Description
This article describes how to solve an issue when integrating devices with FortiNAC, and incoming traffic is sourced from an IP other than the one used to model the device in Inventory.
Scope
FortiNAC.
Solution
FortiNAC will discard this traffic regardless of device vendor or model. Includes the following traffic:
- Syslog.
- SNMP.
- RADIUS (Note: This is not an issue if the device is configured to send NAS-IP attribute specifying the device model IP).
Here is an example of a RADIUS discarded packet which can be seen from /bsc/logs/output.master:
yams.RadiusManager INFO :: 2021-01-05 16:34:54:499 :: RadiusSyncReqThread2 RadiusServer:findDeviceIP - No device in database with IP : x.x.x.x
Messages should be sourced only from Device IP listed in Inventory. Here is an example of FortiGate syslog configuration from CLI:
config system global
config log syslogd setting
set status enable >> Send logs to syslog
set server "10.200.20.20" >> FNAC eth0 IP address
set mode udp
set port 514
set facility local7
set source-ip "10.200.20.1". >> FGT IP address in FNAC Topology View
set format csv
set priority default
set max-log-rate 0
end
