Mobile Device Detection doesn't work properly

Forum|Forum|8 years ago
June 7, 2018
1 reply
16984 views

Hi experts,

I have a FortiGate and I want to create firewall policies based on device detection for mobile devices. I realized that FortiGate can detect only some iPhone and Android devices. I have made a test with two iPhones of different models and iOS version. FortiGate recognizes iPhone 5 but not iPhone 6. The same with two Android phones. They all connect via Wi-Fi to Meraki APs, and the APs are connected to one Meraki switch and then this switch is connected to FortiGate. I know this is due to fingerprinting, but I don't know how to solve this, since right now I cannot create my firewall policies per mobile device detection due to this limitation. Any idea?

Regards,

Julián

Best answer by Nicholas_Doropoulos

Thanks. I'm assuming that device detection has already been enabled on the internal interface since you can identify some of your smartphones. Have you enabled the Active Scanning option as well?

Also, can you run the following command to identify the device detection method used:

diag user device list

And finally, run the following:

get sys arp

Can you see the mac addresses of the phones that have not been identified yet?

Thanks.

Nicholas_Doropoulos

New Member

Could you share with us your Fortigate's model and version please?

fjulianomAuthor

Explorer II

Sure! It is a FortiGate 100E running version 5.6.3.

Regards,

Julián

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded