Description This article describes the concept of 'Ports in the Network'
in FortiNAC. This is required to properly understand the scope of the
network environment to adjust resources allocated to FortiNAC for
optimal performance. Scope FortiNAC, Fort...
Description This article describes the steps required to fully restore a
FortiNAC server after a system failure or when redeployment is needed.
Scope FortiNAC-F. Solution The full restoration of FortiNAC requires
that administrators already have stor...
Description This article describes how to identify the RADIUS reject
cause when EAP-MSCHAPv2 is used as authentication method. Scope
FortiNAC-F. Solution MSCHAPv2 is a challenge response protocol and a
widely used EAP authentication method. In such i...
Description This article provides some examples of the methods that can
be used by FortiNAC in order to control access for BYOD scenarios. Scope
FortiNAC-F, FortiNAC. Solution Companies normally have in place BYOD
policies, to allow their users to br...
Description This article describes best practices and recommendations
for FortiNAC hardening. Scope FortiNAC-F v7.4.0 and greater. Solution
FortiNAC is a Network Access control solution Server that is available
in both Hardware and Virtual Machine(VM...
Even if HTTP/HTTPS is enabled in a LAN interface, there is still a risk
of exposure since that vulnerability can be exploited from the internal
interface. I would suggest to apply local-in policies as provided in the
'Workaround' section in
(https://...
In this case the vulnerability is CVE-2024-46666 which will cause a
Denial of Service. You are vulnerable because an adversary/attacker can
craft REST API requests that will make the FortiGate unresponsive and
impact any endpoints using its services....
Well, when you said the AP is dissapearing from DHCP table i presumed
they were not retaining IP configuration. - after restart, APs get their
IP from DHCP on Fortigate, but later they disappear from DHCP table You
did not mention that the AP keeps i...
Have you configured DHCP reservations in FortiGate for your APs? If that
is possible, try and set that up and then check if the issue still
occurs for the APs.
Apparently this is intended in 7.2.X Explained in this article:
https://community.fortinet.com/t5/FortiGate/Troubleshooting-TIp-Dial-up-IPsec-shows-Unknown-User-under/ta-p/339137
UNKNOWN user provide extra information about the overlay tunnel setting...