Help
FortiNAC
NOTE: FortiNAC is now named FortiNAC-F. For post-9.4 articles, see FortiNAC-F. FortiNAC is a zero-trust network access solution that provides users with enhanced visibility into the Internet of Things (IoT) devices on their enterprise networks.
cmaheu
Staff
Staff

Created on ‎05-28-2019 06:20 AM Edited on ‎06-16-2022 02:57 PM By Anonymous

Article Id 193788

Technical Tip: IP address information not updating

Description

 

This article explains why the IP address information for adapter records is not updating.

 

Scope

 

FortiNAC


Solution

 

Look for L3 Poll Failure events:

 

Version 8.x:

1) Navigate to Logs -> Events.  

2) Add Filter: Event.
3) Event: L3 Poll Failed.
4) Select Update.   

 
Version 9.x:
1) Navigate to  Logs -> Events & Alarms.
2) Select Events.
3) Add Filter: Event.
4) Event: L3 Poll Failed.
5) Select Update.
 
There are Recent Poll Failure Events
1)  Navigate to Network Devices -> Topology

2)  Select the Polling tab of the model failing the poll and verify the timestamps for the Last Successful Poll and Last Attempted L3 (IP > MAC) Poll are the same.

Last Successful Poll is not current:  Refer to the related KB article below for steps on troubleshooting L3 Poll failures.

 
No Recent Poll Failure Events
1)  Navigate to Network Devices -> Topology
2)  Verify router or L3 switch supplying the ARP cache information for the affected hosts is modelled. If not, add the device.
3)  Ensure the router/L3 switch's model is a member of the IP -> MAC device group.  Right-click on the model and select Group Membership.
 
 
The last successful poll is current but IPs are not updating: Verify the IP address is present in the ARP cache of the router.  If present, collect the results of the ARP cache read from the appliance and submit them to Support for further investigation.

 
Option1:  
Enable session logging in terminal emulation applications (such as PuTTY).  In the Control Server CLI enter:
readarpcache -ip <router/L3 switch ip>

Option2:
Send output to a file in the /bsc/logs directory.  In the Control Server CLI enter:
cd /bsc/logs
readarpcache -ip <router/L3 switch ip> | tee arpcache.txt

 
 
Open a support ticket and provide the following information:
  • Text file of ARP cache read.(if arpcache.txt was created, the file can be downloaded to a computer using SCP)
  • Screen capture of the device's Element tab in Network Devices -> Topology.
  • Screen capture of Help > About . 
 
Gather additional Information regarding the L3 poll response from the device.
 
1)  Device model information:
Device -ip <device IP>
 
2)  Determine the L3 Polling method used.  See KB article below (FD42739).  If the device is not listed, refer to the appropriate Integration guide in the Fortinet Document Library
 
3)  Run the appropriate commands to gather information regarding the poll response.
 
CLI
a)  Enable the telnet debug.
 

CampusMgrDebug -name TelnetServer true

 
b) Read the Arp cache from CLI.
 
readarpcache -ip <switch ip>
 
 
SNMP
Verify response for ipNetToMediaPhysAddress query.  Perform snmpwalk:
 

snmpwalk -v1 -c public <ip of L3 switch> 1.3.6.1.2.1.4.22.1.2

Related Articles

Technical Note: Troubleshooting Poll failures

Labels:
2992
0 Kudos
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.