Locate hosts
Click Users & Hosts > Locate Hosts on the dashboard to locate devices, users or hosts by changing the Search Type.
Locate devices or hosts
- Select Users & Hosts > Locate Hosts.
- Select a search type.
Search Type
Description
All
This option searches for both devices and hosts.
Devices
Use this option to locate network devices.
Hosts/Users
Use this option to locate hosts or users.
-
Enter the search criteria. To reduce the potential for a significant number of records being returned in the search results, you must enter a value into one of the search fields.
If the search type is set to All and you enter data in the Name field, FortiNAC searches for user sast names and network device names.
- Click Search.
Locate hosts and users
This window can be used to search your database for hosts and users of many types. Guests, contractors and conference attendees are also considered users and can be located using this window or through the Guest/Contractor Accounts window. See Guest/contractor accounts.
You cannot locate guest or contractor accounts until the account is automatically created on the specified date. For example, a contractor account scheduled for March 1 cannot be located until that date.
Use the Locate window to:
- Check that a record for a host exists.
- See where the host is on the network.
- Check the connect status and access of the host.
- Search for a registered host by MAC address to see where it is on the system.
- Use wild cards to search for hosts or users. See Wild cards for additional information.
Locate hosts
- Select Users & Hosts > Locate Hosts.
- Select Hosts/Users from the Search Type drop-down list.
- Enter the Search criteria.
- Click Search.
Fields
Field |
Description |
---|---|
Last Name |
Last name of a user associated with the registered host or the vendor name of a rogue host. |
IP address |
IP address of the host. |
MAC Type |
MAC Type for the host. The available options are: Invalid, Valid or Both. |
Connect State |
Connect State of the adapter. Options include: Both, Off line or On line. |
Access |
Access state of the adapter. Options include, Enabled, Disabled or Both. |
Physical Address |
MAC address of the adapter on the host. |
Media Type |
Searches the Media Type field in the Adapter Properties. Typically this would be either wired or wireless. |
Access Value |
Name or number of the network access identifier given to this adapter based on the state of the host and the device to which the adapter is connected, such as VLAN ID, VLAN Name or Aruba Role. |
Host Name |
Name of the host. |
Agent Version |
Version number of the Persistent Agent, Mobile Agent, or Dissolvable Agent on the host. |
Operating System |
Operating system on the host. |
Hardware |
Hardware type of the host. |
Host Type |
Narrow the search by a specific type of host: All, IP Phone, Registered or Rogue. |
Authenticated State |
Include hosts on which a user has Authenticated, Not-authenticated or Both. |
Security State |
Include hosts that are Safe, At Risk, Pending At Risk or All. Search results for Safe hosts include Pending At Risk hosts. Pending At Risk is a sub-set of Safe hosts. |
Persistent Agent |
The Persistent Agent usage of the host. Options include:
|
Connect State |
The connect state of the adapter. Options include both, offline, or online. |
Access |
The access state of the host. Options include enabled, disabled, or both. |
Host Role |
Name of the Role assigned to the host. Roles are used to group hosts and are used as filters in user/host profiles. |
Security & Access Value |
Directory attribute used as a filter when determining which policies apply to hosts. Data contained in this field is copied from the user's account in the directory to the Security and Access value field on the User, Host and Adapter Properties. It can also be entered manually. |
First Name |
First name of the user associated with the host. |
User ID |
Unique alphanumeric ID. Typically comes from the directory but if you are not using a directory, this field can be created manually. |
Title |
User's title, this could be a form of address or their title within the organization. |
Admin Profile |
Searches both administrators and network users. Options include: Any or a list of your administrator profiles. To search network users and guests or contractors, select Any. |
Sponsor |
If the administrator performing the search has sponsor privileges, his User Name may be filled in this field. Depending on permissions, a sponsor's search may be limited to the hosts he created and then registered. Sponsors with the ability to view all accounts can use this field to find hosts created and then registered by a specific sponsor by entering that sponsor's user name in this field. |
User Role |
Name of the Role assigned to the user. Roles are used to group users and as filters in user/host profiles. |
Access |
The Access state of the user. Options include, Enabled, Disabled or Both. |
Security & Access Value |
Directory attribute used as a filter in user/host profiles when determining which Policies apply to hosts. Data contained in this field is copied from the user's account in the directory to the Security and Access value field on the User, Host and Adapter Properties. It can also be entered manually. |
Search results
Search results displays the host and user information and provides access to other host-specific information such as Adapter Properties, Host Properties, group membership, port properties, and Device Properties. Administrators can delete hosts, adapters and users from this view.
