FortiNAC
NOTE: FortiNAC is now named FortiNAC-F. For post-9.4 articles, see FortiNAC-F. FortiNAC is a zero-trust network access solution that provides users with enhanced visibility into the Internet of Things (IoT) devices on their enterprise networks.
kmody
Staff
Staff
Article Id 318166
Description This article describes how to get a report for NAC unenforced ports using the CLI.
Scope FortiNAC 8.X 9.X, 7.X.
Solution

For FortiNAC-Centos 8.x, 9.x:

  1. Log in to the CLI as the root user.
  2. Change the directory using the command below:

 

cd /tmp 

 

 

  1. Run the command below in the FortiNAC CLI:

 

DumpUnenforcedPorts -excludeUplinks -groups "Forced Registration,Forced Remediation, Forced User Authentication Exceptions, Forced Scan Exceptions, Forced Remediation Exceptions, Forced Authentication" | tee unenforcedports.txt

  1. Export the file uneforcedports.txt using an FTP tool like WinSCP.

 

For FortiNAC-F 7.x:

 

  1. Log in to the CLI as an admin user.
  2. Run the following command:

 

exec enter-shell 

 

  1. Change the directory using the command below:

 

cd /home 

 

  1. Run the following command:

 

DumpUnenforcedPorts -excludeUplinks -groups "Forced Registration,Forced Remediation, Forced User Authentication Exceptions, Forced Scan Exceptions, Forced Remediation Exceptions, Forced Authentication" | tee unenforcedports.txt

 

  1. Export the file uneforcedports.txt by referring to the steps in How to export files from FortiNAC-F.