Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
IvanYupanqui
New Contributor

Fortinac v9.4 MultiSessions Limit dot1x

Hi Good morning my name is Ivan,

I have a Fortinac v9.4 appliances which is running dot1x peap services using proxy mode (FortiAuthenC proxy radius server). Maybe someone might help me:

I need to limit concurrent session  regardless context connection (wired/wifi). In another words, Just 1 user can access to wired/wifi with 1 PC windows. If the same user will try to connect using another Pc windows, Fortinac should block the connection without any portal without redirect to isolation.

 

I was trying using Allowed host but this not working. The concept is different. 

 

Is that possible to do on Fortinac?

Thanks you so much for your answer.

Best regards. 

3 REPLIES 3
Anthony_E
Community Manager
Community Manager

Hello Ivan,


Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.


Thanks,

Anthony-Fortinet Community Team.
Anthony_E
Community Manager
Community Manager

Hello Ivan,

 

We are still looking for someone to help you.

We will come back to you ASAP.


Regards.

Anthony-Fortinet Community Team.
ebilcari
Staff
Staff

The allowed hosts configuration will limit the number of hosts a user can register. If the host is not registered it will be isolated and not able to access the network (this will not affect the already registered hosts for that user). Same attribute can be set in a user level.

more information can be found here: https://docs.fortinet.com/document/fortinac/9.4.0/administration-guide/552799/allowed-hosts and here: https://docs.fortinet.com/document/fortinac/9.4.0/administration-guide/183321/user-properties

 

Another option should be to check on FAC if it's possible to limit the concurrent RADIUS session for a single user and return RADIUS Rejects in case of other tries from the same user that already have a running session.

- Emirjon
If you have found a solution, please like and accept it to make it easily accessible for others.
Labels
Top Kudoed Authors