In a Windows environment using AD machine authentication, how does FortiAuthenticator ensure that a previously authenticated device is maintaining its network access once the device resumes operating after sleep or hibernation?
A.
It temporarily assigns the device to a guest VLAN until full reauthentication is completed.
B.
It sends a wake-on-LAN packet to trigger reauthentication.
C.
It uses machine authentication based on the device IP address.
D.
It caches the MAC address of authenticated devices for a configurable period of time.
When a machine successfully authenticates, FortiAuthenticator records:
Machine account / identity
MAC addressof the device
Associated IP and session info
To handle sleep/hibernation:
FortiAuthenticator keeps acache of authenticated MAC addressesfor a configured timeout.
When the device wakes up and sends traffic again, FortiAuthenticator/FSSO can still treat it as authenticated as long as its MAC is in cache, so access is maintained without forcing a full machine re-auth immediately.
This matches optionD.
A(guest VLAN) is not the standard behavior here.
B(WoL) is unrelated.
C(IP-based) would break as IPs can change; MAC-based caching is what’s used.
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit