Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
bfakhriddi
New Contributor

Created on ‎09-29-2021 12:37 PM

how to check mac address of the connected device

hi,

 is there command to check mac add of the device connected to the port of the fortigate? I see port is up and trying to figure it out  what is connected on it. 

26790
0 Kudos
7 REPLIES 7
Toshi_Esumi
SuperUser
SuperUser

Created on ‎09-29-2021 12:40 PM

If it has an IP reachable from the FGT, "get sys arp" that shows IP/Age/MACaddr/Interface.

25921
0 Kudos
bfakhriddi
New Contributor
In response to Toshi_Esumi

Created on ‎09-29-2021 12:56 PM

yes, right but that shows interface only as a lan , it doesnt show what is coming from port 1 or port 2 or port 10. i am looking for something like "show mac add int gi1/0/2 " 

 is it possible? 

25921
0 Kudos
Toshi_Esumi
SuperUser
SuperUser
In response to bfakhriddi

Created on ‎09-29-2021 01:21 PM

So you're saying your FGT is one of smaller model like FG-xxD/E/F that supports hard-switch and you want to know MAC addresses connected to individual member ports, and you don't have a switch inbetween.

I don't think there is a command to show that, as far as I know. saneeshpv_FTNT's comment below backs up my understanding.

I would just trace the cable to identify the device connected to each port.

 

[link]https://forum.fortinet.com/tm.aspx?m=150983[/link]

25921
0 Kudos
rockvid
New Contributor

Created on ‎10-06-2021 03:51 AM

Open the Home Network Security app. Tap the Menu icon. Tap Devices, select the device, look for the MAC ID. Tap Settings.Tap General.Tap About. The MAC address is listed as Wi-Fi Address. [size="1"]vidmate app save insta video[/size]

25921
0 Kudos
bfakhriddi
New Contributor
In response to rockvid

Created on ‎10-06-2021 06:13 AM

which device you are talking about? there is no Home/network security etc  in fortigate...

25921
0 Kudos
MatejR
New Contributor

Created on ‎02-22-2023 02:28 AM

Hi, you can use lldp to find the information.

Its silly we have to look other way around to find port/mac/ip relation as on different platforms "show ip arp"/"show arp vlan xxx" etc... does what we need.

diagnose lldprx nei sum

 

If you dont have lldp globally allowed you follow this steps.

config vdom

edit <vdom>

config system settings

set lldp-reception enable

set lldp-transmission enable

end

...wait minute and after

diagnose lldprx nei sum

 

If not working and hw-switch is configured, try to add following under vlan xxx

config system interface
edit "vlanxxx"

set device-identification enable

 

 

 

19023
D_H_08
New Contributor
In response to MatejR

Created on ‎01-12-2025 11:05 PM Edited on ‎01-12-2025 11:07 PM

Perfect! I used this to get each ports mac address on Fortigate and their corresponding LLDP nei in clean output.

diagnose lldprx nei sum

Thank you, @MatejR 

2818
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.