Created on 05-23-2022 03:09 AM Edited on 01-30-2024 02:00 AM By Kate_M
ARP: The Address Resolution Protocol is a communication protocol used for discovering the link layer address, such as a MAC address, associated with a given internet layer address, typically an IPv4 address. (Address Resolution Protocol - Wikipedia).
MAC address: Media access control address is a unique identifier assigned to a network interface controller (NIC) for use as a network address in communications within a network segment.
Showing the commands available to list the MAC addresses on a FortiGate.
Mac addresses on FortiGate can be seen:
In NAT Mode.
- per port (MAC address learnt on a specific port, with age).
# get sys arp | grep wan
78.91.12.34 0 00:00:01:23:86:46 wan2 <----- This is the MAC address of the remote unit).
- Per port (along with IP addresses and other details).
# diag ip arp list | grep wan
index=7 ifname=wan2 78.91.12.34 0 00:00:01:23:86:46 state=00000002 use=136 confirm=124 update=226 ref=99
- Current port mac address:
# diag hardware deviceinfo nic wan2 | grep HWaddr
Current_HWaddr 90:6c:ac:89:00:61
Permanent_HWaddr 90:6c:ac:89:00:61
- Mac addresses of the interfaces of all units in a HA cluster:
# diagnose sys ha dump-by device
- List firewall IP/MAC address pairs (static data, defined in config).
# diagnose firewall ipmac list
In Transparent mode .
Operating as a switch, the 'bridge controller' will be reached to see the mac address table.
# diag netlink brctl name host root.b <----- Replace root with the desired VDOM.
# diag netlink brctl list
Related link:
Technical Tip: How to check MAC-address table in Transparent mode
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.