Fortinet black logo

Palo Alto Networks Integration

Home FortiNAC-F 7.2.0 Palo Alto Networks Integration
7.2.0
7.4.0
7.2.0

Configure FortiNAC

Configure FortiNAC

  1. Enable the pre-defined Syslog File for the appropriate Fortinet version.

  1. In the Administrative UI, navigate to System > Settings > System Communication > Syslog Files

  2. If the appropriate Syslog File is not already enabled, highlight the PaloAlto entry, right-click and select Enable

For syslog field definitions, see section Syslog Management of the Administration Guide in the Fortinet Document Library.

  1. Modify or create a model for the firewall in the Topology view. The model must contain the IP address Palo Alto uses to send the Syslog messages.

    In the Administration UI, navigate to Network > Inventory.

    Adding a Firewall Model

    1. Right Click on the container desired to add the Firewall.

    2. Select Add Device.

    3. Input IP, SNMP, and SSH information.

    4. Continue with Existing Firewall instructions below.

Existing Firewall Models

Modify the existing model if the IP address is the same as the one sending the Syslog messages.

  1. Locate the firewall model in the tree.

  2. Right-click the model and select Properties.

  3. For Incoming Events, click the first drop-down and select either Syslog or Security Events (see next page for field description).

  4. In the second drop-down, select PaloAlto Firewall.

  5. Click Save.

Previous
Next

Configure FortiNAC

  1. Enable the pre-defined Syslog File for the appropriate Fortinet version.

  1. In the Administrative UI, navigate to System > Settings > System Communication > Syslog Files

  2. If the appropriate Syslog File is not already enabled, highlight the PaloAlto entry, right-click and select Enable

For syslog field definitions, see section Syslog Management of the Administration Guide in the Fortinet Document Library.

  1. Modify or create a model for the firewall in the Topology view. The model must contain the IP address Palo Alto uses to send the Syslog messages.

    In the Administration UI, navigate to Network > Inventory.

    Adding a Firewall Model

    1. Right Click on the container desired to add the Firewall.

    2. Select Add Device.

    3. Input IP, SNMP, and SSH information.

    4. Continue with Existing Firewall instructions below.

Existing Firewall Models

Modify the existing model if the IP address is the same as the one sending the Syslog messages.

  1. Locate the firewall model in the tree.

  2. Right-click the model and select Properties.

  3. For Incoming Events, click the first drop-down and select either Syslog or Security Events (see next page for field description).

  4. In the second drop-down, select PaloAlto Firewall.

  5. Click Save.

Previous
Next