Description
This article describes an issue while attempting to scan host in Host View and error "Error Scanning" is received.
Scope
FortiNAC
Solution
There are a couple of messages that could display when attempting to scan via the Hosts View using the Scan Host(s) option.
Message 1: Error scanning host xxx Attempting to scan for null Failed to determine Policy... Try again in 10 minutes.
This means the host did not match any Endpoint Compliance policy. Verify by right clicking on host record and selecting Policy Details. The Endpoint Compliance tab content is empty if no policies matched.
Solution:
Review User/Host profile of the Endpoint Compliance policy the host should have matched to figure out what criteria is missing.
Message 2:
Error scanning host xxx Failed to find live (online+communicating) adapter in HostRecord... Try Again In 10 Minutes.
This means the Persistent Agent on that host has not been heard from in awhile and presumed to no longer be responding. This could be due to various factors:
- The host shows all its adapters offline (gray icon).
- FortiNAC has not received any communication from the agent (including "Hello" packets which are sent regularly if the agent is running).
Solution:
- Verify the host shows online in Host View.
- If it does, try sending a message (right click on Host > Send Message) to see if the agent is able to receive it. If unable to send message, the cause could be one of the following:
- The agent may no longer be running and needs to be restarted. Refer to the related KB article below.
- UDP 4567 traffic is being blocked from that agent (either on a firewall on the end station or someplace else on the network).
Related articles:
Technical Tip: Persistent Agent communication ports
Technical Tip: Lost Contact with Persistent Agent After Updating From Version 2.x to 3.x or Higher
Technical Tip: Windows Persistent Agent logs
Technical Tip: macOS Persistent Agent logs
Technical Tip: How to restart the Persistent Agent
