Hi All,
We have a FortiGate 100F connected to a FortiClient EMS. EMS is configured to send all FC's tags to the FG which is working fine. I see the tags fine on the FG and they update just fine when we alter them in testing. The issue we have is when applying these tags to the IP/MAC Based Access Control on an incoming policy from the internet - it does not work at all. (Using the MAC address list). If i turn off the Access Control and set it to all traffic from the internet it works fine. Is this beyond the capabilities of the FG or am I overlooking something here? Surely the tcp packet is presenting the MAC address when connecting in. I understand the IP tag won't work externally as the IP the tag pulls is the local address.
Thanks!
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hi @marara1
Thank you for updating your query.
Please update us on the Forticlient (FCT) and FortiOS versions.
You can check the below link for the IP/Mac-based working method:-
Regards
Priyanka
- Have you found a solution? Then give your helper a "Kudos" and mark the solution
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.