Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Jucker
New Contributor III

Created on ‎09-10-2023 01:30 PM Edited on ‎09-11-2023 01:44 PM

FortiNAC integration with unlicensed fortigate VM virtualized tab not showing

Hello,

 

Hope you are doing great!

 

I got stuck in my lab  with integrating fortinac and fortigate vm evaluation unlicensed mode, when i add fortigate device it does not show virtualized tab i suspect that because of modeling device type when i click on "set device mapping" it does show only Fortinet, and i can not make any change in it.

Fortigate version 7.0.1

FortiNAC version 9.2.6.0451

 
 

Device Mapping issue.JPG

 

Regards!

 

@ebilcari 

Labels:
729
0 Kudos
1 Solution
ebilcari
Staff
Staff

Created on ‎09-12-2023 12:31 AM

I haven't tested with FGT unlicensed mode but since it's modeled automatically it means that FNAC should supported it. Are you able to validate credentials, do you see API traffic (L2 polling should be performed via API)? What is shown when you run Test Device Mapping?

I'm currently running FGT VM64(VM1) and I had to manually map as VM04 for things to work:

mapping.PNG

- Emirjon
If you have found a solution, please like and accept it to make it easily accessible for others.

View solution in original post

670
4 REPLIES 4
ebilcari
Staff
Staff

Created on ‎09-12-2023 12:31 AM

I haven't tested with FGT unlicensed mode but since it's modeled automatically it means that FNAC should supported it. Are you able to validate credentials, do you see API traffic (L2 polling should be performed via API)? What is shown when you run Test Device Mapping?

I'm currently running FGT VM64(VM1) and I had to manually map as VM04 for things to work:

mapping.PNG

- Emirjon
If you have found a solution, please like and accept it to make it easily accessible for others.
671
Jucker
New Contributor III
In response to ebilcari

Created on ‎09-12-2023 12:36 PM

Hello,

Thank you for  your prompt response!

I did try to add licensed VM to FNAC, samething whenever i try to set device mapping i got this error :

 

Fortigate Cannot Read properties.JPG

This OID not existing on the FGT, the snmpwalk from the FNAC

 

FortiNAC snmpwalk.JPG

 

Validate Credentials

I suspect because of the enable part FNAC considering it as a normal device like Cisco :

 

FortiNAC Validate credentials.JPG

Test device mapping it does show L2 not supported not sure if is because i dont have fortiswitch:

FortiNAC test device mapping.JPG

 

Best Regards!

648
0 Kudos
ebilcari
Staff
Staff
In response to Jucker

Created on ‎09-13-2023 01:34 AM

I think the SNMP query on the OID directly doesn't have a value and want reply. You can try to run the system query and you should see the OID listed, like

> snmpwalk -v2c -c xxx 10.1.1.1 system
SNMPv2-MIB::sysDescr.0 = STRING: The FW
SNMPv2-MIB::sysObjectID.0 = OID: SNMPv2-SMI::enterprises.12356.101.1.80005

Regarding the Credential validation, after testing SSH access FNAC will try the API call and if it fails it will still show the error of CLI failure. Take a look at integration guide page 11 and pages below.

- Emirjon
If you have found a solution, please like and accept it to make it easily accessible for others.
614
Jucker
New Contributor III
In response to ebilcari

Created on ‎10-01-2023 06:54 PM

I did change the device into generic snmp device and the modeling start showing, i did choose Fortigate VM and tab virtualized showed.

448
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.