Help
FortiNAC
NOTE: FortiNAC is now named FortiNAC-F. For post-9.4 articles, see FortiNAC-F. FortiNAC is a zero-trust network access solution that provides users with enhanced visibility into the Internet of Things (IoT) devices on their enterprise networks.
cmaheu
Staff
Staff

Created on ‎05-29-2020 12:56 PM Edited on ‎04-08-2022 09:21 AM By Anonymous

Article Id 196809

Technical Tip: Unable to connect to FortiAnalyzer

Description

This article describes how to troubleshoot connection failures with FortiAnalyzer.

For configuration instructions, refer to the FortiAnalyzer Device Integration reference manual in the Fortinet Document Library.

 
Scope
Version: 8.7 and above.

Solution
1) (Version 8.7 only) Verify the serial numbers defined in both products are correct. 
  • In FNAC, verify FAZ serial number under System -> Settings -> System Communication -> Log Receivers
  • In FAZ, verify FNAC serial number under System Settings -> FNAC ADOM -> Device Manager.
If there is a mismatch between the actual number and the one configured, the connection will not complete.
 
2) Enable debug in the appliance CLI to collect additional information. 
a) Login to the server CLI as root and type
nacdebug –name OFTPPlugin true
cd /bsc/logs

b)  Start tailing the master log and send output to a separate file.  Type
tail -F output.master | tee FAZConn.txt

c) Wait several minutes and look for 'yams.fortinet.oftp' messages indicating connection attempts.

Example:
yams.fortinet.oftp INFO :: 2020-05-01 13:50:59:011 :: /xx.xx.xx.xx:514 connected!
yams.fortinet.oftp WARNING :: 2020-05-01 13:50:59:174 :: Serial number mismatch!
yams.fortinet.oftp INFO :: 2020-05-01 13:50:59:174 :: /xx.xx.xx.xx:514 disconnected!

d) Use Ctrl-C to stop tail.

e) Disable debug.  Type
nacdebug –name OFTPPlugin false
3)  Capture the appliance's license information. Type
licensetool | tee licensetool.txt
 
4) Verify output shows license file contains certificates.  For details see the related KB article Technical Tip: Certificates not included in license keys.   
 
5)  If the serial number mismatch message is present, see the related KB article Technical Tip: Unable to connect to FortiAnalyzer due to serial number mismatch.  Otherwise, download FAZConn.txt from the appliance using SCP protocol via WinSCP or a similar application.

6)  For additional assistance, open a support ticket and include the following:
  • FAZConn.txt file (may have to be zipped depending upon the size)
  • licensetool.txt
  • Screen captures of the configuration for both FortiNAC and FortiAnalyzer
  • FortiNAC version
  • FortiAnalyzer version
 

If more information is required, the debug level can be changed to a more verbose setting. Type

nacdebug –name OFTPPlugin true
nacdebug -loader MasterLoader -logger yams.fortinet.oftp -level FINE

 

To un-set the log level and disable debug:

nacdebug -logger yams.fortinet.oftp
nacdebug –name OFTPPlugin false

Labels:
11221
0 Kudos
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.