Technical Tip: Comprehensive guide for a simple Fo...

Hatibi · 05-20-2025

Description This article describes the issue of FortiGate being unable to connect to the FortiNAC RADIUS server. The error message 'Ignoring request to auth address * port 1812 from unknown client X.X.X.X' is displayed on the FortiGate device. Scope ...

Hatibi · 05-19-2025

Description This article describes how to export 'Port Change' events for a specific switchport. These events will provide the exact timestamps and reason for VLAN change. This information is helpful to identify patterns and can be used as reference ...

Hatibi · 04-25-2025

Description This article describes how to leverage 'Host' and 'User' group types' in Network Access Policies, depending on how the endpoint is registered. Scope FortiNAC-F v7.6 and greater. Solution As of FortiNAC version F7.6.0, FortiNAC will automa...

Hatibi · 03-31-2025

Description This article describes how the TCP/UDP device profiling method works and how to check profiling results when the rule does not match. Scope FortiNAC-F. Solution When TCP or UDP methods are used for device profiling, FortiNAC will utilize ...

Hatibi · 02-17-2025

Description This article describes the steps and verification procedures required to profile devices using the SNMP method. Scope FortiNAC. Solution When profiling with the SNMP method, FortiNAC will send a SNMP Get Request to the Isolated device and...

Hatibi · 02-14-2025

Yes, at the moment FortiNAC can use only AD on-premise as native authentication source for Persistent agent, radius or other methods. Once Entra ID will be supported in FortiNAC new releases, it will be able to perform authentication and user/group l...

Hatibi · 02-13-2025

This is being planned to be added in FortiNAC future releases.

Hatibi · 01-24-2025

Even if HTTP/HTTPS is enabled in a LAN interface, there is still a risk of exposure since that vulnerability can be exploited from the internal interface. I would suggest to apply local-in policies as provided in the 'Workaround' section in (https://...

Hatibi · 01-16-2025

In this case the vulnerability is CVE-2024-46666 which will cause a Denial of Service. You are vulnerable because an adversary/attacker can craft REST API requests that will make the FortiGate unresponsive and impact any endpoints using its services....

Hatibi · 12-18-2024

Well, when you said the AP is dissapearing from DHCP table i presumed they were not retaining IP configuration. - after restart, APs get their IP from DHCP on Fortigate, but later they disappear from DHCP table You did not mention that the AP keeps i...

User Statistics

User Activity

Troubleshooting Tip: Investigate issues with RADIUS Error 'Ignoring request to auth address * port 1812 from unknown client'

Technical Tip: Export 'Port Changes' events to investigate VLAN change reason

Technical Tip: FortiNAC v7.6 LDAP group membership based on 'User' or 'Device' type Registration

Technical Tip: Device profiling using the TCP or UDP methods

Technical Tip: Device profiling with the SNMP method

Re: FortiNAC integration with EntraID

Re: FortiNAC integration with EntraID

Re: Should I upgrade FortiOS for vulnerability CVE-2024-55591?

Re: FG-IR-24-250 / Can someone Explain?

Re: Problems with WiFi FortiOS 7.4.5 and FAP sw 7.4.4

Technical Tip: Comprehensive guide for a simple Fo...

Technical Tip: Run tcpdump in FortiNAC-F and save ...

Technical Tip: FortiGate explicit proxy authentica...

Troubleshooting Tip: Host visibility issues in For...

Technical Tip: FortiNAC general troubleshooting gu...

Re: FortiNAC integration with EntraID

Re: Should I upgrade FortiOS for vulnerability CVE...

Re: Issue with dot1x Configuration on FortiNAC

Re: FortiNAC restrict access to container

Re: Fortinac

KCS

User Statistics

User Activity

You are leaving our website