Technical Tip: 'Error Scanning' message displays when attempting to scan from hosts view
Description
This article describes an issue while attempting to scan a host in Host View, and the error 'Error Scanning' is received.
Scope
FortiNAC v9.x, F v7.x.
Solution
There are a couple of messages that could display when attempting to scan via the Hosts View using the Scan Host(s) option.
Message 1: Error scanning host xxx. Attempting to scan for null. Failed to determine Policy... Try again in 10 minutes.
This means the host did not match any Endpoint Compliance policy. Verify by 'right-clicking' on the host record and selecting Policy Details. The Endpoint Compliance tab content is empty if no policies matched.
Message 2: Error scanning host xxx. Failed to find live (online+communicating) adapter in HostRecord... Try again in 10 Minutes.
This means the Persistent Agent on that host has not been heard from in a while and is presumed to no longer be responding. This could be due to various factors:
- The host shows all its adapters offline (gray icon).
- FortiNAC has not received any communication from the agent (including 'Hello' packets, which are sent regularly if the agent is running).
Solution:
- Verify the host shows online in Host View.
- If it does, try sending a message ('right click' on Host -> Send Message) to see if the agent can receive it. If unable to send a message, the cause could be one of the following:
- The agent may no longer be running and needs to be restarted. Refer to the related KB article below.
- TCP 4568 traffic is being blocked from that agent (either on a firewall on the end station or somewhere else on the network).
Related articles:
Technical Tip: Persistent Agent communication ports
Technical Tip: Lost Contact with Persistent Agent After Updating From Version 2.x to 3.x or Higher
Technical Tip: Windows Persistent Agent logs