Technical Tip: An example of a simple network depl...

ebilcari · 12-19-2025

Description This article describes a simple method to quickly verify database synchronization between two nodes in a High Availability (HA) cluster. Scope FortiNAC. Solution When the primary node is in control and the cluster is healthy, database syn...

ebilcari · 12-05-2025

Description This article describes the changes to the firmware update procedure in newer versions of FortiNAC. Scope FortiNAC v7.6.3 and later versions. Solution In newer versions of FortiNAC, the firmware file will no longer be downloaded directly f...

ebilcari · 10-21-2025

Description This article describes the configuration steps required to quickly isolate hosts that initially had the Persistent Agent communicating, but are no longer doing so. The host's compliance status may have changed during this time, and it may...

ebilcari · 09-09-2025

Description This article describes a behavior observed in FortiNAC Manager related to CA Management, where the FortiNAC CA status appears as 'Failed' despite stable network communication and normal CA functionality. This behavior is isolated to Stand...

ebilcari · 08-13-2025

Description This article describes the steps required to successfully deploy the Persistent Agent on a Linux host. In this example, Ubuntu 24.04 is used as the test host. Scope FortiNAC and Linux hosts. Solution This article is a follow-up to Technic...

ebilcari · 12-24-2025

Than you should disable that option, if the requirement is to process them locally.In recent version of FNAC, only a single authentication port is used for local and proxy requests. The requests are than routed accordingly.It is also suggested to hav...

ebilcari · 12-24-2025

You can try to follow the troubleshooting steps that are shown in this article: Troubleshooting Tip: Failure to connect via SSL VPN with 'Credential or SSLVPN configuration is wrong. (-7200)' message with 'sslvpn_login_cert_checked_error'

ebilcari · 12-24-2025

Check if this setup has the option 'Proxy MAB Requests' enabled like shown below: By default, this option is disabled. Authentication policies are not related to RADIUS authentication requests originating from NAS devices.

ebilcari · 12-23-2025

Host are isolated when its status is changed to At-Risk after a scan has failed. You can use monitor for specific custom scans like shown here: Technical Tip: Monitor Custom scans to ensure a quicker response to host compliance

ebilcari · 12-23-2025

There is no reason to not enforce registration on all ports, if rogue hosts are expected to be connected on a port. If registration is not enforced, than the rogue hosts should fall in the Default VLAN and not put in a production VLAN.

User Statistics

User Activity

Technical Tip: A quick method to verify database synchronization in an HA cluster

Technical Tip: Firmware upgrade for setups running v7.6.3 or newer, the firmware is up to date

Technical Tip: Quickly isolate hosts that have disabled or uninstalled the Persistent Agent

Troubleshooting Tip: In NCM, the CA status changes to Failed due to a predefined health check

Technical Tip: Persistent Agent deployment in a Linux host

Re: How to handle MAB locally in FortiNAC ?

Re: Issue on SSO connection on Win11 cliet

Re: How to handle MAB locally in FortiNAC ?

Re: FortiNAC-F Host not isolated when Untrusted application is detected

Re: FortiNAC - Rogue Host Isolation

Technical Tip: An example of a simple network depl...

Technical Tip: Useful CLI commands in FortiNAC-OS ...

Technical Tip: A simple deployment including Forti...

Technical Tip: Update Persistent agent through For...

Technical Tip: Performance issue and some general ...

Re: network subnet assign to between physical inte...

Re: FortiNAC doesn't see new VLANs on FortiLink

Re: Device profiling rule

Re: FortiNAC license for the guest manager feature

Re: Fortinac DNS configuration

KCS

User Statistics

User Activity

You are leaving our website