Technical Tip: Useful CLI commands in NAC-OS for t...

ebilcari · 05-14-2024

Description This article describes the cases when the network administrators want to be notified when a host is identified as an 'At Risk' state. In some environments where connectivity is important, the Scan remediation action can be configured to D...

ebilcari · 04-17-2024

Description This article describes how to upgrade a FortiNAC-F setup running NAC-OS using an interim build image. The procedure is used to upgrade the firmware to a version suggested and offered by the TAC support team, mainly for testing new feature...

ebilcari · 03-15-2024

Description This article describe how to use events and audit logs in cases when a new issue arises on an existing setup that was previously working normally. This also applies for an intermittent issue that appear at specific time only. Scope FortiN...

ebilcari · 02-18-2024

Description This article describes that in authentications that include MSCHAPv2, the Winbind tool needs to be configured and FortiNAC must be joined to the domain for the authentications to succeed. Scope FortiNAC, Windows Server AD. Solution In lat...

ebilcari · 02-16-2024

Description This article describes that since the product FortiNAC Analytics Reporting is discontinued, FortiAnalyzer is recommended as a reporting platform. These details are covered in the Administration guide. Scope FortiNAC, FortiAnalyzer. Soluti...

ebilcari · 05-25-2024

The common used protocol for authenticating using user credentials is PEAP. You have to pay attention to the server certificate verification that need to be trusted from the phone. Either a public signed certificate (trusted by default) or from a pri...

ebilcari · 05-25-2024

You can still run the snmpwalk command in NAC-OS after entering shell access: fnacl74 # exe enter fnacl74:~$ snmpwalkUSAGE: snmpwalk [OPTIONS] AGENT [OID] You can gather more information by enabling the SNMP debug: # diagnose debug plugin enable Snmp...

ebilcari · 05-25-2024

As I am aware there is no limitation for android devices to use WPA2/3 for both Personal (PSK) and Enterprise. It may require some extra configurations but it's doable. What issues are you facing? This AP supports up to 8 SSIDs so you can create mult...

ebilcari · 05-23-2024

As I know you can't use NAT with DHCP helper. The DHCP request should be sourced by the Gateway of the hosts. That source IP is used by the DHCP server to find the right pool of addresses to offer the lease. The DHCP helper role need to be configured...

ebilcari · 05-23-2024

It looks like the switch is refusing it beacuse it doesn't find a current session for that MAC address. Maybe it doesn't like the format of the MAC address (dashed). You can try sending a manual CoA from FNAC CLI with the command: > sendcoa -ip x.x.x...

User Statistics

User Activity

Technical Tip: Notify when a host is at risk state

Technical Tip: How to upgrade the firmware using an interim build image

Troubleshooting Tip: Using Events and Audit logs to identify configuration changes or new issues

Technical Tip: Create and use a Keytab file to join FortiNAC in the domain

Technical Tip: Create FortiAnalyzer reports from FortiNAC data

Re: WPA2 Enterprise - Android Problem

Re: SNMP V3 ERROR ABOUT CISCO SWITCH

Re: WPA2 Enterprise - Android Problem

Re: Routing Problem to DHCP Relay

Re: FortiNAC Disconnect Message Session context not found

Technical Tip: Useful CLI commands in NAC-OS for t...

Technical Tip: An example of a simple network depl...

Re: FortiNAC deployment

Re: Inter VLAN routing

Re: fortiswitch ring topology with different model

Re: FortiNAC Port configured for dot1x and portal ...

Re: Fortinac local radius EAP-PEAP based authentic...

Re: How to create 1 Wan with 2 Lan Trunk

Re: How to enable a "Log violation traffic" in DEN...

Re: 2 separate SSLVPNs with 2 separate SSL certifi...

KCS