Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
rzanella
New Contributor III

Created on ‎09-30-2024 11:08 PM

Persistent agent don't comunicate to FortiNAC

Hi, I'm configuring my first FortiNAC.
I manually installed the Persistent agent on a test PC (OS Windows 11), according to the instructions found in https://community.fortinet.com/t5/FortiNAC/Technical-Tip-Manually-install-and-configure-Persistent-A...
It seems that the agent does not communicate with the Fortinac.
From the PC, telnet to eth1 fortinac on port 4568 is ok.
In the %ProgramData%\Bradford Networks folder I do not find any log files. As suggested I reinstalled the client but without success.

 

Icon of Persistent agent say: Network access normal. PC is viewed as rogue.

 

Could you help me?

 

Thanks in advance.

Labels:
1177
0 Kudos
2 Solutions
AEK
SuperUser
SuperUser
In response to rzanella

Created on ‎10-02-2024 02:48 PM

On the client, regedit, go the the following path:

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Bradford Networks\Persistent Agent

Does the value homeServer is the same as FortiNAC server FQDN or IP?

And is the certificate that you installed in FortiNAC server for agent communication has CN the same as the value defined in the above homeServer key?

AEK

View solution in original post

AEK
780
ebilcari
Staff
Staff
In response to rzanella

Created on ‎10-07-2024 01:40 AM

The persistent agent should function properly with all types of antivirus software, as one of its functions is to monitor the antivirus and updates status. But in the end this is considered just like a normal software/service from the OS and antivirus perspective and if there are restriction in place, it can block its normal activity.

- Emirjon
If you have found a solution, please like and accept it to make it easily accessible for others.

View solution in original post

698
0 Kudos
17 REPLIES 17
ebilcari
Staff
Staff

Created on ‎10-01-2024 12:42 AM

Which agent version are you installing and does the user have admin rights in windows? Having an empty log folder seems like the service is not running with the appropriate permissions, is the Service in running state?

- Emirjon
If you have found a solution, please like and accept it to make it easily accessible for others.
720
rzanella
New Contributor III
In response to ebilcari

Created on ‎10-01-2024 01:57 AM

Hi,

agent version is 9.4.0.93. It was installed used local user with administrative rights.  And the service is in running state.  

706
ebilcari
Staff
Staff
In response to rzanella

Created on ‎10-01-2024 08:23 AM

There have been no similar issues reported for this agent version. You can try to install one of the recent version of PA to see if there is a difference.

  • agent-9.4.1.98.jar 2023-03-23
  • agent-9.4.2.99.jar 2023-08-23
  • agent-9.4.3.100.jar 2023-09-29
  • agent-9.4.4.105.jar 2024-04-08

Also check if there is any installed antivirus that may prevent the service from running.

- Emirjon
If you have found a solution, please like and accept it to make it easily accessible for others.
657
rzanella
New Contributor III
In response to ebilcari

Created on ‎10-02-2024 03:36 AM

HI,

To download an updated version I went to System > Settings > Update > Agent Packages. by pressing the download button. No new packages are displayed.
From the settings under System > settings > update >system I saw that the Fortinac connects to fnac-updates.fortinet.net. With the browser I connected to the url and was able to download the agent-9.4.4.105.jar.
Should the file I downloaded be used on the PC? Or put in a Fortinac folder?
Thanks a lot.

620
ebilcari
Staff
Staff
In response to rzanella

Created on ‎10-02-2024 04:19 AM

In order to download the latest agents in FNAC you have to first fill the 'Agent Distribution Directory' as shown here:

agentup.PNG

 

You can also unzip the downloaded jar file, it should contain the .exe file that you can directly install in the PC.

- Emirjon
If you have found a solution, please like and accept it to make it easily accessible for others.
608
rzanella
New Contributor III
In response to ebilcari

Created on ‎10-02-2024 06:27 AM

Thanks to your instructions I was able to update the Persistent agent packages.
I installed version 9.4.4.105 but nothing changed. There are no log files in the %ProgramData%\Bradford Networks folder.
To exclude a write/read permission problem I gave everyone full permissions to this folder. But even in this case there are no log files.

579
0 Kudos
ebilcari
Staff
Staff
In response to rzanella

Created on ‎10-02-2024 06:59 AM

Have you tried to disable/uninstall any antivirus in the PC before doing the agent installation? Is this a computer domain, does it have any hardening in place?

- Emirjon
If you have found a solution, please like and accept it to make it easily accessible for others.
573
0 Kudos
rzanella
New Contributor III
In response to ebilcari

Created on ‎10-02-2024 07:37 AM Edited on ‎10-07-2024 01:34 AM

PC is in domain. I will ask to my colegues that manage antivirus to disable temporany it to reinstall persistent agent.

Update

I reinstalled the agent after the antivirus was disabled. After doing this I found the log files in the C:\ProgramData\Bradford Networks folder.
I also installed the agent on another PC with active antivirus and it was successful.

565
ndumaj
Staff
Staff
In response to rzanella

Created on ‎10-04-2024 02:48 AM

Hello @rzanella 

You should have logs on the %ProgramData%\Bradford Networks folder.

Check the installation user privileges (administrative privileges are required) once again, disable antivirus, uninstall/install the PA.
Article:Windows Persistent Agent logs 

BR

- Happy to help, hit like and accept the solution -
466
0 Kudos
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.