Fortinet black logo

FortiGate VPN Integration

Home FortiNAC 9.4.0 FortiGate VPN Integration
9.4.0
9.4.0

Validate

Validate

Using the VPN client, establish a connection and verify the following:

  1. Host is assigned an IP address from the VPN address pools defined on the FortiGate and in Configuration Wizard.

  2. If an agent is not already installed on the connecting host, depending on the VPN Endpoint Compliance Policy, the user may be prompted to download an agent. Without an agent, the VPN session will not be authorized by FortiNAC.

  3. If agent is installed, the appropriate scan configured in the VPN Endpoint Compliance Policy is run.

  4. Once the scan completes and passes, FortiNAC sends the FSSO tag/group values to the FortiGate which changes the firewall rules that match the VPN traffic from that point forward, and the host is granted access to the appropriate networks.

For unexpected behavior, see Troubleshooting.

Previous
Next

Validate

Using the VPN client, establish a connection and verify the following:

  1. Host is assigned an IP address from the VPN address pools defined on the FortiGate and in Configuration Wizard.

  2. If an agent is not already installed on the connecting host, depending on the VPN Endpoint Compliance Policy, the user may be prompted to download an agent. Without an agent, the VPN session will not be authorized by FortiNAC.

  3. If agent is installed, the appropriate scan configured in the VPN Endpoint Compliance Policy is run.

  4. Once the scan completes and passes, FortiNAC sends the FSSO tag/group values to the FortiGate which changes the firewall rules that match the VPN traffic from that point forward, and the host is granted access to the appropriate networks.

For unexpected behavior, see Troubleshooting.

Previous
Next