Help
FortiNAC
NOTE: FortiNAC is now named FortiNAC-F. For post-9.4 articles, see FortiNAC-F. FortiNAC is a zero-trust network access solution that provides users with enhanced visibility into the Internet of Things (IoT) devices on their enterprise networks.
FortiKoala
Staff
Staff

Created on ‎09-28-2018 02:38 AM Edited on ‎05-23-2023 09:11 PM By Community Manager

Article Id 195641

Technical Tip: Host fails to register or multiple host records are created

Description


This article describes the behavior where the appliance will only register adapters with a valid vendor OUI.  


If a host has one or more adapters with an invalid OUI, the following symptoms can occur:
Host without an agent:  Host will not register.
Host with an agent:

- Hosts with a valid adapter will be registered.

- Hosts that do not have any valid adapters detected will not be registered.

 

The Vendor OUI database is based on Vendor OUIs registered with the IEEE Authority.  Typically, Vendor OUI’s are missing from the database for one of two reasons:  

- It is not yet registered with IEEE.

- It was recently added to IEEE and will be added to the database upon the next auto-definition update. 

 

Diagnose:

To verify whether or not a specific vendor OUI is recognized, see KB article Verifying Vendor OUIs.
 
'Invalid Physical Address' events are typically generated when attempting to register a device that has a MAC address whose Vendor OUI is unknown. 
 
1) In the Administration UI, navigate to Logs - > Events 
2) Set the following options:
    Add Filter: Event
    Event: Invalid MAC Address
3) Select Update to apply. 


Solution


There are two ways to add a Vendor OUI:

- Manually.

- Via Auto-Definition Updates.


If devices are unable to register due to Invalid Physical Address errors, check the following:

 
1)  In the Administration UI, navigate to System - > Scheduler.  Confirm the Auto-Definition Synchronizer task is enabled and scheduled to run weekly.
 

2)  Navigate to System - > Settings - > Updates - > System.  Verify that the appliance is able to communicate to the updates server to download Auto-Definition Updates by selecting "test".

 

3) Navigate to System - > Settings - > Updates - > System.  If the Auto-Definition Directory is set to something other than '.' (such as /Week1,etc), the schedule is configured to be delayed. 

In these cases, it is possible the OUI is included in an update the system has not yet downloaded.

 

- To change the schedule to download the latest updates, set the Auto-Definition Directory to '.' then click Save Settings.  Once saved, re-run the Auto-Definition Synchronizer task under System - > Scheduler.

- If it is desired to continue to run on a delayed schedule, the OUI in question can be added manually.  For instructions, see KB article Add a vendor OUI manually.  

 

Related article:

Technical Note: Host assumes adapter record role after manually adding Vendor OUI

Labels:
2545
0 Kudos
Submit Article Idea
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.