Technical Tip: Useful CLI commands in NAC-OS for t...

ebilcari · 06-05-2024

Description This article describes that in Meraki AP integration, FortiNAC sometimes may not update the Host state to offline when it receives the Syslog message 'events type=disassociation'. Since FortiNAC is not able to read live sessions from Mera...

ebilcari · 05-14-2024

Description This article describes the cases when the network administrators want to be notified when a host is identified as an 'At Risk' state. In some environments where connectivity is important, the Scan remediation action can be configured to D...

ebilcari · 04-17-2024

Description This article describes how to upgrade a FortiNAC-F setup running NAC-OS using an interim build image. The procedure is used to upgrade the firmware to a version suggested and offered by the TAC support team, mainly for testing new feature...

ebilcari · 03-15-2024

Description This article describe how to use events and audit logs in cases when a new issue arises on an existing setup that was previously working normally. This also applies for an intermittent issue that appear at specific time only. Scope FortiN...

ebilcari · 02-18-2024

Description This article describes that in authentications that include MSCHAPv2, the Winbind tool needs to be configured and FortiNAC must be joined to the domain for the authentications to succeed. Scope FortiNAC, Windows Server AD. Solution In lat...

ebilcari · 06-17-2024

Is the option "Save login" selected in VPN Connection configurations under Authentication field?

ebilcari · 06-17-2024

The concept of "not in the database" is valid for the whole domain only, not for the subdomains. As long as the domain is present in the database every request for it's subdomains will not be forwarded. If the entry is not found locally it will respo...

ebilcari · 06-17-2024

As I know this is a limit for the standard DNS server not only a limitation of FGT. If the network has a private DNS server configured with all this private domains you can choose to forward all the request without specifying domains in the local dat...

ebilcari · 06-17-2024

I think this is a DNS server behavior, if the domain exist locally all the subdomains for that domain will be searched locally, the requests will not be forwarded to the external DNS server. As a workaround you can create another/similar domain for t...

ebilcari · 06-17-2024

It may be an emulator issue (GNS3) while bridging to an external interface. Try connecting another virtual host from within GNS3 to the FGT (or a VPC) to verify the communication.

User Statistics

User Activity

Technical Tip: Meraki AP, Hosts disconnection not being reflected

Technical Tip: Notify when a host is at risk state

Technical Tip: How to upgrade the firmware using an interim build image

Troubleshooting Tip: Using Events and Audit logs to identify configuration changes or new issues

Technical Tip: Create and use a Keytab file to join FortiNAC in the domain

Re: auto-completion error

Re: DNS Server FortiGate

Re: DNS Server FortiGate

Re: DNS Server FortiGate

Re: Empty ARP table - layer 2 issue

Technical Tip: Useful CLI commands in NAC-OS for t...

Technical Tip: An example of a simple network depl...

Re: FortiNAC deployment

Re: Inter VLAN routing

Re: fortiswitch ring topology with different model

Re: DNS Server FortiGate

Re: Can't setup a VPN user.

Re: Forti-EMS integrate with cisco ISE

Re: NAC - wired switchport default VLANs for vario...

Re: Fortinac DHCPD service stops working

KCS