FortiNAC
NOTE: FortiNAC is now named FortiNAC-F. For post-9.4 articles, see FortiNAC-F. FortiNAC is a zero-trust network access solution that provides users with enhanced visibility into the Internet of Things (IoT) devices on their enterprise networks.
cmaheu
Staff
Staff
Article Id 193826

Description
A "Device Profiling Rule Missing Data" event indicates that Device Profiler cannot compare a rogue against a rule because there is not enough information about the rogue.  This article provides steps to determine what information is missing.

Solution

1. Review rule methods to determine what data is required. Navigate to Hosts > Device Profiling Rules and review the Methods tab for the rule expected to match.
 
2. Determine what data is missing based on the methods used for the rule.  For more information regarding available methods, see the Device Profiler Configuration reference manual in the Fortinet Document Library.
DHCP Fingerprinting:  Navigate to Hosts > Device Identity and search for the Physical Address

HTTP/HTTPS:
- Check adapter record for IP address.  If no IP, verify L3 polling is working.  For troubleshooting instructions, see related KB article below.
 
IP Range
- Check adapter record for IP address.  If no IP, verify L3 polling is working.  For troubleshooting instructions, see related KB article below. 
- Verify IP address falls within range.
 
Location:  Verify the connecting switch/port or wireless controller/AP or SSID is in the specified Container or Port Group

Persistent Agent:  Ensure the Persistent Agent is communicating.  For troubleshooting instructions, refer to related KB article below.
 
SNMP:
- Check adapter record for IP address.  If no IP, verify L3 polling is working.  For troubleshooting instructions, see related KB article below.  
- If IP address is present, verify SNMP communication between the appliance and the device.  For troubleshooting instructions, see related KB article below.
 
SSH:
- Check adapter record for IP address.  If no IP, verify L3 polling is working.  For troubleshooting instructions, see related KB article below.    
- If IP address is present, verify SSH communication between the appliance and the device via Control Server CLI.  If "connection refused" is returned, the port may be getting blocked somewhere on the network or the function is disabled on the device.
 
TCP
- Check adapter record for IP address.  If no IP, verify L3 polling is working.  For troubleshooting instructions, see related KB article below.  
- Verify the specified TCP ports are open.  Right click adapter record and select Run NMAP Scan.

Telnet:
- Check adapter record for IP address.  If no IP, verify L3 polling is working.  For troubleshooting instructions, see related KB article below.  
- If IP address is present, verify Telnet communication between the appliance and the device via Control Server CLI.  If "connection refused" is returned, the port may be getting blocked somewhere on the network or the function is disabled on the device. 
 

3.  After making corrections, test the rogue against the desired rule.  Right click on the adapter record and select Test Device Profiling Rule.
 
4.  Once the rule matches, re-run the rogue host evaluation by navigating to Hosts > Device Profiling Rules and clicking Run.
 
 
Contact Support for further assistance.

 

Related Articles

Technical Note: Troubleshooting SNMP communication issues

Technical Note: Troubleshooting Poll failures

Technical Note: Troubleshooting the Persistent Agent

Contributors