By default, when authenticating on Fortiswitch with MAB, the MAC address is going to be sent to RADIUS in the format xx-xx-xx-xx-xx-xx (lowercase):

To change the way FortiSwitches send MAC addresses of end devices to the RADIUS server, use the following commands:

config switch global

    config port-security

        set mac-username-delimiter  [ hyphen / single-hyphen / colon / none }

        set mac-password-delimiter [ hyphen / single-hyphen / colon / none ]

        set mac-case [ uppercase / *lowercase ]

    end

end

In this example, the MAC format is going to change from xx-xx-xx-xx-xx-xx to XX:XX:XX:XX:XX:XX.

config switch global

    config port-security

        set mac-case uppercase

        set mac-password-delimiter colon

        set mac-username-delimiter colon

    end

end

The caller station ID can be modified in the same way that the MAC format with the following commands:

config switch global
    config port-security
        set mac-calling-station-delimiter { *hyphen | single-hyphen | colon | none }
        set mac-called-station-delimiter { *hyphen | single-hyphen | colon | none }
    end
end

If this change is needed in a FortiLink environment, try a custom command. This is an example:

config switch-controller custom-command

    edit macformat

        set command "config switch global %0a config port-security %0a set mac-calling-station-delimiter colon %0 set mac-called-station-delimiter colon %0a end %0a end %0a" 

end

Then, apply globally. This is a global example:

config switch-controller global
    config custom-command 
        edit macformat
            set command-name macformat

        next

    end

end