Created on 06-13-2019 01:43 PM Edited on 05-26-2022 11:36 AM By Anonymous
Description
A "Device Profiling Rule Missing Data" event indicates that Device Profiler cannot compare a rogue against a rule because there is not enough information about the rogue. This article provides steps to determine what information is missing.
Solution
DHCP Fingerprinting: Navigate to Hosts > Device Identity and search for the Physical AddressHTTP/HTTPS:- Check adapter record for IP address. If no IP, verify L3 polling is working. For troubleshooting instructions, see related KB article below.IP Range:- Check adapter record for IP address. If no IP, verify L3 polling is working. For troubleshooting instructions, see related KB article below.- Verify IP address falls within range.Location: Verify the connecting switch/port or wireless controller/AP or SSID is in the specified Container or Port GroupPersistent Agent: Ensure the Persistent Agent is communicating. For troubleshooting instructions, refer to related KB article below.SNMP:- Check adapter record for IP address. If no IP, verify L3 polling is working. For troubleshooting instructions, see related KB article below.- If IP address is present, verify SNMP communication between the appliance and the device. For troubleshooting instructions, see related KB article below.SSH:- Check adapter record for IP address. If no IP, verify L3 polling is working. For troubleshooting instructions, see related KB article below.- If IP address is present, verify SSH communication between the appliance and the device via Control Server CLI. If "connection refused" is returned, the port may be getting blocked somewhere on the network or the function is disabled on the device.TCP- Check adapter record for IP address. If no IP, verify L3 polling is working. For troubleshooting instructions, see related KB article below.- Verify the specified TCP ports are open. Right click adapter record and select Run NMAP Scan.Telnet:- Check adapter record for IP address. If no IP, verify L3 polling is working. For troubleshooting instructions, see related KB article below.- If IP address is present, verify Telnet communication between the appliance and the device via Control Server CLI. If "connection refused" is returned, the port may be getting blocked somewhere on the network or the function is disabled on the device.
Related Articles
Technical Note: Troubleshooting SNMP communication issues
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.