Description | This article describes how to understand the reason for seeing 'CONN_DENY' in agent logs. |
Scope | FortiNAC Persistent Agent: 5.x, 9.x & 10.x. |
Solution |
2024-04-16 15:03:58 UTC :: Peer name "nacnac.corp.fortinet.com" matches "nacnac.corp.fortinet.com"
This indicates the agent has successfully connected to a FortiNAC server and completed the certificate exchange. However, the server is refusing the connection. The server is denying the connection due to 'Require Connected Adapter' being enabled on the server and due to that server not seeing the physical adapter as online and connected to a network device managed by that server. If multiple servers are configured, this may be expected as the host is attempting to connect to a server in which the endpoint is not connecting to a managed network device at that location.
|
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.