Created on 10-17-2016 06:08 AM Edited on 05-26-2022 09:54 AM By Anonymous
Description
This article is to explain the possibilities of why you may have the same devices show up in the CMDB twice for a single organization.
1 - If you've discovered the same device under another organization (including the super org) with 1 protocol and discovered the same device using another protocol in another organization. If there are credentials that over lap in both organizations this will cause devices not to merge. This is by design (Please reference Additional Information below).
Example would be (note any org can be the super org and it would act in the same manor):
Org 1 discovered 192.168.1.5 (windows) with WMI
Org 2 discovered 192.168.1.5 (EXACTLY the same windows device) with SNMP
2 - Check if you have Virtual IPs configured (Admin > General Settings > Discovery > Virtual IPs)
Virtual IP indication will tell AO not to merge devices together if they contain the same ip in another interface that it discovers. This will make it so that we recognize that these two machines are different. This is also one possibility that your devices did not merge
3 - Under the Super organization, check if you have the same IP range configured for the organization (Admin > Setup Wizard > Organizations > Include IP/IP Range)
This goes in hand with the 1st option, if you discovered the device in an organization, and discovered the same exact device in another org they both can show up as duplicates in the same organization, but because they show up in one org and not merged means that this column could have been configured to show all IPs within the indicated range to display within the cmdb in the same organization. This can cause confusion depending on your infrastructure. It's always best to leave that column blank.
The above are some common pitfalls when you are trying to have devices merge together but they do not merge. By AO's design, you cannot merge devices that are discovered from one organization to another organization. This defeats the purpose of having organizations since they are suppose to be separated. AO will believe that the devices are two unique devices based on the two organizations that it's separated in.
ALL
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.