FortiNAC
NOTE: FortiNAC is now named FortiNAC-F. For post-9.4 articles, see FortiNAC-F. FortiNAC is a zero-trust network access solution that provides users with enhanced visibility into the Internet of Things (IoT) devices on their enterprise networks.
lfrancelj
Staff
Staff
Article Id 191164
Description
This article describes how to manually install and configure 'Persistent Agent', provided by the FortiNAC, on Windows OS.

Related links.

Fortinet Documentation:

https://docs.fortinet.com/document/fortinac/8.6.0/administration-guide/353493/persistent-agent-setti...

https://docs.fortinet.com/document/fortinac/8.7.0/administration-guide/613843/persistent-agent-on-wi...

Solution
1) Download' Persistent Agent' installer from the GUI:

System -> Settings -> Updates -> Agent Packages to server or workstation running Windows OS by selecting the installation file that is matching your OS:





2) Run the setup file 'FortiNAC Persistent Agent.msi' in this example and follow the installation wizard.

3) When the installation is finished the 'Persistent Agent' starts automatically and it is possible to verify if the status in the 'Services' view (select Start -> Run,type in 'services.msc' and select 'OK').




4) To configure destination server for 'Persistent Agent', change settings in the registry (select Start -> Run, type in 'regedit' and navigate to 'HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Bradford Networks\Client Security Agent').

5) Change the 'ServerIP' value to your FortiNac IP address or host name.





6) After changing the 'ServerIP' in the registry, restart the 'FortiNAC Persistent Agent Service' in the 'Services' view (see 3) ) by selecting 'FortiNAC Persistent Agent Service' and select restart.




7) Check the logs in 'C:\ProgramData\Bradford Networks\general.txt' where progress of connecting 'Persistent Agent' to previously configured FortiNAC is visible (see 5) ).

Authorized application %ProgramFiles%\Bradford Networks\Persistent Agent\bndaemon.exe is enabled in the firewall.

2020-04-23 09:51:58 UTC :: ClientState = 1.
2020-04-23 09:51:58 UTC :: ClientStateEnabled = 1.
2020-04-23 09:51:58 UTC :: ServerIP = fnac.forti.lab.
2020-04-23 09:51:58 UTC :: Uninstall = /qn /x {65E4A3F0-A6B3-48DD-B8F8-C340ED03AF71}.
2020-04-23 09:51:58 UTC :: Version = 5.2.1.8.

8) 'Persistent Agent' has successfully established secure connection with message.

2020-04-23 09:51:59 UTC :: Success converting RSA pubkeys to internal format!.
2020-04-23 09:51:59 UTC :: Detected Server Version: 8.6.3.1206.
2020-04-23 09:51:59 UTC :: constructFromBufer verb = Set Parameters.
2020-04-23 09:51:59 UTC :: handleReceivedPacket() -- received this packet.

Troubleshooting.

If some SSL Certificate errors in the general.txt log file are appearing, make sure that the certificate which is configured on FortiNAC to be used for 'Persistent Agent' communication is added to 'Trusted Root Certification Authorities' on the Windows OS.

Verify which certificate is used by FortiNAC under System -> Settings -> Security -> Certificate Management.



Related Articles

Technical Note: Windows Persistent Agent logs

Contributors