Technical Tip: Comprehensive guide for a simple Fo...

Hatibi · 04-25-2025

Description This article describes how to leverage 'Host' and 'User' group types' in Network Access Policies, depending on how the endpoint is registered. Scope FortiNAC-F v7.6 and greater. Solution As of FortiNAC version F7.6.0, FortiNAC will automa...

Hatibi · 03-31-2025

Description This article describes how the TCP/UDP device profiling method works and how to check profiling results when the rule does not match. Scope FortiNAC-F. Solution When TCP or UDP methods are used for device profiling, FortiNAC will utilize ...

Hatibi · 02-17-2025

Description This article describes the steps and verification procedures required to profile devices using the SNMP method. Scope FortiNAC. Solution When profiling with the SNMP method, FortiNAC will send a SNMP Get Request to the Isolated device and...

Hatibi · 01-23-2025

Description This article describes the concept of 'Ports in the Network' in FortiNAC. This is required to properly understand the scope of the network environment to adjust resources allocated to FortiNAC for optimal performance. Scope FortiNAC, Fort...

Hatibi · 01-20-2025

Description This article describes the steps required to fully restore a FortiNAC server after a system failure or when redeployment is needed. Scope FortiNAC-F v7.4.X, v7.6.X. Solution The full restoration of FortiNAC requires that administrators al...

Hatibi · 02-14-2025

Yes, at the moment FortiNAC can use only AD on-premise as native authentication source for Persistent agent, radius or other methods. Once Entra ID will be supported in FortiNAC new releases, it will be able to perform authentication and user/group l...

Hatibi · 02-13-2025

This is being planned to be added in FortiNAC future releases.

Hatibi · 01-24-2025

Even if HTTP/HTTPS is enabled in a LAN interface, there is still a risk of exposure since that vulnerability can be exploited from the internal interface. I would suggest to apply local-in policies as provided in the 'Workaround' section in (https://...

Hatibi · 01-16-2025

In this case the vulnerability is CVE-2024-46666 which will cause a Denial of Service. You are vulnerable because an adversary/attacker can craft REST API requests that will make the FortiGate unresponsive and impact any endpoints using its services....

Hatibi · 12-18-2024

Well, when you said the AP is dissapearing from DHCP table i presumed they were not retaining IP configuration. - after restart, APs get their IP from DHCP on Fortigate, but later they disappear from DHCP table You did not mention that the AP keeps i...

User Statistics

User Activity

Technical Tip: FortiNAC v7.6 LDAP group membership based on 'User' or 'Device' type Registration

Technical Tip: Device profiling using the TCP or UDP methods

Technical Tip: Device profiling with the SNMP method

Technical Tip: Evaluate Server resource Sizing based on Ports in the Network

Technical Tip: FortiNAC-F system restore procedure

Re: FortiNAC integration with EntraID

Re: FortiNAC integration with EntraID

Re: Should I upgrade FortiOS for vulnerability CVE-2024-55591?

Re: FG-IR-24-250 / Can someone Explain?

Re: Problems with WiFi FortiOS 7.4.5 and FAP sw 7.4.4

Technical Tip: Comprehensive guide for a simple Fo...

Technical Tip: Run tcpdump in FortiNAC-F and save ...

Technical Tip: FortiGate explicit proxy authentica...

Troubleshooting Tip: Host visibility issues in For...

Technical Tip: FortiNAC general troubleshooting gu...

Re: FortiNAC integration with EntraID

Re: Should I upgrade FortiOS for vulnerability CVE...

Re: Issue with dot1x Configuration on FortiNAC

Re: FortiNAC restrict access to container

Re: Fortinac

KCS

User Statistics

User Activity

You are leaving our website