Hi Team, I am swapping from Cisco ISE to FortiNAC. Currently, ISE
permits access with EAP-TLS and LDAP user groups (Domain users and
domain computers) In FortiNAC, EAP-TLS authentication is possible but I
don't see any option to permit access based o...
Hi Team, I am replacing Cisco ISE with FortiNAC. The Cisco ISE is
currently configured to profile the Access Points and send a Cisco Neat
attribute. This Neat attribute helps the Cisco switch assign a truck
role to the port. In FortiNAC, Network Acce...
I must assign the network to the users based on their username (fetched
from the EAP-TLS certificate CN or SAN). I don't see any option in
FortiNAC that maps "Network Access" based on the LDAP group membership.
For Example: Workstation (logical Netwo...
Hi Ebilcari, The document talks about "Tunnel-Private-Group-Id".
However, the %Access_Value% is the reference value of the attribute and
can be used for any attribute. It is not limited to the VLAN attribute.
Regards, Barry Ghuman
Hi Ebilcari, Thank you for your response!It is a little tricky to add
the customized attributes. I think a knowledge document from your team
will be great. Regards, Barry Ghuman
Hi Emirjon, I think you did not understand my question. I know how to
create and map the radius attribute group for the connection reply. In
your screenshot -- The Logical network is assigned "Access Value" +
"Additional Radius Attribute Group". "Acc...
