Sure! It is a FortiGate 100E running version 5.6.3.

Regards,

Julián

Hi Nicholas,

Yes, device detection is enabled on the interface, though I don't see the Active Scanning option:

I attach a excerpt of the two commands, and I have indicated one of the devices which is not identified as an example:

FG100E4Q17012150 # diagnose user device list hosts vd root/0 00:00:00:00:00:00 gen 3634 req TOHUS/3e created 9701423s gen 3 seen 0s LAN gen 387 vd root/0 a4:5d:36:11:4c:6d gen 822212 req TO/c created 8386117s gen 102473 seen 0s LAN gen 8148 ip 172.16.100.6 src none type 17 'Windows PC' src mwbs id 40 gen 3242 os 'Windows 8 / 2012' version '' src mwbs id 40 host 'SRVLIMAPP1D1' src dhcp vd root/0 b8:6b:23:2c:fc:b6 gen 831401 req TOS/e created 9692496s gen 2253 seen 0s VLAN 20 gen 49903 ip 172.20.100.59 src mac type 17 'Windows PC' src http id 2315 gen 452 os 'Windows' version '8 (x64)' src http id 2315 host 'LTP00003.STEVIAONEPERU.local' src dhcp vd root/0 b4:f1:da:af:ad:cb gen 831610 req TOUS/2e created 540722s gen 791803 seen 471s VLAN 19 gen 49929 ip 172.19.100.11 src mac host 'android-ec134b52449e12d' src dhcp

.

.

.

vd root/0 d0:25:98:4a:0c:15 gen 831126 req 0                                <<<<<<<<<<<< this is the device created 710807s gen 779261 seen 126s VLAN 18 gen 49873 type 16 'Router/NAT Device' src ac id 0 gen 3183

FG100E4Q17012150 # get sys arp Address Age(min) Hardware Addr Interface 172.18.100.25 0 80:19:34:f1:60:3f VLAN 18 172.20.100.51 0 d0:bf:9c:24:63:40 VLAN 20 172.16.100.5 0 2c:59:e5:4a:ae:b8 LAN 172.18.100.31 0 4a:7d:2b:f7:04:00 VLAN 18 172.20.100.57 0 70:5a:0f:1f:b8:5a VLAN 20 172.16.100.11 0 00:15:5d:64:05:00 LAN 172.18.100.20 0 4c:eb:42:f9:64:01 VLAN 18 172.16.100.125 1 e0:55:3d:62:5f:50 LAN 172.16.100.6 0 a4:5d:36:11:4c:6d LAN 172.18.100.32 0 ac:2b:6e:28:88:45 VLAN 18 172.18.100.15 0 f8:34:41:06:40:00 VLAN 18 172.20.100.58 0 54:e1:ad:74:34:aa VLAN 20 172.17.100.4 1 b4:99:ba:de:08:a3 VLAN 2 172.18.100.38 0 a4:c4:94:b2:73:2a VLAN 18 200.4.228.185 0 cc:16:7e:76:1b:49 wan2 172.16.100.126 0 e0:55:3d:62:53:30 LAN 172.18.100.21 2 ac:ed:5c:bd:4b:29 VLAN 18 172.18.100.27 0 e8:2a:ea:8e:9d:24 VLAN 18 172.16.100.41 0 00:d0:b8:2a:67:4b LAN 172.16.100.132 0 a0:d3:c1:e6:7d:97 LAN 172.20.100.53 0 00:25:ab:91:c5:15 VLAN 20 172.16.100.7 0 00:15:5d:64:04:01 LAN 172.20.100.59 0 b8:6b:23:2c:fc:b6 VLAN 20 172.16.100.127 0 e0:55:3d:62:57:90 LAN 172.18.100.22 0 d8:fc:93:1f:fc:43 VLAN 18 172.16.100.133 0 88:15:44:d9:89:31 LAN 172.16.100.190 0 54:ee:75:97:82:21 LAN 172.20.100.54 0 34:64:a9:c5:35:7b VLAN 20 172.16.100.8 0 58:97:bd:43:3f:40 LAN 172.16.100.156 0 40:a3:cc:96:e9:48 LAN 172.19.100.15 0 50:01:d9:29:c6:02 VLAN 19 172.18.100.23 0 ac:2b:6e:a3:29:f1 VLAN 18 161.132.123.169 0 fc:fb:fb:a1:7a:61 wan1 172.16.100.134 0 e0:55:3d:33:3a:e8 LAN 172.18.100.12 0 44:85:00:da:ef:17 VLAN 18 172.16.100.140 0 00:d0:b8:2e:86:03 LAN 172.18.100.18 0 a0:99:9b:12:da:a1 VLAN 18 172.20.100.50 0 c8:5b:76:20:29:8d VLAN 20 172.16.100.4 0 a4:5d:36:11:4c:6c LAN 172.20.100.56 0 50:7b:9d:9f:cf:b5 VLAN 20 172.16.100.124 0 e0:55:3d:62:f5:e0 LAN 172.20.100.62 0 3c:a8:2a:e1:8f:24 VLAN 20 172.18.100.42 3 d0:25:98:4a:0c:15 VLAN 18                    <<<<<<<<<<<<<<<< this is the device FG100E4Q17012150 #

