Fortinet black logo

Appliance Installation Guide

Home FortiNAC-F 7.2.0 Appliance Installation Guide
7.2.0
7.4.0
7.2.0

Overview

Overview

This document provides the steps necessary for installing FortiNAC appliance(s). It is intended to be used in conjunction with the FortiNAC Deployment Guide in the Fortinet Document Library. This installation guide is the first step in the deployment.

Physical Appliance Part Numbers

Part Number

Description

FNC-M-550F

Control Manager

FNC-CA-500F

Control and Application Server (CA)

FNC-CA-600F

Control and Application Server (CA)

FNC-CA-700F

Control and Application Server (CA)

Operating System and Open Ports

FortiNAC-F series appliances use the FortiNAC-OS operating system. Limited TCP/UDP ports are open by default for security purposes. This was not the case for FortiNAC appliances using the CentOS operating system.

Hardware appliances only have TCP 22 (SSH) listening on Ethernet port1 by default. Opening additional ports requires the use of the "set allowaccess" command in the appliance CLI.

The configuration steps provided include opening ports for the applicable features and functions covered in this guide. As more features are configured, additional access must be enabled via the CLI. For details, see Open Ports in the FortiNAC Administration Guide.

The best practice is to keep the number of open ports to a minimum, and block all other ports. If there is a need to provide users access to network resources through a static port (e.g., from outside a firewall), the best option is to allow users to connect by VPN.

Previous
Next

Overview

This document provides the steps necessary for installing FortiNAC appliance(s). It is intended to be used in conjunction with the FortiNAC Deployment Guide in the Fortinet Document Library. This installation guide is the first step in the deployment.

Physical Appliance Part Numbers

Part Number

Description

FNC-M-550F

Control Manager

FNC-CA-500F

Control and Application Server (CA)

FNC-CA-600F

Control and Application Server (CA)

FNC-CA-700F

Control and Application Server (CA)

Operating System and Open Ports

FortiNAC-F series appliances use the FortiNAC-OS operating system. Limited TCP/UDP ports are open by default for security purposes. This was not the case for FortiNAC appliances using the CentOS operating system.

Hardware appliances only have TCP 22 (SSH) listening on Ethernet port1 by default. Opening additional ports requires the use of the "set allowaccess" command in the appliance CLI.

The configuration steps provided include opening ports for the applicable features and functions covered in this guide. As more features are configured, additional access must be enabled via the CLI. For details, see Open Ports in the FortiNAC Administration Guide.

The best practice is to keep the number of open ports to a minimum, and block all other ports. If there is a need to provide users access to network resources through a static port (e.g., from outside a firewall), the best option is to allow users to connect by VPN.

Previous
Next