Skip to main content
bfakhriddi
bfakhriddi
New Member
September 29, 2021
Question

how to check mac address of the connected device

  • September 29, 2021
  • 3 replies
  • 36502 views

hi,

 is there command to check mac add of the device connected to the port of the fortigate? I see port is up and trying to figure it out  what is connected on it. 

    3 replies

    Toshi_Esumi
    SuperUser
    Toshi_Esumi
    SuperUser
    September 29, 2021

    If it has an IP reachable from the FGT, "get sys arp" that shows IP/Age/MACaddr/Interface.

    bfakhriddi
    bfakhriddiAuthor
    New Member
    September 29, 2021

    yes, right but that shows interface only as a lan , it doesnt show what is coming from port 1 or port 2 or port 10. i am looking for something like "show mac add int gi1/0/2 " 

     is it possible? 

    Toshi_Esumi
    SuperUser
    Toshi_Esumi
    SuperUser
    September 29, 2021

    So you're saying your FGT is one of smaller model like FG-xxD/E/F that supports hard-switch and you want to know MAC addresses connected to individual member ports, and you don't have a switch inbetween.

    I don't think there is a command to show that, as far as I know. saneeshpv_FTNT's comment below backs up my understanding.

    I would just trace the cable to identify the device connected to each port.

     

    [link]https://forum.fortinet.com/tm.aspx?m=150983[/link]

    rockvid
    rockvid
    New Member
    October 6, 2021

    Open the Home Network Security app. Tap the Menu icon. Tap Devices, select the device, look for the MAC ID. Tap Settings.Tap General.Tap About. The MAC address is listed as Wi-Fi Address. [size="1"]vidmate app save insta video[/size]

    bfakhriddi
    bfakhriddiAuthor
    New Member
    October 6, 2021

    which device you are talking about? there is no Home/network security etc  in fortigate...

    MatejR
    MatejR
    New Member
    February 22, 2023

    Hi, you can use lldp to find the information.

    Its silly we have to look other way around to find port/mac/ip relation as on different platforms "show ip arp"/"show arp vlan xxx" etc... does what we need.

    diagnose lldprx nei sum

     

    If you dont have lldp globally allowed you follow this steps.

    config vdom

    edit <vdom>

    config system settings

    set lldp-reception enable

    set lldp-transmission enable

    end

    ...wait minute and after

    diagnose lldprx nei sum

     

    If not working and hw-switch is configured, try to add following under vlan xxx

    config system interface
    edit "vlanxxx"

    set device-identification enable

     

     

     

      D_H_08
      D_H_08
      Visitor III
      January 13, 2025

      Perfect! I used this to get each ports mac address on Fortigate and their corresponding LLDP nei in clean output.

      diagnose lldprx nei sum

      Thank you, @MatejR 

      Terms & ConditionsAccessibility statement