Description
ARP: The Address Resolution Protocol is a communication protocol used for discovering the link layer address, such as a MAC address, associated with a given internet layer address, typically an IPv4 address. (Address Resolution Protocol - Wikipedia).
MAC address: Media access control address is a unique identifier assigned to a network interface controller (NIC) for use as a network address in communications within a network segment.
Scope
Showing the commands available to list the MAC addresses on a FortiGate.
Solution
Mac addresses on FortiGate can be seen:
In NAT Mode.
- Per port (MAC address learnt on a specific port, with age).
get sys arp | grep wan
78.91.12.34 0 00:00:01:23:86:46 wan2 <----- This is the MAC address of the remote unit.
- Per port (along with IP addresses and other details).
diagnose ip arp list | grep wan
index=7 ifname=wan2 78.91.12.34 0 00:00:01:23:86:46 state=00000002 use=136 confirm=124 update=226 ref=99
- Current port MAC address:
diagnose hardware deviceinfo nic wan2 | grep HWaddr
Current_HWaddr 90:6c:ac:89:00:61
Permanent_HWaddr 90:6c:ac:89:00:61
- MAC addresses of the interfaces of all units in a HA cluster:
diagnose sys ha dump-by device
- List firewall IP/MAC address pairs (static data, defined in config).
diagnose firewall ipmac list
In Transparent mode.
Operating as a switch, the 'bridge controller' will be used to see the MAC address table.
diagnose netlink brctl name host root.b <----- Replace root with the desired VDOM.
diagnose netlink brctl list
Related article:
Technical Tip: How to check MAC-address table in Transparent mode
