FortiNAC config RADIUS/syslog/L2 MAC traps

Forum|Forum|4 months ago
February 10, 2026
1 reply
141 views

Hello everyone,

While reading this article "FortiSwitch FortiLink Integration" and to be more specific, the RADIUS/syslog/L2 MAC traps config, there is always a note saying to skip the step if you configured one of the three. I do understand that L2 MAC traps is the most recommended, but I wanna know why can't we use two together, is it to optimise performances ?

Thanks in advance.

BR,

Best answer by ebilcari

The first reason is performance, because FNAC needs to reevaluate hosts each time an update is received from the managed network devices. The second reason is the enforcement result, if FNAC is notified multiple times for the same host (within a few seconds), a race condition may be triggered, causing the host to flap between networks or fail to receive the correct policy.

ebilcariAnswer

Staff

The first reason is performance, because FNAC needs to reevaluate hosts each time an update is received from the managed network devices. The second reason is the enforcement result, if FNAC is notified multiple times for the same host (within a few seconds), a race condition may be triggered, causing the host to flap between networks or fail to receive the correct policy.

Emirjon

ByteHavenAuthor

Explorer III

Thank you for the explanation, Emirjon.

BR,

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded