FortiNAC
NOTE: FortiNAC is now named FortiNAC-F. For post-9.4 articles, see FortiNAC-F. FortiNAC is a zero-trust network access solution that provides users with enhanced visibility into the Internet of Things (IoT) devices on their enterprise networks.
cmaheu
Staff
Staff
Article Id 193368
Description
When configuring devices for integration, if certain traffic is sourced from an IP other than the one used to model the device in Topology, that traffic will be discarded.  This applies to all devices regardless of vendor or model.

Includes the following:
Syslog
RADIUS (Note:  This is not an issue if the device is configured to send NAS-IP attribute specifying the device model IP)
SNMP


If RADIUS packets are discarded, messages similar to the following are seen in /bsc/logs/output.master:

yams.RadiusManager INFO :: 2021-01-05 16:34:54:499 :: RadiusSyncReqThread2 RadiusServer:findDeviceIP - No device in database with IP : x.x.x.x


 

 

Scope
Version: 8.x

Solution
Messages should be sourced from Device IP listed in Topology.

Example for FGT syslog configuration:

config log syslogd setting
set status enable >> Send logs to syslog
set server "10.200.20.20" >> FNAC eth0 IP address
set mode udp
set port 514
set facility local7
set source-ip "10.200.20.1". >> FGT IP address in FNAC Topology View
set format csv
set priority default
set max-log-rate 0
end





Contributors