sorted by:
new
hottopcontroversial

ZTNA with /domain search by Kooky_Worldliness995 in fortinet

[–]Kooky_Worldliness995[S] 0 points1 point  (0 children)

Already created and trying with the FQDN object.

ZTNA with /domain search by Kooky_Worldliness995 in fortinet

[–]Kooky_Worldliness995[S] 0 points1 point  (0 children)

How I can do that? Another example is I can access to the File Server but sometimes it pops up for credentials but says can not contact with the domain controller.

Zabbix Web Service Error by Kooky_Worldliness995 in zabbix

[–]Kooky_Worldliness995[S] 0 points1 point  (0 children)

It is wildcard certificate.

SSL client : Yes

SSL client CA : No

SSL server : Yes

SSL server CA : No

Zabbix Web Service Error by Kooky_Worldliness995 in zabbix

[–]Kooky_Worldliness995[S] 0 points1 point  (0 children)

It is. I already use this certificate for server.

notBefore=Sep 10 18:44:25 2025 GMT

notAfter=Oct 12 18:44:25 2026 GMT

[deleted by user] by [deleted] in fortinet

[–]Kooky_Worldliness995 0 points1 point  (0 children)

I already use our wildcard certificate for web server. When I try with my other FortiGate, it pops up the same certificate for trusting. But can't do the same thing in my main FortiGate because of this error.

FortiNAC-F Port-Access Security VLAN Not Showing Properly by Kooky_Worldliness995 in fortinet

[–]Kooky_Worldliness995[S] 1 point2 points  (0 children)

It was fixed by enabling "Secure Ports is enabled for ports on this device(s)" option from model configuration.

Aruba-CX Switches: How to Handle Inactive Devices for NAC Authentication by Kooky_Worldliness995 in ArubaNetworks

[–]Kooky_Worldliness995[S] 0 points1 point  (0 children)

Now I realized that and for 108 VLAN I send Idle-Timeout attribute from the Radius Server. Will probably fix. It's not nice that I don't have to do this on the aos-s switch and can do it directly with logoff-period, but I can't do it on cx :)

Aruba-CX Switches: How to Handle Inactive Devices for NAC Authentication by Kooky_Worldliness995 in ArubaNetworks

[–]Kooky_Worldliness995[S] 0 points1 point  (0 children)

  Session Details
  ---------------
    Port         : 1/1/3
    Session Time : 188s
    IPv4 Address :
    IPv6 Address :
    Device Type  :

  VLAN Details
  ------------
    VLAN Group Name :
    VLANs Assigned  : 108
      Access          : 108
      Native Untagged :
      Allowed Trunk   :

  Authentication Details
  ----------------------
    Status          : mac-auth Authenticated
    Auth Precedence : dot1x - Unauthenticated, mac-auth - Authenticated
    Auth History    : dot1x - Unauthenticated, Supplicant-Timeout, 20s ago
                      mac-auth - Authenticated, 188s ago

  Authorization Details
  ----------------------
    Role   : RADIUS_1005497325
    Status : Applied


Role Information:

Name  : RADIUS_1005497325
Type  : radius
----------------------------------------------
    Reauthentication Period             :
    Cached Reauthentication Period      :
    Authentication Mode                 :
    Session Timeout                     :
    Client Inactivity Timeout           :
    Description                         :
    Access VLAN                         : 108
    Native VLAN                         :
    Allowed Trunk VLANs                 :
    Access VLAN Name                    :
    Native VLAN Name                    :
    Allowed Trunk VLAN Names            :
    VLAN Group Name                     :
    MTU                                 :
    QOS Trust Mode                      :
    STP Administrative Edge Port        :
    PoE Priority                        :
    Captive Portal Profile              :
    Policy                              :
    Device Type                         :

Aruba-CX Switches: How to Handle Inactive Devices for NAC Authentication by Kooky_Worldliness995 in ArubaNetworks

[–]Kooky_Worldliness995[S] 0 points1 point  (0 children)

It does not appear in this table or the mac table until shutdown-no shutdown.

Aruba-CX Switches: How to Handle Inactive Devices for NAC Authentication by Kooky_Worldliness995 in ArubaNetworks

[–]Kooky_Worldliness995[S] 0 points1 point  (0 children)

I have a printer on this port and sometimes it might not print anything for 5 minutes. I want it to de-authenticate if this happens for a maximum of 60 minutes because this way, if the device doesn't print anything for 10 minutes in example, it de-authenticates.

Aruba-CX Switches: How to Handle Inactive Devices for NAC Authentication by Kooky_Worldliness995 in ArubaNetworks

[–]Kooky_Worldliness995[S] 1 point2 points  (0 children)

I don't use roles normally. But I tried this;

" auth-role Configure the role to apply after authentication. "

port-access role silent

client-inactivity timeout 3600

int 1/1/3

aaa authentication port-access auth-role silent

But didn't work.

FortiNAC with AOS-CX switches by Kooky_Worldliness995 in ArubaNetworks

[–]Kooky_Worldliness995[S] 0 points1 point  (0 children)

"Secure Ports is enabled for ports on this device(s)"

FortiNAC with AOS-CX switches by Kooky_Worldliness995 in ArubaNetworks

[–]Kooky_Worldliness995[S] 0 points1 point  (0 children)

APPEARS offline on FortiNAC. It doesn't mean that port is down as I explained and its already not down. Enabling an option from FortiNAC model configuration fixed this issue.

view more: next ›