Description This article describes the steps and verification procedures
required to profile devices using the SNMP method. Scope FortiNAC.
Solution When profiling with the SNMP method, FortiNAC will send a SNMP
Get Request to the Isolated device and...
Description This article describes the concept of 'Ports in the Network'
in FortiNAC. This is required to properly understand the scope of the
network environment to adjust resources allocated to FortiNAC for
optimal performance. Scope FortiNAC, Fort...
Description This article describes the steps required to fully restore a
FortiNAC server after a system failure or when redeployment is needed.
Scope FortiNAC-F v7.4.X, v7.6.X. Solution The full restoration of
FortiNAC requires that administrators al...
Description This article describes how to identify the RADIUS reject
cause when EAP-MSCHAPv2 is used as authentication method. Scope
FortiNAC-F. Solution MSCHAPv2 is a challenge response protocol and a
widely used EAP authentication method. In such i...
Description This article provides some examples of the methods that can
be used by FortiNAC in order to control access for BYOD scenarios. Scope
FortiNAC-F, FortiNAC. Solution Companies normally have in place BYOD
policies, to allow their users to br...
Yes, at the moment FortiNAC can use only AD on-premise as native
authentication source for Persistent agent, radius or other methods.
Once Entra ID will be supported in v7.6.3 GA, it will be able to perform
authentication and user/group lookup in Ent...
This feature has been submitted as NFR ID: 0949927 and is being planned
to be added in FortiNAC v7.6.3 GA. This can change however due to
engineering priority shifts. You can track this through your Fortinet
Sales Engineer.
Even if HTTP/HTTPS is enabled in a LAN interface, there is still a risk
of exposure since that vulnerability can be exploited from the internal
interface. I would suggest to apply local-in policies as provided in the
'Workaround' section in
(https://...
In this case the vulnerability is CVE-2024-46666 which will cause a
Denial of Service. You are vulnerable because an adversary/attacker can
craft REST API requests that will make the FortiGate unresponsive and
impact any endpoints using its services....
Well, when you said the AP is dissapearing from DHCP table i presumed
they were not retaining IP configuration. - after restart, APs get their
IP from DHCP on Fortigate, but later they disappear from DHCP table You
did not mention that the AP keeps i...
