Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Thonno
New Contributor III

FortiNAC - Device Profiling Rules CUSTOM ATTRIBUTE

Hello, I’m experiencing an issue with FortiNAC-OS 7.2.8.

I’ve created a device profiling rule with the following settings:

  • Registration: Automatic
  • Type: Windows
  • Role: NAC-Default
  • Register as: Device in Host View
  • Add to group: XXX
  • Access Availability: Always

SDSDSD.png

Methods:

DHCP Fingerprinting with different custom attributes:

  1. Message Type: Any
    Host Name: ICT-*

  2. Message Type: Any
    Host Name: DSKT*

Screenshot 2025-03-16 233348.png

 

However, Windows devices are detected but not properly profiled and registered.

 

For testing purposes, I tried both creating a single custom attribute with Host Name: "ICT-*, DSKT*" and creating multiple rules with a single hostname per rule, but neither approach worked.

 

I have another rule for IP Phones, which is working without any problems.

 

What am I doing wrong? Any suggestions?

1 REPLY 1
ebilcari
Staff
Staff

Firstly check in 'Endpoint Fingerprints' view and verify that the DHCP attributes and the hostname are created for these hosts. If they are properly populated, check the values and make sure you are using it properly (case sensitive). You could test the rule right away by r-clicking in the entry and 'Test Device Profiling Rule':

 

rulematch.PNG


Debugs can also be enabled to get a better overview of what is happening as shown here.

- Emirjon
If you have found a solution, please like and accept it to make it easily accessible for others.
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors