FortiNAC-F is a zero-trust network access solution that provides users with enhanced visibility into the Internet of Things (IoT) devices on their enterprise networks. For legacy FortiNAC articles prior to FortiNAC-F 7.2, see FortiNAC.
This article describes how to access the Secondary FortiNAC-F Server GUI in HA mode with shared IP.
Scope
Version: FortiNAC-F/FortiNAC-OS 7.2.0 and greater.
Solution
On the HA FortiNAC-OS system with VIP, the Secondary Server by default is not accessible via (HTTPS) port 8443 unless a fail-over occurs.
The behavior occurs with appliances configured for High Availability with a Shared IP /Virtual IP address. In order to access Secondary Server Configuration Wizard admin UI web service must be started manually.
Start the web service. Type:
execute enter-shell
sudo systemctl start nac-secondary-admingui
Access the Secondary Server Configuration Wizard using the following URL:
https://<Secondary Server name or IP>:8443
Navigate to System -> Config wizard.
After the configuration wizard is reachable and changes are complete, stop the web service in the Secondary Server CLI.
sudo systemctl stop nac-secondary-admingui
Important: If the service is not stopped, the UI will not be accessible on fail-over, a GUI message 'System processes are down' will appear.
Note: For appliances running FortiNAC CentOS, see the article 224636.
