Technical Tip: Useful CLI commands in FortiNAC-OS ...

ebilcari · 02-05-2025

Description This article describes the details of the integration with a Cisco WLC while using RADIUS authentication. If the integration is not properly done, the CoA/DM message will not be sent by FortiNAC. In this example, the host is registered th...

ebilcari · 01-21-2025

Description This article explains how to check and solve issues caused by FortiNAC not having an updated list of OUIs. Having an updated list of OUIs is important because FortiNAC will check the validity of the Hosts MAC address before proceeding fur...

ebilcari · 01-06-2025

Description This article describes how to use the LDAP DN attribute in User/Host Profiles to select particular LDAP users of connected hosts to match with a Network Access policy. Scope FortiNAC. Solution FortiNAC offers many ways to select Network A...

ebilcari · 12-17-2024

Description This article describes a new behavior observed in the RADIUS logs. Scope FortiNAC v9.4.7 and FortiNAC-OS v7.2.8, v7.4.0, v7.6.0. Solution There is a new RADIUS health check mechanism introduced in these firmware versions that causes a rep...

ebilcari · 12-10-2024

Description This article explains the effectiveness and provides guidance on configuring and troubleshooting Monitoring for Custom scans. Custom scans can be created and used in Endpoint Compliance Policies to check for specific settings or configura...

ebilcari · 02-06-2025

In this case google is self signing its own certificate so the rule doesn't apply :). There are also some exceptions for large organization like shown here, but based on what I've seen, most of the time you can't get a public signed certificate for a...

ebilcari · 02-06-2025

If a private root CA is used to sign the CSR, than usually yes it is possible to insert IP as SAN. Public root CAs will not allow to put IP in the SAN and probably will strip them out from the the CSR while signing the certificate. This is not a limi...

ebilcari · 02-05-2025

You can refer to this article that goes into the details of configuring PXE boot.

ebilcari · 02-05-2025

You can read more about this feature in this section of the Administration guide.

ebilcari · 02-04-2025

I did some tests in a lab (9.4.7) and found out that the Tag is sent even when the SSID is configured with 'Use Custom Settings' and the Tags is empty in the Policy Details. This may be treated as a cosmetic issue and should not prevent the tag from ...

User Statistics

User Activity

Troubleshooting Tip: CoA/DM not being sent to Cisco Wireless Controller

Troubleshooting Tip: New vendor OUI missing from the database

Technical Tip: How to use LDAP DN attribute in a User Host profile

Troubleshooting Tip: Repetitive RADIUS log error

Technical Tip: Monitor Custom scans to ensure a quicker response to host compliance

Re: Cannot secure Fortigate public IP with CA signed certificate

Re: Cannot secure Fortigate public IP with CA signed certificate

Re: Can't install DHCP option 67

Re: Fortinet Managed Switches

Re: FortiNAC - firewall tags not sent for Wifi connection

Technical Tip: Useful CLI commands in FortiNAC-OS ...

Technical Tip: An example of a simple network depl...

Technical Tip: Performance issue and some general ...

Technical Tip: Update Persistent agent through For...

Technical Tip: A simple deployment including Forti...

Re: FortiNAC - firewall tags not sent for Wifi con...

Re: FortiClient cannot add VPN route to the routin...

Re: FG-60F DNS Server Questions

Re: 2.4ghz and iPhone

Re: Getting started with ZTNA: firewall policy onl...

KCS

User Statistics

User Activity

You are leaving our website