Fortinet black logo

FortiSwitch Integration

Home FortiNAC-F 7.2.0 FortiSwitch Integration
7.2.0
7.4.0
7.2.0

Connection Notification Methods

Connection Notification Methods

  • SNMP MAC Notification Traps: Traps originate from the FortiSwitch and are routed through the FortiGate. FortiSwitch sends MAC Add, Delete, and Move SNMP traps. When a trap is received, FortiNAC updates the database with the new connection information (MAC address and location).

    • Requires FortiNAC version 9.2.7, 9.4.2, F7.2.1 or greater

    • Requires FortiOS 7.2 or higher

    • Requires FortiSwitch to be configured for a valid IP address (not 169.x.x.x)

  • Syslog Messages: FortiGate sends MAC Add, Delete, and Move messages. When a syslog message is received, FortiNAC updates the database with the new connection information (MAC address and location). This functionality is similar to SNMP MAC Notification traps used by other switch vendors.

    • Requires FortiNAC version 8.6.2 or higher

    • Requires FortiOS 6.2.1 or higher

    • FortiNAC does not process syslog messages for connecting Access Points

  • SNMP Link Traps: This is the least efficient method of endpoint notification. Link Traps originate from the FortiSwitch and are routed through the FortiGate. When a link trap is received, FortiNAC performs a L2 poll of the FortiGate to update the database with the new connection information.

    • Note: SNMP Link Traps DO NOT notify FortiNAC of indirect connections. This includes both new connections and disconnects. Examples include connections behind IP Phone, hub or unmanaged access point.

    • Requires FortiSwitch to be configured for a valid IP address (not 169.x.x.x)

Previous
Next

Connection Notification Methods

  • SNMP MAC Notification Traps: Traps originate from the FortiSwitch and are routed through the FortiGate. FortiSwitch sends MAC Add, Delete, and Move SNMP traps. When a trap is received, FortiNAC updates the database with the new connection information (MAC address and location).

    • Requires FortiNAC version 9.2.7, 9.4.2, F7.2.1 or greater

    • Requires FortiOS 7.2 or higher

    • Requires FortiSwitch to be configured for a valid IP address (not 169.x.x.x)

  • Syslog Messages: FortiGate sends MAC Add, Delete, and Move messages. When a syslog message is received, FortiNAC updates the database with the new connection information (MAC address and location). This functionality is similar to SNMP MAC Notification traps used by other switch vendors.

    • Requires FortiNAC version 8.6.2 or higher

    • Requires FortiOS 6.2.1 or higher

    • FortiNAC does not process syslog messages for connecting Access Points

  • SNMP Link Traps: This is the least efficient method of endpoint notification. Link Traps originate from the FortiSwitch and are routed through the FortiGate. When a link trap is received, FortiNAC performs a L2 poll of the FortiGate to update the database with the new connection information.

    • Note: SNMP Link Traps DO NOT notify FortiNAC of indirect connections. This includes both new connections and disconnects. Examples include connections behind IP Phone, hub or unmanaged access point.

    • Requires FortiSwitch to be configured for a valid IP address (not 169.x.x.x)

Previous
Next