Description This article describes how FortiNAC administrators can
create custom web pages in order to provide remediation steps to end
users who have failed custom scans in the matching compliance
configuration. Scope FortiNAC-F, FortiNAC. Solution ...
Description This article provides examples of which tools can be
leveraged in FortiNAC-F to classify IoT/OT devices. Scope FortiNAC-F,
FortiNAC. Solution The device profiler feature in FortiNAC is used to
classify unknown (rogue) devices by using mul...
Description This article describes how we can leverage the 'Security
Access Value' User attribute to apply control through NAC policies in
addition to using the group membership and roles as criteria. Scope
FortiNAC-F, FortiNAC. Solution The 'Securit...
Description This article describes how to resolve the synchronization
issue after enabling the FortiNAC control Manager proxy configuration.
Scope FortiNAC-M, FortiNAC, SQUID. Solution The Control Manager proxy
configuration limits the FortiNAC serve...
Description This article describes the options in FortiNAC endpoint
compliance configuration that allows administrators to Restrict Host
connections to only whitelisted SSIDs/APs and additionally check for
Dual Homes connections when there are multip...
Hi jlb_ can you try to enter following Header:
X-GoogApps-Allowed-Domains Then in the header content add only the
corporate domains.
https://support.google.com/a/answer/1668854?hl=en#zippy=%2Cstep-configure-the-network-to-block-certain-accounts
Regar...
Hi seuledr6616, the ZTNA Server is configuration defines your access
proxy GW (FortiGate) and additionally it contains the service/server
mappings. So it is made of 2 elements. 1.Access proxy VIP - Where
clients will make the HTTPS connection.(fortig...
Hi jammac, you might refer to following doc/articles. 1. Rule matching
and policy processing
https://docs.fortinet.com/document/fortigate/6.0.0/handbook/237189/proxy-authentication
2. Wad debugging for Explicit proxy
https://community.fortinet.com/t5...
One thing to keep in mind when replacing devices in FortiNAC inventory
is that you need to delete the old modeling. Even if it is exactly the
same device type or model. Best practices in such cases explained here:
https://community.fortinet.com/t5/Fo...
Hi axool, in such cases the validity of the Cookie is configured in the
SAML IDP. The cookie is saved by FortiClient in
C:\Users\fortinet\AppData\Local\FortiClient and the user will not be
prompted to login again as long as the cookie is there. You c...