how to configure fortilink nac quarantine vlan?
Configuration with fortilink nac works fine wireless and wired. onboarding vlan does the job well. But here is the point I can't understand. we are broadcasting single ssid. The device I define nac policy with the device mac address gets ip from the relevant vlan and accesses it. But how do I ensure that the device that I have never defined automatically receives ip from the quarantine vlan. because the device that we do not define cannot receive ip when connected to the relevant ssid.
If I get it right you want to isolate WiFi hosts that are not matching any NAC policies (no rule created yet). If this is the case than the onboard VLAN can be used for that, more information shown in this article.
More information also shown in the admin guide:
When NAC devices are discovered, they are assigned to the NAC onboarding VLAN. You can specify the default onboarding VLAN or specify another existing VLAN. By default, there is no NAC onboarding VLAN assigned.
When NAC devices are discovered and match a NAC policy, they are automatically authorized by default.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1740 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.