Hello Fortinet Community
We have FortiNAC 9.4.3. All corp hosts have PA agent. We enabled PA optimization on all access switches.
Without IP phone everything works fine. However when we connect a host with PA agent behind a IP phone, the PA seems not to initiate DHCP request when VLAN is changed, so the host's IP remains unchanged, until we initiate ipconfig /renew, here the IP is renewed correctly and all works fine.
This issue happens every time when VLAN is switched by FortiNAC, e.g.: from isol to prod, or from prod to isol, or from prod1 to prod2, ... etc
Any useful idea would be appreciated.
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hello
Thanks for your response Anthony.
After a work sessions with Fortinet support, we realized that we missed to open port TCP 4568 in some VLANs. Now it is fixed.
Hello AEK,
Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.
Thanks,
Hello
Thanks for your response Anthony.
After a work sessions with Fortinet support, we realized that we missed to open port TCP 4568 in some VLANs. Now it is fixed.
Hi,
We have FortiNAC 9.2.7 and we think we are experimenting same issue in the native VLAN (IP-phone + PA)
What is the number of this issue in the release note? Is it fixed in next release 9.2.8?
Thanks
Hello Equipo
It should work as expected as far as the required ports for PA are open on your firewall (TCP 4568).
However there is some constraints when you have PA behind IP phone.. The first time the client connects behind the IP phone you may need run dhcp renew, or just unplug and plug back the cable. This is because FNAC switches the VLAN after your client has issued the fist dhcp request.
I hope Fortinet will fix this particular issue in future release.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1502 | |
1013 | |
749 | |
443 | |
209 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.