Requirements
FortiNAC
-
Supported Engine Version: 9.4.2, F7.2.1 or greater
-
Remote device must have either the FortiNAC Dissolvable or Persistent Agent
-
Supported FortiNAC Agent Version: 5.2.3 or greater
-
Recommended FortiNAC Agent Version: 5.2.6
-
Agent Supported Operating Systems:
-
-
Windows (not Windows CE)
-
MAC OS
-
Linux
-
Android
Note: FortiNAC doesn't have an app or agent for iOS. Therefore, iOS mobile devices cannot connect through VPN.
-
Dissolvable Agent can be downloaded as part of the VPN connection process from the Captive Portal
-
Persistent Agent can also be downloaded from the Captive Portal or pre-installed
-
Operating systems that cannot run a FortiNAC agent will always remain isolated when connecting to a VPN that is managed by FortiNAC
-
Remote device firewall settings must allow TCP 4568 (bi-directional) for agent communication with FortiNAC (eth0 for Visibility).
Palo Alto
-
Support Firmware Version: 9.0 or greater.
-
SNMP community or account
-
Administrator account
-
Visibility only: System read access
-
Control: System read/write access
-
-
VPN tunnel cannot be configured to use DHCP relay