Description
This article describes how to manually install and configure 'Persistent Agent', provided by the FortiNAC, on Windows OS.
Fortinet Documentation:
- Persistent Agent Settings-Administration Guide
- Persistent Agent deployment and configuration
- Installing ssl certificates - GUIDE
Scope
FortiNAC.
Solution
- Download the 'Persistent Agent' installer from the GUI:
System -> Settings -> Updates -> Agent Packages to the server or workstation running Windows OS by selecting the installation file that matches the Operating System in use:

- Run the setup file 'FortiNAC Persistent Agent.msi' in this example and follow the installation wizard.
- When the installation is finished the 'Persistent Agent' starts automatically, and it is possible to verify the status in the 'Services' view (select Start -> Run, type in 'services.msc' and select 'OK').

- To configure a destination server for the 'Persistent Agent', change settings in the registry (select Start -> Run, type in 'regedit' and navigate to :
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Bradford Networks\Client Security Agent' --> For 32-bit operating systems.HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Policies\Bradford Networks\Persistent Agent --> For 64-bit operating systems.
- Change the 'ServerIP' value to the FortiNAC IP address or hostname.

- After changing the 'ServerIP' in the registry, restart the 'FortiNAC Persistent Agent Service' in the 'Services' view (see 3) by selecting 'FortiNAC Persistent Agent Service' and selecting Restart.

- Check the logs in 'C:\ProgramData\Bradford Networks\general.txt' where the progress of connecting 'Persistent Agent' to the previously configured FortiNAC is visible (see step 5).
2020-04-23 09:51:58 UTC :: ClientStateEnabled = 1.
2020-04-23 09:51:58 UTC :: ServerIP = fnac.forti.lab.
2020-04-23 09:51:58 UTC :: Uninstall = /qn /x {65E4A3F0-A6B3-48DD-B8F8-C340ED03AF71}.
2020-04-23 09:51:58 UTC :: Version = 5.2.1.8.
- The 'Persistent Agent' has successfully established a secure connection with a message.
2020-04-23 09:51:59 UTC :: Success converting RSA pubkeys to internal format!.
2020-04-23 09:51:59 UTC :: Detected Server Version: 8.6.3.1206.
2020-04-23 09:51:59 UTC :: constructFromBufer verb = Set Parameters.
2020-04-23 09:51:59 UTC :: handleReceivedPacket() -- received this packet.
- Root CA certificate and any Intermediate CA certificate along with the Persistent Agent certificate to be added in FortiNAC.
- Root CA certificate and any Intermediate CA certificate are to be added on all Windows computers in the 'Trusted Root Certification Authorities and Intermediate Certification Authorities' store.
- Open Windows 'RUN' -> Enter 'mmc' -> go to File -> Add/Remove Snap-in: Certificates -> Add -> Computer account -> Ok.
- Select 'Trusted Root Certificate Authority' -> Right-click 'All Tasks' -> Import the Root certificate.
- Restart the FortiNAC Persistent Agent service and check.

Related articles: