Description
This article describes how to troubleshoot a rogue connected to the network which does not match any of the configured Device Profiling Rules.
Scope
Version: 9.x & F7.x.
Solution
- Navigate to Users & Hosts -> Hosts.
- Search for the MAC address and verify the rogue's adapter record status shows online (green adapter icon).
Adapter record shows offline: Check switch or wireless connection. If device is confirmed to be online, see these related articles:
If the adapter record shows online: Right-click on the Host record and select Show Events.
'Invalid Physical Address' means the corresponding Vendor OUI is not in the database. For troubleshooting steps, see related article Technical Tip: Host fails to register or multiple host records are created.
'Device Profiling Rule Missing Data' means the Device Profiler cannot compare a rogue against a rule because there is not enough information about the rogue. For troubleshooting steps, see related article Technical Note: Troubleshooting 'Device Profiling Rule Missing Data' events.
Revalidate:
- After making corrections, test the rogue against the desired rule. Search for the MAC address in Users & Hosts -> Adapters.
- Right-click on the adapter record and select Test Device Profiling Rule.
- Once the rule matches, right click on the adapter record and select Reprofile Rogue(s) to re-run the evaluation for the adapter.
If rogue now matches the wrong rule, see related article Technical Tip: Troubleshooting rogue matching the wrong device profile.
