Help
FortiNAC-F
FortiNAC-F is a zero-trust network access solution that provides users with enhanced visibility into the Internet of Things (IoT) devices on their enterprise networks. For legacy FortiNAC articles prior to FortiNAC-F 7.2, see FortiNAC.
cmaheu
Staff
Staff

Created on ‎08-15-2024 07:26 PM

Article Id 333595

Technical Tip: Access Point management removed in version F 7.6

Description

This article describes alternative options for customers currently using Access Point Management. This feature is not supported as of FortiNAC version F 7.6.0. Customers must move to an alternative solution prior to upgrade.
Scope

FortiNAC versions 8.x, 9.x, F7.2, F7.4.
Solution

Environments where VLANs are not configured for isolation.

 

FortiNAC can provision network access for endpoints whose traffic is controlled by firewall policies instead of changing VLANs. See the applicable reference manual below:

 

Environments where FortiNAC does not support the network device:

 

Since Access Point Management was introduced, new options have become available that allow unsupported network devices to take advantage of FortiNAC’s security features.

 

Set Device Mapping:  If a device’s System SNMP OID is not recognized, the device will not match any device mapping in FortiNAC. Functions necessary for managing the device will be unable to execute. If the device’s CLI and OID structure are the same as a model with a device mapping, then the unknown device can be set to use the same mapping. For details, see Set device mapping for unknown SNMP devices in the Administration Guide.

 

Generic SNMP: This option can be used if it’s not possible to set the device mapping but the device supports standard OIDs. Specific OIDs enable FortiNAC to perform the functions required for managing the device. For details, see Update device mapping in the Administration Guide.

 

Generic RADIUS (wired devices only): It is possible to configure FortiNAC to control network access for authenticating clients without specific RADIUS support for the managed switch. Version F 7.4.0 introduced the ability to customize the RADIUS attributes returned by FortiNAC in the access accept and disconnect packets. See Attribute Groups in the Administration Guide.

 

Request Support via New Feature Request (NFR):

If the above three options do not provide FortiNAC full management functionality, then a New Feature Request for device support should be submitted. Generic SNMP or Generic RADIUS can be used as either a temporary work around while waiting for support to be added or as a permanent solution if device support is not possible. For details on collecting the appropriate information when requesting device support, see Technical Tip: Information to provide when requesting device support.
275
0 Kudos
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.