Description This article explains the effectiveness and provides
guidance on configuring and troubleshooting Monitoring for Custom scans.
Custom scans can be created and used in Endpoint Compliance Policies to
check for specific settings or configura...
Description This article describes the behavior of FortiNAC when a user
is disabled from Active Directory. Scope FortiNAC. Solution If the LDAP
entry is configured with the default values, when a user account is
disabled in Active Directory, FortiNAC...
Description This article describes the SNMP configuration compatibility
with a HP switch (rebranded from ProCurve). Scope FortiNAC and old
switches. Solution SNMPv3 is used in environments that require a secure
network communication. The configuratio...
Description This article describes how to generate and export a device
log report to facilitate troubleshooting device integration issues.
There is a dedicated tool that will help to automatically collect the
needed information and generate a single ...
Description This article describes how to solve database replication
issues in the secondary node of an HA cluster. Scope FortiNAC
(FortiNAC-OS) version 7.2.6 and above. Check the status of the database
replication in the Process Manager logs from th...
During the tests especially with mobile phones it's recommended to turn
off the Data traffic. Depending on the vendor of the phone, it will
quickly identify the WiFi network as not useful and redirect all the
traffic through the mobile network. Some ...
Due to the nature of DPI this is expected if the configuration is not
completed. You can take a look at this article that goes into details
explaining why this happens and how to complete the implementation.
Winbind is a tool used to validate the challenges for authentication
types that don't exchange passwords (emulate a windows PC) like
MSCHAPv2, some details are shown in this article.FNAC has Winbind
included in its local RADIUS server that can be use...
You need to isolate the problem:- at L2 level, verify that the switch
learns the MAC addresses of the AP and the FGT on the new VLAN.- at L3
level, verify that the AP has received a new IP from DHCP and the new
subnet, AP should be pinged by FGT. Ver...
Thank you for sharing your findings, I have a similar output from a
108E. As I searched, it seems like this is not well documented apart
from 'p' being the physical port. I would suggest to open a case with
TAC support to get more information and to ...