need to identify device by port but only see internal

Author
admiralsulu
New Member
  • Total Posts : 2
  • Scores: 0
  • Reward points: 0
  • Joined: 2017/06/09 04:53:55
  • Status: offline
2018/12/04 04:25:38 (permalink)
0

need to identify device by port but only see internal

I need to see what device by IP or mac is on which port on my 90d as I am trying to setup vlans.
there are couple of devices plugged directly into the fortinet at this remote site, but I am not sure if they are APs or what.

I can view the arp table, but ever mac address and IP address is listed as being on interface "internal" instead of "internal1, internal2" and so on.
is there a way I can view what is on a particular port, not just "internal", or is this because the 90d is in switch mode and nothing can be done?
version is 5.4.1 btw.
 
 
#1

2 Replies Related Threads

    Dave Hall
    Expert Member
    • Total Posts : 1289
    • Scores: 126
    • Reward points: 0
    • Joined: 2012/05/11 07:55:58
    • Location: Canada
    • Status: offline
    Re: need to identify device by port but only see internal 2018/12/04 07:08:44 (permalink)
    5 (1)
    May not be exactly what you are looking for, but you always could enabled Device Detection on the interface then check the "device Inventory" for the mac address, etc.

    Attached Image(s)


    NSE4/FMG-VM64/FortiAnalyzer-VM/5.2/5.4 (FWF40C/FW92D/FGT200B/FGT200D/FGT101E)/ FAP220B/221C
    #2
    ede_pfau
    Expert Member
    • Total Posts : 5751
    • Scores: 397
    • Reward points: 0
    • Joined: 2004/03/09 01:20:18
    • Location: Heidelberg, Germany
    • Status: offline
    Re: need to identify device by port but only see internal 2018/12/04 08:46:59 (permalink)
    5 (1)
    This is what a switch does - all ports are supported by one MAC address table.
    My advice would be to go with device identification. But still, the devices are on the 'internal' port.
     
    If you split the (hardware) switch into single ports, you cannot use the same network address on two or more ports. That is, to segment your LAN would mean to introduce several address spaces. No big thing but some effort required (address space, DHCP server, DNS and NTP on each 'internalX' port,...).

    Ede

    " Kernel panic: Aiee, killing interrupt handler!"
    #3
    Jump to:
    © 2018 APG vNext Commercial Version 5.5