Created on
09-01-2023
06:06 AM
Edited on
09-03-2023
10:38 PM
By
Jean-Philippe_P
Description | This article describes behavior where SSH communication can fail if the device controlling the VIP changes. This is due to a change in the SSH key, making the currently used key invalid. |
Scope | FortiNAC with Cisco ASA, Aruba WLC, and Aruba IAP integrations. |
Solution |
Version 9.4.3 and above: To prevent an SSH communication failure due to this scenario, the MultiKnownHostEntries attribute can be enabled. FortiNAC's known_hosts cache is checked for all potential matches of the VIP and determines which entry to use. This is done on a per-device model basis.
This function is also detailed under Model Configuration in the Administration Guide.
Procedure (CentOS Only):
|
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2023 Fortinet, Inc. All Rights Reserved.