Device detection

If you're using the Brocade as a router (layer 3), then MAC addresses won't "pass."

You have some choices:

1) 802.1x authentication on the clients and having it send RADIUS accounting updates to the FortiGate.

2) Install FortiClient on the clients.

3) Put the clients on their own VLAN, with a routing interface enabled on the Forti.

Adrian wrote:

SMabille wrote:
Hi, Fortigate 200D, 5.0.4 and 5.0.5: How and when are devices detected/identified? I' m sure this was working in the past, but now the online column in device definition stays empty. It seems that all my devices were last seen about 10 days ago. Client devices don' t have Forticlient installed Step taken: - Upgrade from 5.0.4 to 5.0.5, so that rebooted my Fortigate. - " diagnose user device clear" . - deleted some permanent entries of device that are currently communicating, they are not detected/added to the list. Any idea? Thanks, Stephane

I have a similar issue where with FG 500D on 5.2.3 GA with a Brocade ICX on the LAN side. It only detects the Brocade and 1 more device. That's it. It doesn't see the hundreds of devices on the LAN. If I delete that one more device, it will randomly detect another one and that's it.

 

Any updates on your end ?

 

Thank you,

 

Adi

neonbit wrote:

FortiOS 5.4 has an enhancement to device identification called 'active device identification'. It allows you to actively scan devices that can't be determined by passive means using the vulnerability scan engine.

 

I've tested the beta in a lab and the device identification worked well, but it was only for a directly connected network. Not sure how well it will handle a multi level LANs (cant test that scenario in my lab).

Are you in any way able to do a test with a routed interface ? Because honestly, this is how the FortiGates are installed in an enterprise environment.

I don't have a spare FortiGate to do tests with unfortunately :(