Help
FortiNAC-F
FortiNAC-F is a zero-trust network access solution that provides users with enhanced visibility into the Internet of Things (IoT) devices on their enterprise networks. For legacy FortiNAC articles prior to FortiNAC-F 7.2, see FortiNAC.
jhilman
Staff
Staff

Created on ‎02-05-2025 07:44 AM

Article Id 373462

Technical Tip: How to get VLAN changes to work with Ubiquiti Unifi switches

Description

This article describes how to fix the device model for the Unifi series of Ubiquiti switches. The existing telnet mib for the Ubiquiti line of switches is the Unifi.mib file and exists in the /bsc/CampusMgr/MasterLoader/TelnetMibs directory. 

 

This MIB file as it exists by default, is suitable for the older Ubiquiti edgeOS series switches, and needs to be edited to make the SSH CLI function properly with the Unifi series switches.  This is needed to send the VLAN change instructions to the switch when a change is appropriate.
Scope FortiNAC v7.X.
Solution

To make the necessary edits, open the MIB file in vi using the FortiNAC CLI.
First, run the command, execute enter-shell then, open the file in vi using the command vi /bsc/campusMgr/master_loader/telnetMibs/Unifi.mib.

 

Once the file is open, drop to the lines that are commented on and remove the comments.

 

TELNET_PARAMETERS=
{
WAITFOR=PARAM.USER_WAITFOR
WRITE_HIDDEN=PARAM.USER
WAITFOR=password:
WRITE_HIDDEN=PARAM.PASSWORD
WAITFOR=PARAM.ENABLE_WAITFOR_1
WRITE=PARAM.ENABLE_WRITE
WAITFOR=PARAM.ENABLE_WAITFOR_2
WRITE_HIDDEN=PARAM.ENABLE
WAITFOR=#
//WRITE=telnet localhost
//WAITFOR=>
//WRITE=en
//WAITFOR=#
WRITE=terminal length 0
WAITFOR=#
}

 

Once the required changes to uncomment out the four commented lines are completed, The section should look like the following:

 

TELNET_PARAMETERS=
{
WAITFOR=PARAM.USER_WAITFOR
WRITE_HIDDEN=PARAM.USER
WAITFOR=password:
WRITE_HIDDEN=PARAM.PASSWORD
WAITFOR=PARAM.ENABLE_WAITFOR_1
WRITE=PARAM.ENABLE_WRITE
WAITFOR=PARAM.ENABLE_WAITFOR_2
WRITE_HIDDEN=PARAM.ENABLE
WAITFOR=#
WRITE=telnet localhost
WAITFOR=>
WRITE=en
WAITFOR=#
WRITE=terminal length 0
WAITFOR=#
}

 

After the edit is complete, save the file with: wq.
At this point, this can be retested and no restarts or reboots are required.


Special note: If this is a mixed environment with both Unifi and EdgeOS switches, only one can be properly managed as the MIB file is mutual since both devices share the same sysObjectID oid, but not the same command line commands.  This is a limitation with Ubiquiti and not FortiNAC.
133
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.