Created on 05-17-2022 06:36 AM Edited on 03-18-2024 04:36 AM By Jean-Philippe_P
Description | This article describes how to troubleshoot DHCP Fingerprint Profiling that tries to match the Operating System in Device Profiling Rules. |
Scope | FortiNAC. |
Solution |
If using the default Windows (DHCP) DPC rule that validates DHCP Fingerprinting Type = windows is used.
xx:xx:xx:xx:xx:xx(HP COMPUTER INC.) DHCPv4 1(DHCPv4 REQUEST) Windows Windows 10 LAPTOP-LAB MSFT 5.0 1,3,6,15,31,33,43,44,46,47,119,121,249,252 53,61,50,12,81,60,55,82.
Troubleshooting Commands:
Profiler evaluation details (prints to /bsc/logs/output.nessus):
nacdebug -name ActiveFingerprint true
DPC Server processes (prints to /bsc/logs/output.master):
nacdebug -name DpcRuleServer true
dumpdeviceidentities -mac XX:XX:XX:XX:XX:XX client -mac XX:XX:XX:XX:XX:XX
nacdebug -name DpcRuleServer nacdebug -name ActiveFingerprint
Related document: Technical Note: DHCP Fingerprint Profiling Rule does not match upon initial connection |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.