- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Fortinac fortiview missing info
Hi,
I'm working on new Fnac 7.6 deployment.
I need only visibility functions, in particular I need to associate user/host/ip address and see all in fortiview.
It is necessary the persistent agent or I can retrieve the information in another manner ?
Also I don't understand why in fortiview dashboard I can't see the ip address, only mac-address, but in adapter window I see the ip address resolved by mac-address.
In inventory I set L2 polling and L3 polling on core switch.
Thank you
Vincenzzo
Solved! Go to Solution.
- Labels:
-
FortiNAC
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi
I think FortiNAC can detect the hostname only in the following cases:
- DHCP request
- Persistent agent
- Dissolvable agent
Probably there a chance that rDNS can also help. FortiGate can do that, but I don't know if FortiNAC can do it, unless if FNAC can get the info from FGT.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Vincenzo
If host doesn't run PA, you can collect the required info as follows:
- IP: Via L3 polling from firewall or router
- User: From NAC portal on user registration/authentication
- Host: From DHCP query (if I'm not wrong)
Also if you have FortiGate then NAC can collect much info from there.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Basically FortiView will use the host/adapter information extracted from Endpoint Fingerprints. This will be populated depending on the Source that have given this information. There are some sources that don't provide IP information like FortiGuard or Vendor OUI, also if partial information is received like DHCP discover only:
The recommended way to have all the hosts information is to use Persistent Agent but other sources can also provide the IP information if correctly configured.
If you have found a solution, please like and accept it to make it easily accessible for others.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
I solved the ip and host resolution enabling dhcp helper address, now I need to understand if is mandatory to use persistent agent to associate user to host or there is alternative methods.
Regarding the helper address implementation, it's working for clients managed via dhcp, but for the host with static ip?
Thank you all for the reply
Vincenzo
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi
I think FortiNAC can detect the hostname only in the following cases:
- DHCP request
- Persistent agent
- Dissolvable agent
Probably there a chance that rDNS can also help. FortiGate can do that, but I don't know if FortiNAC can do it, unless if FNAC can get the info from FGT.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
On the other hand, bear in mind that in FortiNAC your clients must use DHCP, otherwise they can't communicate when FNAC changes their VLAN.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Based on the output of the lab I can confirm that the fingerprints sourced by the FGT include the hostname:
WinRM can also be used to extract more details for Widows hosts.
If you have found a solution, please like and accept it to make it easily accessible for others.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Without the Agent there are two other possibilities I can think of:
If the users are doing RADIUS authentication (preferably EAP-PEAP), the Dot1x Auto Registration feature can be enabled, which is also transparent for the end users.
Portal can also be used to let users register their devices through the web portal (Standard User).
If you have found a solution, please like and accept it to make it easily accessible for others.
