Fortinet black logo

Administration Guide

LLDP reception

LLDP reception

Device detection can scan LLDP as a source for device identification, but the FortiGate does not read or store the full information. Enabling LLDP reception allows the FortiGate to receive and store LLDP messages, learn about active neighbors, and makes the LLDP information available via the CLI, REST API, and SNMP.

You need to enable device detection (device-identification) at the interface level, and then lldp-reception can be enabled on three levels: globally, per VDOM, or per interface.

To configure device identification on an interface:
config system interface
    edit <port>
        set device-identification enable
    next
end
To configure LLDP reception globally:
config system global
    set lldp-reception enable
end
To configure LLDP reception per VDOM:
config system setting
    set lldp-reception enable
end
To configure LLDP reception per interface:
config system interface
    edit <port>
        set lldp-reception enable
    next
end
To view the LLDP information in the GUI:
  1. Go to Dashboard > Assets & Identities.

  2. Expand the Assets widget to full screen.

To view the received LLDP information in the CLI:
# diagnose user device list
hosts
vd root/0  00:0c:29:1c:03:ca  gen 4320  req 0
    created 515971s  gen 31  seen 28s  port1  gen 12
    hardware vendor 'Fortinet'  src lldp  id 4120  weight 255
    type 'Router'  src lldp  id 4120  weight 255
    family 'FortiGate'  src lldp  id 4120  weight 255
    os 'FortiOS'  src lldp  id 4120  weight 255
    hardware version 'VM64'  src lldp  id 4120  weight 255
    software version '7.4.0 Build 2360'  src lldp  id 4120  weight 255
    host 'FGVM02TM22027XXX'  src lldp
To view additional information about LLDP neighbors and ports:
# diagnose lldprx neighbor {summary | details | clear}
# diagnose lldprx port {details | summary | neighbor | filter}
# diagnose lldprx port neighbor {summary | details}

Note that the port index in the output corresponds to the port index from the following command:

# diagnose netlink interface list port2 port3 | grep index
      if=port2 family=00 type=1 index=4 mtu=1500 link=0 master=0
      if=port3 family=00 type=1 index=5 mtu=1500 link=0 master=0
To view the received LLDP information in the REST API:
{
  "http_method":"GET",
  "results":[
    {
      "mac":"90:9c:9c:c9:c9:90",
      "chassis_id":"90:9C:9C:C9:C9:90",
      "port":19,
      "port_id":"port12",
      "port_desc":"port12",
      "system_name":"S124DN3W00000000",
      "system_desc":"FortiSwitch-124D v3.6.6,build0416,180515 (GA)",
      "ttl":120,
      "addresses":[
        {
          "type":"ipv4",
          "address":"192.168.1.99"
        }
      ]
    }
  ],
  "vdom":"root",
  "path":"network",
  "name":"lldp",
  "action":"neighbors",
  "status":"success",
  "serial":"FG201E4Q00000000",
  "version":"v7.4.0",
  "build":2360
}
{
  "http_method":"GET",
  "results":[
    {
      "name":"port1",
      "rx":320,
      "neighbors":1
    }
  ],
  "vdom":"root",
  "path":"network",
  "name":"lldp",
  "action":"ports",
  "mkey":"port1",
  "status":"success",
  "serial":"FG201E4Q00000000",
  "version":"v7.4.0",
  "build":2360
}

More Links

LLDP reception

Device detection can scan LLDP as a source for device identification, but the FortiGate does not read or store the full information. Enabling LLDP reception allows the FortiGate to receive and store LLDP messages, learn about active neighbors, and makes the LLDP information available via the CLI, REST API, and SNMP.

You need to enable device detection (device-identification) at the interface level, and then lldp-reception can be enabled on three levels: globally, per VDOM, or per interface.

To configure device identification on an interface:
config system interface
    edit <port>
        set device-identification enable
    next
end
To configure LLDP reception globally:
config system global
    set lldp-reception enable
end
To configure LLDP reception per VDOM:
config system setting
    set lldp-reception enable
end
To configure LLDP reception per interface:
config system interface
    edit <port>
        set lldp-reception enable
    next
end
To view the LLDP information in the GUI:
  1. Go to Dashboard > Assets & Identities.

  2. Expand the Assets widget to full screen.

To view the received LLDP information in the CLI:
# diagnose user device list
hosts
vd root/0  00:0c:29:1c:03:ca  gen 4320  req 0
    created 515971s  gen 31  seen 28s  port1  gen 12
    hardware vendor 'Fortinet'  src lldp  id 4120  weight 255
    type 'Router'  src lldp  id 4120  weight 255
    family 'FortiGate'  src lldp  id 4120  weight 255
    os 'FortiOS'  src lldp  id 4120  weight 255
    hardware version 'VM64'  src lldp  id 4120  weight 255
    software version '7.4.0 Build 2360'  src lldp  id 4120  weight 255
    host 'FGVM02TM22027XXX'  src lldp
To view additional information about LLDP neighbors and ports:
# diagnose lldprx neighbor {summary | details | clear}
# diagnose lldprx port {details | summary | neighbor | filter}
# diagnose lldprx port neighbor {summary | details}

Note that the port index in the output corresponds to the port index from the following command:

# diagnose netlink interface list port2 port3 | grep index
      if=port2 family=00 type=1 index=4 mtu=1500 link=0 master=0
      if=port3 family=00 type=1 index=5 mtu=1500 link=0 master=0
To view the received LLDP information in the REST API:
{
  "http_method":"GET",
  "results":[
    {
      "mac":"90:9c:9c:c9:c9:90",
      "chassis_id":"90:9C:9C:C9:C9:90",
      "port":19,
      "port_id":"port12",
      "port_desc":"port12",
      "system_name":"S124DN3W00000000",
      "system_desc":"FortiSwitch-124D v3.6.6,build0416,180515 (GA)",
      "ttl":120,
      "addresses":[
        {
          "type":"ipv4",
          "address":"192.168.1.99"
        }
      ]
    }
  ],
  "vdom":"root",
  "path":"network",
  "name":"lldp",
  "action":"neighbors",
  "status":"success",
  "serial":"FG201E4Q00000000",
  "version":"v7.4.0",
  "build":2360
}
{
  "http_method":"GET",
  "results":[
    {
      "name":"port1",
      "rx":320,
      "neighbors":1
    }
  ],
  "vdom":"root",
  "path":"network",
  "name":"lldp",
  "action":"ports",
  "mkey":"port1",
  "status":"success",
  "serial":"FG201E4Q00000000",
  "version":"v7.4.0",
  "build":2360
}