AnsweredHot!FortiNAC and Domain Joined Computers

Bronze Member
  • Total Posts : 37
  • Scores: 0
  • Reward points: 0
  • Joined: 2017/07/05 10:33:11
  • Status: offline
2020/10/13 13:10:05 (permalink)

FortiNAC and Domain Joined Computers

Hello.  Can FortiNAC require that a computer be domain joined before getting an IP address or being allowed network access?  If it isn't, like a contractor or a visitor, I'd like the machine placed in a locked down guest vlan with only Internet access.  Thanks everyone!
Gold Member
  • Total Posts : 364
  • Scores: 16
  • Reward points: 0
  • Joined: 2014/07/30 11:15:18
  • Status: offline
Re: FortiNAC and Domain Joined Computers 2020/11/20 01:48:11 (permalink) ☼ Best Answerby bmduncan34 2020/11/20 05:02:25
that is a bit difficult because for parts of FortiNAC to work you need an IP address first.
you could do this with dot1x and using machine authentication but that isn't really FortiNAC usually way of working.
personally i would say why not allow access in a limited access VLAN first, let the FortiNAC agent do it's work and if ok move to the trusted network? a bit different way of thinking, but it gets the job done.
Jump to:
© 2020 APG vNext Commercial Version 5.5