Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
vincenzo
New Contributor II

Created on ‎01-29-2025 06:45 AM

Fortinac fortiview missing info

Hi,

I'm working on new Fnac 7.6 deployment.

I need only visibility functions, in particular I need to associate user/host/ip address and see all in fortiview.

It is necessary the persistent agent or I can retrieve the information in another manner ?

Also I don't understand why in fortiview dashboard I can't see the ip address, only mac-address, but in adapter window I see the ip address resolved by mac-address.

In inventory I set L2 polling and L3 polling on core switch.

Thank you

 

Vincenzzo

 

Labels:
361
0 Kudos
1 Solution
AEK
SuperUser
SuperUser
In response to vincenzo

Created on ‎01-30-2025 06:58 AM

Hi

I think FortiNAC can detect the hostname only in the following cases:

  • DHCP request
  • Persistent agent
  • Dissolvable agent

Probably there a chance that rDNS can also help. FortiGate can do that, but I don't know if FortiNAC can do it, unless if FNAC can get the info from FGT.

AEK

View solution in original post

AEK
269
7 REPLIES 7
AEK
SuperUser
SuperUser

Created on ‎01-29-2025 12:29 PM

Hi Vincenzo

If host doesn't run PA, you can collect the required info as follows:

  • IP: Via L3 polling from firewall or router
  • User: From NAC portal on user registration/authentication
  • Host: From DHCP query (if I'm not wrong)

Also if you have FortiGate then NAC can collect much info from there.

AEK
AEK
339
ebilcari
Staff
Staff

Created on ‎01-30-2025 12:38 AM Edited on ‎01-30-2025 12:41 AM

Basically FortiView will use the host/adapter information extracted from Endpoint Fingerprints. This will be populated depending on the Source that have given this information. There are some sources that don't provide IP information like FortiGuard or Vendor OUI, also if partial information is received like DHCP discover only:

endfinger.PNG

The recommended way to have all the hosts information is to use Persistent Agent but other sources can also provide the IP information if correctly configured.

- Emirjon
If you have found a solution, please like and accept it to make it easily accessible for others.
317
vincenzo
New Contributor II
In response to ebilcari

Created on ‎01-30-2025 05:38 AM

Hi,

I solved the ip and host resolution enabling dhcp helper address, now I need to understand if is mandatory to use persistent agent to associate user to host or there is alternative methods.

Regarding the helper address implementation, it's working for clients managed via dhcp, but for the host with static ip?

Thank you all for the reply

 

Vincenzo

 

289
0 Kudos
AEK
SuperUser
SuperUser
In response to vincenzo

Created on ‎01-30-2025 06:58 AM

Hi

I think FortiNAC can detect the hostname only in the following cases:

  • DHCP request
  • Persistent agent
  • Dissolvable agent

Probably there a chance that rDNS can also help. FortiGate can do that, but I don't know if FortiNAC can do it, unless if FNAC can get the info from FGT.

AEK
AEK
270
AEK
SuperUser
SuperUser
In response to AEK

Created on ‎01-30-2025 07:00 AM

On the other hand, bear in mind that in FortiNAC your clients must use DHCP, otherwise they can't communicate when FNAC changes their VLAN.

AEK
AEK
267
ebilcari
Staff
Staff
In response to AEK

Created on ‎01-30-2025 07:23 AM

Based on the output of the lab I can confirm that the fingerprints sourced by the FGT include the hostname:

fings.PNG

WinRM can also be used to extract more details for Widows hosts.

- Emirjon
If you have found a solution, please like and accept it to make it easily accessible for others.
260
ebilcari
Staff
Staff
In response to vincenzo

Created on ‎01-30-2025 07:13 AM

Without the Agent there are two other possibilities I can think of:

If the users are doing RADIUS authentication (preferably EAP-PEAP), the Dot1x Auto Registration feature can be enabled, which is also transparent for the end users.

Portal can also be used to let users register their devices through the web portal (Standard User).

- Emirjon
If you have found a solution, please like and accept it to make it easily accessible for others.
262
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.