Description This article describes the cases when the network
administrators want to be notified when a host is identified as an 'At
Risk' state. In some environments where connectivity is important, the
Scan remediation action can be configured to D...
Description This article describes how to upgrade a FortiNAC-F setup
running NAC-OS using an interim build image. The procedure is used to
upgrade the firmware to a version suggested and offered by the TAC
support team, mainly for testing new feature...
Description This article describe how to use events and audit logs in
cases when a new issue arises on an existing setup that was previously
working normally. This also applies for an intermittent issue that
appear at specific time only. Scope FortiN...
Description This article describes that in authentications that include
MSCHAPv2, the Winbind tool needs to be configured and FortiNAC must be
joined to the domain for the authentications to succeed. Scope FortiNAC,
Windows Server AD. Solution In lat...
Description This article describes that since the product FortiNAC
Analytics Reporting is discontinued, FortiAnalyzer is recommended as a
reporting platform. These details are covered in the Administration
guide. Scope FortiNAC, FortiAnalyzer. Soluti...
The common used protocol for authenticating using user credentials is
PEAP. You have to pay attention to the server certificate verification
that need to be trusted from the phone. Either a public signed
certificate (trusted by default) or from a pri...
You can still run the snmpwalk command in NAC-OS after entering shell
access: fnacl74 # exe enter fnacl74:~$ snmpwalkUSAGE: snmpwalk [OPTIONS]
AGENT [OID] You can gather more information by enabling the SNMP debug:
# diagnose debug plugin enable Snmp...
As I am aware there is no limitation for android devices to use WPA2/3
for both Personal (PSK) and Enterprise. It may require some extra
configurations but it's doable. What issues are you facing? This AP
supports up to 8 SSIDs so you can create mult...
As I know you can't use NAT with DHCP helper. The DHCP request should be
sourced by the Gateway of the hosts. That source IP is used by the DHCP
server to find the right pool of addresses to offer the lease. The DHCP
helper role need to be configured...
It looks like the switch is refusing it beacuse it doesn't find a
current session for that MAC address. Maybe it doesn't like the format
of the MAC address (dashed). You can try sending a manual CoA from FNAC
CLI with the command: > sendcoa -ip x.x.x...