|
When synchronization is performed, GSuite returns both the wireless and wired (Ethernet) MAC addresses for that host. It has been observed that GSuite can return many devices with the same wired MAC address. In such cases, FortiNAC attempts to merge the duplicate adapter records into a single host record.
The logic is that since MAC addresses are supposed to be unique, the wireless adapters returned with the same ethernet adapter entry must all belong to the same device. As a result, that single host record would list the common wired adapter plus an adapter record for each wireless adapter found with it.
Example:
3 hosts returned by GSuite with the same wired MAC address.
Host 1:
- wired adapter.
- wireless adapter 1B.
Host 2:
- wired adapter A.
- wireless adapter 2B.
Host 3:
- wired adapter A.
- wireless adapter 3B.
Instead of creating 3 host records, FortiNAC would merge the records into a single host record:
Host:
- wired adapter A.
- wireless adapter 1B.
- wireless adapter 2B.
- wireless adapter 3B.
The wired adapter OUIs for these duplicate MACs appeared to belong to docking stations. It would suggest users are sharing docking stations for their Chromebooks. This behavior could also be caused by sharing Ethernet dongles.
Current workaround: Add the duplicate Ethernet addresses to the ignored adapters list. For instructions see the KB article: Technical Tip: Using the Custom Ignored Adapters List
This use case is under investigation for alternative solutions.
|
