Skip to main content
Mohamed_h
Mohamed_h
New Member
June 17, 2026
Question

how to authenticate IP phones in FortiNAC using local database of registered hosts

  • June 17, 2026
  • 2 replies
  • 14 views

now i have situation i want to register ip phones in my company manually and if there is no registered ip phone  as rogue i mean so i need to block its traffic but doesn’t block data traffic behind it how to achieve this using fortinac?

2 replies

AEK
SuperUser
AEK
SuperUser
June 17, 2026

As far as I know (but need double-check) FNAC doesn’t have control over IP phones if you define voice VLAN in the device modeling.

If you plug your IP phone in a trunk port where voice VLAN is enabled then it should not be isolated.

But in case you plug a rogue IP phone in an access port controlled by FNAC then naturally it is isolated as any other rogue device.

AEK
    ndumaj
    Staff
    ndumaj
    Staff
    June 18, 2026

    Hi ​@Mohamed_h 

    FortiNAC's focus is on endpoints daisy-chained to the phone.
    By default, FortiNAC does not provision voice VLANs when an IP phone connects.

    Please check the guide:
    https://docs.fortinet.com/document/fortinac-f/7.6.0/ip-phone-integration/323994/ip-phones-using-tagged-voice-vlans

    Tha    nks

      Terms & ConditionsAccessibility statement