Column |
Description |
Server |
Server managing the host. |
Name |
Last name of the user (from the user record), hostname or vendor name. This column could contain any combination of this data. |
ID |
ID of the host or user. |
IP address |
IP address of the host. |
Physical Address |
MAC address of the host. |
Location |
Device the host is connected to, such as a switch or a router. |
Views |
Icons that provide access to other related information. Click an icon to go to that view from the results window. Options include: Adapter Properties, Host Properties, group membership, Ports Properties and Device Properties. |
Remove Buttons |
Click the one or more check boxes in the left column to select items for deletion. Selected are removed items from the server where they were being managed. Only administrators can delete. Remove options are as follows:
|
Edit hosts
After searching for hosts using the Locate view, you are presented with a list of results. From within that list you can delete hosts, users and adapters, edit group membership and view adapter properties.
Delete hosts
- Select Users & Hosts > Locate Hosts.
- Enter the search criteria in the Locate view.
- In the search results, select the check box next to the record(s) to be deleted.
- Click Remove at the bottom of the window.
View or modify group membership
- Select Users & Hosts > Locate Hosts.
- Enter the search criteria in the Locate view.
- Go to the Views column in the search results and click the Group Membership icon.
- The groups that contain this host or user are displayed.
- Add or remove groups as needed and click Apply to save changes.
If an item is placed in a subgroup, it can only be removed when viewing the membership of that subgroup. It cannot be removed from the parent group containing the subgroup.
For example, the L2 network devices group contains the Wired Devices and Wireless Devices subgroups. The Wired Devices subgroup contains four 3COM switches. The Wireless Devices subgroup contains two Cisco switches.The L2 network devices group membership list shows all six switches, but to remove one of the 3COM switches you must go to the Wired Devices membership list.
View properties
- Select Users & Hosts > Locate Hosts.
- Enter the search criteria in the Locate view.
- Go to the Views column in the search results and click the Properties icon.
- The properties for the selected adapter, host or user are displayed.
Locate devices
- Select Users & Hosts > Locate Hosts.
- Select Devices from the Search Type drop-down list.
- Enter the Search criteria.
- Click Search.
Fields
Field |
Definition |
Name |
Name of the device. |
IP address |
IP address of the device. |
Status |
The status of the device: Any: Show device regardless of current status. Management Lost: System is still in contact with the server, but the server is not managing anything. Lost: Cannot ping a known device. Unknown: Very brief status that only occurs while pinging a new device. Once the device responds to the ping the status changes. Established: Device can be pinged and is in contact. |
Protocol |
Protocol used to communicate with the device. Options include: Pingable, SNMP or Both. |
Physical Address |
Physical address of the device. If you enter a value for this option in the All or Device search, all of the device ports with a matching MAC address are shown in the results. If you do not enter a MAC address, only the device model is shown in the results. |
Results
Field |
Definition |
Server |
Name of the FortiNAC Control Server where the device is located. |
Name |
Name of the device. |
IP address |
IP address of the device. |
Physical Address |
MAC address of the device. |
Type |
Device type (vendor name/model). |
Status |
Contact status of the device. |
Views |
Icons that provide access to device specific views. Click an icon to go to that view from the results window. Options include: Device Properties, device group membership and Ports and Hosts. |
Edit devices
After searching for devices using the Locate View, you are presented with a list of results. From within that list you can edit device group membership, view device properties and view the port and hosts associated with the selected device.
View/modify device group membership
- Select Users & Hosts > Locate Hosts.
- Enter the search criteria in the Locate Devices view.
- Go to the Views column in the search results and click the Group Membership icon.
- The group properties for the selected device are displayed.
- Add or remove groups as needed and click Apply to save changes.
If an item is placed in a subgroup, it can only be removed when viewing the membership of that subgroup. It cannot be removed from the parent group containing the subgroup.
For example, the L2 network devices group contains the Wired Devices and Wireless Devices subgroups. The Wired Devices subgroup contains four 3COM switches. The Wireless Devices subgroup contains two Cisco switches. The L2 network devices group membership list shows all six switches, but to remove one of the 3COM switches you must go to the Wired Devices membership list.
View device properties
- Select Users & Hosts > Locate Hosts.
- Enter the search criteria in the Locate Devices view.
- Go to the Views column in the search results and click the Device Properties icon.
- The properties for the selected device are displayed.
View device ports and hosts
The Device Ports and Hosts results contain VLAN (Current and Default) and Host (Name and IP) information for each port on the device.
- Select Users & Hosts > Locate Hosts.
- Enter the search criteria in the Locate Devices view.
- Go to the Views column in the search results and click the Ports and Hosts icon.
- The ports and hosts for the selected device are displayed.
View SSIDs
All SSIDs on the device are listed with the current and default VLAN setting. If a host is connected on a port, the adapter MAC address and IP information are also displayed.