Fortinet Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
sel18
New Contributor II

OID FortiNAC.

Hello team,

 

I have a problem in the OID of a Cisco device "Firepower-ASA" in the FortiNAC.

The OID of the device is wrong.

Could you please help on how I can change the OID manual in the FNC !!

 

PS: FortiNAC version 9.2

 

thanks in advance.

6 REPLIES 6
Markus_M
Staff
Staff

Hi sel18,

 

the OID in FortiNAC is for a stored model of the Firepower, yours might be different than the one that has been stored. That you can select it, tells me that the device is not supported out of the box, you will need to try to map this to a different OID that might fit, best with a similar name or a device fitting the description. Generic advice, I know; in case of the firepower there might be no better matching device.

What is the problem actually? You cannot model the device correctly?

 

Best regards,

 

Markus

sel18
New Contributor II

thanks Markus

 

the device is Cisco FMC and how can i to map this to a different OID because when i add the device in fortiNAC the OID is automatically taken by the device.

the problem that i can't poll this device in the fortiNAC and i suppose that this issue caused by the wrong OID of this device.

 

thanks in advance

Markus_M
Staff
Staff

If it is automatically taken, you cannot change the mapping with the context menu on the inventory/topology view ("set device mapping"). It will be seen as fully recognized - see attachment

If you can change it to different OIDs, the device isn't fully recognized.

 

The OID you will find with

snmpwalk -v1 -c <communityname> <ip> system

Run this from the FortiNAC to ensure the snmp connectivity to the device.

 

If you cannot poll the device, you want to see what errors you have there saying that you cannot poll and what exactly you are testing.

Like pushing the Poll button obviously, or the automatic poll throws up error logs in the event logs of FortiNAC.

 

Best regards,

 

Markus

sel18
New Contributor II

Hi,

the currently OID detected is 1.3.6.1.4.1.8072.3.2.10

i didn't get any result of snmpwalk is unkown host

i need to add L3 device like firewall FMC to make the authentication 802.1X because i can't see the IP for each MAC users in our L2 devices (switch cisco) or you recommend another way to see the IP of each MAC !

 

amacchiaverna
New Contributor III

The only way would be to either have the Persistent Agent on the device which would report the IP (if it can be installed on it) or have an L3 device modeled in the FortiNAC so that its ARP table can be polled and the IP be mapped to the MAC of the host.

If this information was useful, please click on the thumbs-up button!
Anthony
sel18
New Contributor II

thanks for your reply

please i want to know the important steps for the the 802.1X authentication exactly !

like the isolation vlan, scope isolation ... ! did we need another vlan and subnet configured in the configwizard !

 

thanks in advance