Add Device Model

These modes can be configured in FortiNAC on a per-device basis. Add Device Model

In the FortiNAC Administration UI, navigate to Network > Inventory.
Discover or add the FortiGate. Include the following:

SNMP Settings: SNMP v1 or v3 credentials used for device discovery and ARP collection/L3 polling

CLI Settings: Administrator account credentials used for API access.

Note: If CLI credentials are not included when adding the device, any managed FortiSwitches will not be discovered until the CLI credentials are added to the Model Configuration.

Instructions in the Administration Guide

Single device: Add or modify a device

Multiple devices: Discovery

Note: If a “?” appears as the icon, then support needs to be added for that device. See KB article Options for Devices Unable to Be Modeled in Topology for instructions.

The FortiGate will display in Inventory. Any FortiSwitches managed by the FortiGate are automatically added.

FortiGate

Linked FortiSwitch

Note the following:
- Models for Fortiswitch devices using self-assigned IP addresses will show contact status lost. These are internal IP addresses and are not reachable. Polling can be disabled under the Polling tab of the FortiSwitch model to avoid confusion.
The ports will be listed under the Ports tab. If ports are not listed, ensure the CLI credentials are populated in the model. Once added, right click on the FortiGate model and select Resync Interfaces.
Enable L3 Polling. Right click on the FortiGate model in the left panel and select Group Membership.
Check the box next to L3 Polling (IPàMAC) and click OK.
Click the Polling tab.
1. Check the box next to L2 Hosts Polling. If configuring Device Detection traps, set the L2 (Hosts) Polling value for 15 minutes.
2. Check the box next to L3 (IPàMAC) Polling.
3. Click Save.
If utilizing the FortiGate API key, login to the FortiNAC CLI as root and enter the following:

Device -ip <FortiGate model IP> -SetAttr -name APIToken -value <API Key>

logout

In the FortiNAC Administration UI, navigate to Network > Inventory.
Discover or add the FortiGate. Include the following:

SNMP Settings: SNMP v1 or v3 credentials used for device discovery and ARP collection/L3 polling

CLI Settings: Administrator account credentials used for API access.

Note: If CLI credentials are not included when adding the device, any managed FortiSwitches will not be discovered until the CLI credentials are added to the Model Configuration.

Instructions in the Administration Guide

Single device: Add or modify a device

Multiple devices: Discovery

Note: If a “?” appears as the icon, then support needs to be added for that device. See KB article Options for Devices Unable to Be Modeled in Topology for instructions.

The FortiGate will display in Inventory. Any FortiSwitches managed by the FortiGate are automatically added.

FortiGate

Linked FortiSwitch

Note the following:
- Models for Fortiswitch devices using self-assigned IP addresses will show contact status lost. These are internal IP addresses and are not reachable. Polling can be disabled under the Polling tab of the FortiSwitch model to avoid confusion.
The ports will be listed under the Ports tab. If ports are not listed, ensure the CLI credentials are populated in the model. Once added, right click on the FortiGate model and select Resync Interfaces.
Enable L3 Polling. Right click on the FortiGate model in the left panel and select Group Membership.
Check the box next to L3 Polling (IPàMAC) and click OK.
Click the Polling tab.
1. Check the box next to L2 Hosts Polling. If configuring Device Detection traps, set the L2 (Hosts) Polling value for 15 minutes.
2. Check the box next to L3 (IPàMAC) Polling.
3. Click Save.
If utilizing the FortiGate API key, login to the FortiNAC CLI as root and enter the following:

Device -ip <FortiGate model IP> -SetAttr -name APIToken -value <API Key>

logout