Skip to Content

How to create Device Profiling Rule with the SSH Method

By: Author Alex Lim

Posted on

Categories Troubleshooting

This article describes how to create a Device Profiling Rule with the SSH method.

Scope

FortiNAC -F, FortiNAC.

Solution

Step 1: Establish an SSH session to host and check the output that comes from the host after establishing the SSH session.

Establish an SSH session to host and check the output that comes from the host after establishing the SSH session.

Step 2: After learning the first output from the host after the SSH connection, create a new Device Profiling Rule and select the SSH method. Type the credentials in the ‘Credentials’ field that will be used by FortiNAC to establish an SSH session, add a Command, select the ‘expect’ option, and type the text that will be expected by FortiNAC after the SSH connection. Instead of typing exact output, regex can also be used.

After learning the first output from the host after the SSH connection, create a new Device Profiling Rule and select the SSH method. Type the credentials in the 'Credentials' field that will be used by FortiNAC to establish an SSH session, add a Command, select the 'expect' option, and type the text that will be expected by FortiNAC after the SSH connection. Instead of typing exact output, regex can also be used.

Step 3: Go to Users & Hosts > Adaptors, ‘Right-click’ on the host, select ‘Test Device Profiling Rule’, select the DPR that has been created with the SSH method and select ‘OK’.

Go to Users & Hosts, Adaptors, 'Right-click' on the host.

Select 'Test Device Profiling Rule', select the DPR that has been created with the SSH method and select 'OK'.

Step 4: Go to Users & Host > Enpoint Fingerprints and check the Fingerprints that were learned by the SSH method.

Go to Users & Host, Enpoint Fingerprints and check the Fingerprints that were learned by the SSH method.