Help
FortiNAC
NOTE: FortiNAC is now named FortiNAC-F. For post-9.4 articles, see FortiNAC-F. FortiNAC is a zero-trust network access solution that provides users with enhanced visibility into the Internet of Things (IoT) devices on their enterprise networks.
FortiKoala
Staff
Staff

Created on ‎09-28-2018 02:41 AM Edited on ‎10-06-2023 11:13 AM By Community Manager

Article Id 198023

Technical Tip: Verifying Vendor OUIs

Description

 

This article describes the steps to verify the presence of a particular OUI and its associated Registration Type in the database.


FortiNAC verifies the legitimacy of a device's MAC address during the registration process. The MAC address vendor OUI must be registered with IEEE in order to be considered valid. If the OUI cannot be validated, the device fails registration with the error "Invalid Physical Address".


Search for Vendor OUI list in FortiNAC UI:

 

  1.  In the Administration UI, navigate to the Vendor OUIs view.

Version 9.1: Network > Settings > Identification > Vendor OUIs.

Version 9.2 and greater: System > Settings > Identification > Vendor OUIs.

 

  1. From the Add Filter drop-down menu, select Vendor OUI.
  2. In the Vendor OUI field, enter the first 3 octets of the device’s Physical Address in the hexadecimal format ##:##:## (For example, 00:1D:09).
  3. Select Update.

 

If the OUI is already in the database, the associated Vendor Name, Vendor Alias, Role, Registration Type, and Registration Override values will display (if any). If the OUI displays but registration continues to fail with the same error, there may be other adapters associated with the same host record that are not valid. See KB article 195641.

 

If an OUI is not in the database, 'No records found' will appear in the results section. If this occurs, confirm the OUI has been registered with IEEE:
https://standards-oui.ieee.org/oui/oui.txt 

 

If not found in IEEE, then the OUI is not registered.


Scope  Version: 9.x, F7.2

 

Solution

 

OUI is not listed in UI but is registered with IEEE: Run Auto-Definitions update to obtain the latest OUI's and anti-virus definitions.

  1.  Navigate to System -> Scheduler.
  2. Select Auto-Definition Synchronizer and select Run Now. For additional details on this task, see Auto-definitions updates in the Administration Guide.
  3. Once update is complete, verify the OUI is now listed in the Vendor OUIs view.

 

If OUI is still not found, Auto-Definition updates may not be completed.  Verify that FortiNAC can reach the updates server using the Test button under System -> Settings -> System -> Updates.  If the test is successful, auto-definitions may be configured for a delayed schedule. See the System update in the Administration Guide.

 

Contact Support for additional assistance.


Workaround:

See related article:

Technical Tip: Add a Vendor OUI Manually.

Labels:
1001
0 Kudos
Submit Article Idea
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.