Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Jeremy5385
New Contributor III

Created on ‎12-05-2025 12:13 PM

Easily Identify FortiSwitch port searching by MAC (FortiLink CLI)

I’m using Fortilink to manage switches from the Fortigate.  When searching to find the port for a device MAC I can dump the mac table using this command:

 

# diag switch-controller switch-info mac-table

 

This gives me pages and pages since I have 25 FortiSwitches on this system.  When I use grep and add the MAC, there can be one line for every switch that has this entry in its table.  I can tell from the output below that the device is on Port43 but no good way to tell which FortiSwitch in Foritlink.

 

# diag switch-controller switch-info mac-table | grep 23:27

MAC: fc:0f:e7:17:23:27  VLAN: 249 Trunk: _FlInK1_ICL0_(trunk-id 0)

MAC: fc:0f:e7:17:23:27  VLAN: 249 Trunk: 8EPTF24001548-0(trunk-id 11)

MAC: fc:0f:e7:17:23:27  VLAN: 249 Trunk: E24TF24002765-0(trunk-id 1)

MAC: fc:0f:e7:17:23:27  VLAN: 249 Trunk: E24TF24002765-0(trunk-id 1)

MAC: fc:0f:e7:17:23:27  VLAN: 249 Trunk: _FlInK1_MLAG0_(trunk-id 0)

MAC: fc:0f:e7:17:23:27  VLAN: 249 Port: port43(port-id 43)

MAC: fc:0f:e7:17:23:27  VLAN: 249 Trunk: 8EPTF24001548-0(trunk-id 0)

 

It would be nice if every line in the dump had the FortiSwitch name at the beginning, but it doesn’t.  Anyone found a good way to get this information in the CLI?  I’ve tried using the -f switch with grep but that doesn’t work.

Labels:
141
0 Kudos
4 REPLIES 4
AEK
SuperUser
SuperUser

Created on ‎12-06-2025 11:48 AM

Since FOS' grep command is not as rich as Linux', as a workaround I'd copy the whole text to my text editor and search for the MAC.

A dumb workaround but is better than nothing.

AEK
AEK
114
0 Kudos
ebilcari
Staff
Staff

Created on ‎12-08-2025 08:04 AM

You can use the FGT UI, it can be checked in Device inventory, filter by Address:

ports.png

 

or similar in FortiSwitch Clients output and filter by Device.

 

I tried from the CLI and ended up with a complex output that contains this information scattered throughout the lines. :)

# diagnose user-device-store device memory list | grep 80:5xxxx:6f:39 -A10

- Emirjon
If you have found a solution, please like and accept it to make it easily accessible for others.
87
Jeremy5385
New Contributor III

Created on ‎12-11-2025 06:14 AM

The "diag user-device-store ..." is really clunky and hard with having to vary the -A syntax depending on the device return.  The result is there none-the-less.

I'm guessing Device Inventory is now Assets & Identities > Assets in 7.6.  In there, I was able to add the FortiSwitch and Port columns to see the data.  This seems to be the easiest method.  Still wish the CLI had an easy one-liner return.  Thanks for the UI find.

 

 

36
AEK
SuperUser
SuperUser
In response to Jeremy5385

Created on ‎12-11-2025 10:22 AM

I believe SNMP can help as well. There must be some OID to list the MAC addresses.

You can run snmpwalk from a Linux host and use grep, awk, and other cool text filtering commands.

AEK
AEK
28
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.