This log event is typically triggered when a configuration change is made on the FortiSwitch (adding VLANs, port status changes, and so on).

However, it may also occur without any manual configuration changes, particularly when features like NAC or Dynamic VLAN mode are enabled on FortiSwitch ports.

When NAC is enabled, events such as nac-device-add, nac-device-modify, or nac-device-delete can trigger configuration synchronization. Each of these events results in a configuration sync for the corresponding port.

Example Scenario:

In the logs shown below, a client device (MAC: 00:ae:02:xx:xx:xx) connected to port20 initially triggers a nac-device-add event and is assigned the onboarding VLAN. A configuration sync follows. Later, a NAC policy NACtest1policy is applied, and VLAN 100 is assigned, resulting in another configuration sync.

Note: The logs are read bottom up.

date=2025-04-10 time=11:02:25 id=7496477772911177042 itime="2025-04-10 11:02:25" euid=3 epid=3 dsteuid=3 dstepid=3 logflag=0 logver=704072731 logid=0115022892 type="event" subtype="switch-controller" level="information" msg="Config download successful" logdesc="Switch-Controller Switch Sync Complete" sn="S148FPTFXXXXXXXX" user="Switch-Controller" ui="flcfgd" name="FSW1-name" eventtime=1745409745544859100 tz="+0200" srccountry="Switzerland" srccity="touch" srcgeoid=2658303 dstgeoid=0 devid="FG110FGK19xxxxxx" vd="root" csf="LASEA" dtime="2025-04-10 11:02:25" itime_t=1745409745 devname="Forti100"

date=2025-04-10 time=11:02:10 id=7496477764321542556 itime="2025-04-10 11:02:10" euid=3 epid=3 dsteuid=3 dstepid=3 logflag=0 logver=704072731 logid=0115022863 type="event" subtype="switch-controller" level="information" action="nac-device-modify" msg="NAC device with MAC=00:ae:02:xx:xx:xx sw=FSW1-name port=port20 vlan=VLAN100 policy=NACtest1policy updated." logdesc="NAC device modify" sn="S148FPTFXXXXXXXX" user="Switch-Controller" ui="flpold" name="FSW1-name" eventtime=2351632344417248310 tz="+0200" srccountry="Switzerland" srccity="touch" srcgeoid=2658303 dstgeoid=0 devid="FG110FGK19xxxxxx" vd="root" csf="LASEA" dtime="2025-04-10 11:02:10" itime_t=2351632344 devname="Forti100"

date=2025-04-10 time=11:02:10 id=7496477764321542555 itime="2025-04-10 11:02:10" euid=3 epid=3 dsteuid=3 dstepid=3 logflag=0 logver=704072731 logid=0115022869 type="event" subtype="switch-controller" level="information" action="nac-device-dynamic-address-add" msg="NAC device dynamic address add with MAC=00:ae:02:xx:xx:xx sw=FSW1-name port=port20 policy=NACtest1policy firewall address=Administration successful." logdesc="NAC device dynamic address addition" sn="S148FPTFXXXXXXXX" user="Switch-Controller" ui="flpold" name="FSW1-name" eventtime=2351632344411877310 tz="+0200" srccountry="Switzerland" srccity="touch" srcgeoid=2658303 dstgeoid=0 devid="FG110FGK19xxxxxx" vd="root" csf="LASEA" dtime="2025-04-10 11:02:10" itime_t=2351632344 devname="Forti100"

date=2025-04-10 time=11:01:48 id=7496477618292654102 itime="2025-04-10 11:01:49" euid=3 epid=3 dsteuid=3 dstepid=3 logflag=0 logver=704072731 logid=0115022892 type="event" subtype="switch-controller" level="information" msg="Config download successful" logdesc="Switch-Controller Switch Sync Complete" sn="S148FPTFXXXXXXXX" user="Switch-Controller" ui="flcfgd" name="FSW1-name" eventtime=1745409708904679870 tz="+0200" srccountry="Switzerland" srccity="touch" srcgeoid=2658303 dstgeoid=0 devid="FG110FGK19xxxxxx" vd="root" csf="LASEA" dtime="2025-04-10 11:01:48" itime_t=1745409709 devname="Forti100"

date=2025-04-10 time=11:01:47 id=7496477613997687001 itime="2025-04-10 11:01:48" euid=3 epid=3 dsteuid=3 dstepid=3 logflag=0 logver=704072731 logid=0115022861 type="event" subtype="switch-controller" level="information" action="nac-device-add" msg="New NAC device added with MAC=00:ae:02:xx:xx:xx sw=FSW1-name port=port20 vlan=onboarding policy=Default to onboarding." logdesc="NAC device addition" sn="S148FPTFXXXXXXXX" user="Switch-Controller" ui="flpold" name="FSW1-name" eventtime=1745409707742875150 tz="+0200" srccountry="Switzerland" srccity="touch" srcgeoid=2658303 dstgeoid=0 devid="FG110FGK19xxxxxx" vd="root" csf="LASEA" dtime="2025-04-10 11:01:47" itime_t=1745409708 devname="Forti100"

This results in two configuration syncs for a single client connection.

Note:

If repeated configuration syncs are observed on the same port, verify the following:

• Ensure that the port is stable and not flapping. To test this, temporarily disable NAC on the port and monitor stability.
• Check if the same device is also connected via Wi-Fi. This can trigger port flap behavior. For troubleshooting steps, see Troubleshooting Tip: FortiSwitch port flap with laptop connected with wifi/wired using FortiEMS tags.