Help
FortiNAC-F
FortiNAC-F is a zero-trust network access solution that provides users with enhanced visibility into the Internet of Things (IoT) devices on their enterprise networks. For legacy FortiNAC articles prior to FortiNAC-F 7.2, see FortiNAC.
shahzeb
Staff
Staff

Created on ‎12-31-2025 07:44 AM

Article Id 424197

Troubleshooting Tip: Unauthorized Connection from FortiNAC Appliance Events

Description This article describes the solution to the event "Unauthorized connection from FortiNAC Appliance" seen on the primary appliance.
Scope FortiNAC-F v7.2.x or above.
Solution

A FortiNAC primary appliance repeatedly displays 'Unauthorized Connection from FortiNAC Appliance' events under Logs -> Events & Alarms -> Events. These events do not affect the FortiNAC operation, but may be a nuisance.

 

The alert message usually contains the IP address and Serial number of the secondary appliance, as shown in the following image.

 

2025-12-22 15_25_25-2025-11-17_10-42-10.mp4 - VLC media player.png

 

Solution:

 

This usually happens when the global option list of allowed number list doesn't exist or contain an incorrect Serial Number information. To stop these events, review and update the allowed serial number list on the Primary appliance CLI.

 

execute enter-shell

globaloptiontool -name security.allowedserialnumbers -setRaw "<Primaryserialnumber>, <Secondaryserialnumber>"

 

For example:

 

globaloptiontool -name security.allowedserialnumbers -setRaw "FNVX-CAxxxxxxx1,FNVX-CAxxxxxxx2"

 

Refer to High Availability (FortiNAC-OS) for further details.
52
0 Kudos
Suggest New Article
Article Feedback
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2026 Fortinet, Inc. All Rights Reserved.