Hi,
I am using a FortiNAC-CA 7.2.4 (FortiNAC-OS) with a basic FortiNAC license.
Network Infos:
The FortiNAC is connected via cable to a switch and terminates on a FortiGate through port6 (0.0.0.0/0) with a VLAN stub and VLAN Isolation.
I have configured port1 for MGMT (Layer 3) and port2 in L3 Isolation mode, with an IP on the VLAN stub and a Range Scope for the VLAN Isolation.
The FortiGate acts as a DHCP relay towards the IPs of the FortiNAC (both port1 and port2).
FortiNAC infos:
I created two groups (MAB_VLAN2 and MAB_VLAN3) and two roles (ROLE_VLAN2 and ROLE_VLAN3). I then set up user configurations with the following logic:
- If the user does not belong to the groups VLAN2, VLAN3, or Registered_Host → Logical Network Isolation
- If the user belongs to group VLAN2 and has ROLE_VLAN2 → Logical Network VLAN2
- If the user belongs to group VLAN3 and has ROLE_VLAN3 → Logical Network VLAN3
I am using a test switch and a test PC, and from manual testing, it seems everything works fine.
Issues:
I’m facing two issues for which I require assistance:
- I cannot find the Captive Portal configuration menu. Is it not included with the basic license? Without the Captive Portal, I have no way to auto-register hosts.
- When trying to register the test PC from the Host Inventory, I encounter the error: "HOST Exceeded concurrent connection license limit", but if I delete the host and manually recreate it, the registration works.
I have disabled all Device Profiling rules, and there are no registered hosts except for about ten rogue hosts that are automatically discovered by the test switch.
Could you please provide assistance?
Yes correct, the BASE license doesn't offer support for Captive Portal and guest management. This were the old license options/features:
Lately the BASE license is removed and now only PLUS and PRO are used (page 10 on DS). You can try to download again the same license from the customer portal or contact your local sales representative for more information.
