We are deploying FortiNAC BYOD, and testing it on wired connection firstly, then will deploy on wireless.
We have an issue that BYOD device is locate in the isolation VLAN successfully, then redirected to FortiNAC Portal, but the portal takes a lot of 5 minutesto load, also after the user login using LDAP credential, he download Disslovable Agent successfully and install it, but Dissolvable Agent trigger an Error "Unable to obtain configuration from Server" and asks for server IP, when entering server IP, the same Error exists.
FortiNAC is extremely capricious software, any little parameter (from hundreds) in your env that is not configured as it wants will lead to various kinds of issues. I can tell you that FortiNAC is the most capricious and complicated software I've seen in my 15 years career.
So for your first issue, the portal may not auto-display until you request some URL on your browser, or may be caused from DHCP address is coming probably late because your client may have not refreshed its dynamic address when it should do, this is one or two of the many possible scenarios. So try check your client's IP address while you are waiting for the portal to display.
For the second issue, as far as I remember it happens when you don't have valid certificate for on your server portal, or if the certificate is not recognized by client, in version 9 dissoluble agent is enforced with https. So when you are prompted you should enter protocol before IP, i.e.: http://x.x.x.x/some_path, this should work.
I think there is probably "some_path" but sorry I don't remember it.
Hi mostafahasanin38, FortiNAC switches VLAN in different ways (REST API, SSH, RADIUS, ETC) depending on the product integration(Forti AP, Cisco, Ruckus, etc): You can find all our integration guides supported here: https://docs.fortinet.com/product/fortinac/8.8 Which of these is your case ?
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.