Help
FortiNAC-F
FortiNAC-F is a zero-trust network access solution that provides users with enhanced visibility into the Internet of Things (IoT) devices on their enterprise networks. For legacy FortiNAC articles prior to FortiNAC-F 7.2, see FortiNAC.
khoffman
Staff
Staff

Created on ‎02-15-2024 09:35 PM Edited on ‎05-20-2024 10:13 PM By Moderator

Article Id 299654

Technical Tip: Configure Security Fabric with FortiNAC & Fortigate

Description This article describes how to quickly set the Security Fabric between FortiNAC and FortiGate to use Dynamic Address Tags.
Scope FortiNAC-F 7.2 and FortiGate FOS 7.
Solution

Dynamic Address Tags Configuration:

  • FortiGate must already be in inventory View.
  • FortiNAC needs read/write access to FortiGate via API.

 

  1. Create Connector in FortiNAC: Network -> Service Connector.
    Enter the IP address of the FortiGate.
 
Picture1.png

  1. Authorize FortiNAC on the root FortiGate. In the FortiGate UI, navigate to Security Fabric -> Fabric Connectors.

    Picture2.png

     

  2. Verify that FortiNAC has been added to the Fabric.  

    In the FortiGate UI, navigate to Security Fabric -> Fabric Connectors: 'right click' on Security Fabric Setup and select 'Edit'.
    In the Device Authorization section, select edit to verify the FortiNAC server is authorized.

    Picture3.png

     

  3. Ensure 'Allow downstream device REST API access' Is enabled in the FortiGate, Security Fabric Settings view. 

  4. In FortiNAC, define the SSO Address Objects and Tags:
    Navigate to the FortiGate in Network -> Inventory.

    Select the Virtualized Devices tab & access the Model Configuration for the applicable VDOM.

    2024-02-15 13_55_09-Screenshot (14).png

     

Add applicable Addresses group objects to 'SSO Addresses' and add Tag values for each logical network tag that should be applied.

Picture4.png

 

  1. In FortiNAC, complete a Resync Interfaces.
    'Right-click' on the firewall in the inventory view and select Resync Interfaces. 

2024-02-15 14_19_36-Screenshot (15).png

 


Related documents:
Fortinet Security Fabric/FSSO Integration 
Connection Process 
606
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.