Hello, I’m experiencing an issue with FortiNAC-OS 7.2.8.
I’ve created a device profiling rule with the following settings:
- Registration: Automatic
- Type: Windows
- Role: NAC-Default
- Register as: Device in Host View
- Add to group: XXX
- Access Availability: Always
Methods:
DHCP Fingerprinting with different custom attributes:
Message Type: Any
Host Name: ICT-*Message Type: Any
Host Name: DSKT*
However, Windows devices are detected but not properly profiled and registered.
For testing purposes, I tried both creating a single custom attribute with Host Name: "ICT-*, DSKT*" and creating multiple rules with a single hostname per rule, but neither approach worked.
I have another rule for IP Phones, which is working without any problems.
What am I doing wrong? Any suggestions?
Firstly check in 'Endpoint Fingerprints' view and verify that the DHCP attributes and the hostname are created for these hosts. If they are properly populated, check the values and make sure you are using it properly (case sensitive). You could test the rule right away by r-clicking in the entry and 'Test Device Profiling Rule':
Debugs can also be enabled to get a better overview of what is happening as shown here.
