| Description | This article describes how to configure user acknowledgement for VLAN switching with the Persistent Agent so the user can accept or deny changing the VLAN. |
| Scope |
FortiNAC-F v7.4, v7.6. Persistent Agent v9.4.4 or v10.7.2 or greater. |
| Solution |
In some environments, it might be required to get user acknowledgment before switching their VLAN. The user would get a notification similar to the following:
First, make sure the Persistent Agent is installed on the host and can communicate with the FortiNAC. Go to 'Users & Hosts -> Hosts' and look for the green checkmark under the 'Persistent Agent' column:
Enable the 'Enable VlanSwitching User Acknowledgement' option under 'System -> Settings -> Persistent Agent -> Properties':
execute enter-shell globaloptiontool -name persistentAgentSecMgmt.enableReceipt -set true
To disable it from the CLI:
execute enter-shell globaloptiontool -name persistentAgentSecMgmt.enableReceipt -set false
Note: If the user does not select any option, the VLAN will be switched after the time defined under the 'Acknowledgement timeout' field.
The Event log message 'User Cancelled Vlan Switch' will be triggered if a user declines the VLAN switching.
Related documents: Properties - FortiNAC-F administration guide Persistent agent deployment and configuration overview - FortiNAC-F administration guide |
