to the following sections in the Online Help or Administration and Operation guide in the Fortinet Document Library for more information:
Configure the Persistent Agent on Windows Hosts
Configure the Persistent Agent on Mac OS X Hosts
Configure the Persistent Agent on Linux Hosts
Contact Support if assistance is required to verify this setting.
Scope
Version: 8.1 and below.
Solution
Once upgraded, re-enable the Default UDP Transport Configuration to allow FortiNAC
to communicate over UDP 4567:
1) In the Admin UI, navigate to...
Version 8.x: Settings -> Persistent Agent -> Transport Configuration.
Version 9.x: System -> Settings -> Persistent Agent -> Transport Configuration.
2) Under Packet Transport Configurations panel, select 'Add'.
3) Fill in the fields with the values below:
Name: Default UDP
Bind to Address: (leave blank)
Port: 4567
Maximum Incoming Packets to Queue: 10000
Transport Type: UDP
) To apply changes, select 'Reload Services'.
This information can also be found in the Upgrade Instructions and Considerations section of the Release Notes in the Fortinet Document Library.