Hi Nicholas,

Based on the output I provided do you know why the mobile device detection doesn't work correctly?

Regards,

Julián

Hi Julian,

Thanks for that info. Could you also provide the following:

1) What is the role assigned to the interface that VLAN 18 is associated with (LAN, WAN, DMZ or Undefined)? Given the version you are on there should be an "Active Scanning" option right below device detection.

2) Can you also point out to me in the same way as you did previously the smartphone(s) that DO get detected successfully so we can compare?

Thanks.

Hi Nicholas,

1) The role is LAN and there is no such option:

2) Sure, look at this:

vd root/0 c8:14:51:69:d4:20 gen 665017 req TOU/2c   created 1928382s gen 665013 seen 1927958s LAN gen 40475   ip 172.16.100.153 src arp   type 1 'Android Phone' src http id 959 gen 2922   os 'Android' version '7.0' src http id 959   host 'HUAWEI_Mate_9_lite' src dhcp vd root/0 4c:8d:79:ca:44:27 gen 831618 req TOU/2c                        <<<<<<<<<<<<<< detected OK   created 606820s gen 786949 seen 413s VLAN 19 gen 49926   ip 172.19.100.17 src arp   type 11 'iPhone' src dhcp id 134 gen 3179   os 'iPhone' version '' src dhcp id 134   host 'iPhonedeJulian' src dhcp vd root/0 54:ee:75:97:82:21 gen 831189 req TO/c   created 2870676s gen 565693 seen 4s LAN gen 49880   ip 172.16.100.190 src mac   type 17 'Windows PC' src http id 2378 gen 3256   os 'Windows' version '8.1 (x64)' src http id 2378   host 'X1CARBONJORTIZ.STEVIAONEPERU.local' src dhcp

.

.

.

vd root/0 a4:5d:36:11:4c:6f gen 816311 req TOUS/2e   created 9699761s gen 693 seen 203997s LAN gen 48727   ip 172.16.100.191 src mac   host 'ILOMX23360024' src dhcp vd root/0 d0:25:98:4a:0c:15 gen 831126 req 0                                    <<<<<<<<<<<< not detected   created 710807s gen 779261 seen 126s VLAN 18 gen 49873   type 16 'Router/NAT Device' src ac id 0 gen 3183 vd root/0 5c:c3:07:90:f6:78 gen 829497 req 0   created 4153920s gen 458798 seen 22191s LAN gen 49708   ip 172.16.100.173 src none   type 16 'Router/NAT Device' src tc id 0 gen 2453

Nicholas, I realized the device correctly detected is through interface VLAN 19 and the device not detected is through VLAN 18. The configuration of both VLANs are the same except VLAN 19 has activated the DHCP server and VLAN 18 has a DHCP relay pointing to the corporate DHCP server. Could be that the reason? I have to test joining the device not detected to VLAN 19 and see the results.

Regards,

Julián

Hi Julian,

That is very likely to be the reason yes, which is why I wanted us to compare the outputs of both phones as they were bound to differ on something.

Feel free to carry out your testing and let me know of the results.

Hi Nicholas,

I have joined the device which was not detected to VLAN 19 but it keeps without being detected. I thought it could be something related to DHCP fingerprinting, but it seems that's not the reason...

Weird...

Regards,

Julián