I don't see some hosts
-
@LaurentB I haven’t read through the whole thread, so sorry if this has been said and tried already: Did you reset the encryption data in the web UI for this client (see host settings)?
-
@Sebastian-Roth i cannot do that because the client wasn’t in my host list ! (it’s my problem).
moreover I’ve never seen this option… -
@laurentb Looking through the code and the messages you posted again I might have found some interesting point here. See the list of MAC addresses the clients sends: 00:09:0F:AA:00:01|88:B1:11:2A:4B:6C|88:B1:11:2A:4B:6D|18:60:24:4A:D3:FE|00:09:0F:FE:00:01
The very first one seems to be one by Fortinet Inc. and it looks kind of generic ending on
00:01
. So I searched the web and found this: https://forum.fortinet.com/tm.aspx?m=17420Any chance you have some kind of IPSec VPN client running on that machine? I am wondering if our fog-client is just being confused by that MAC address especially as you don’t seem to have registered that client with your FOG server yet. What do you think @Joe-Schmitt? You know a lot better how the fog-client handles several MACs…
-
Yeahhhh Absolutely right ! I have a Fortigate firewall for all my site AND in some computer (about 350) i also have the Forticlient VPN when the computers want to connect from the outside !
So… how i could solve that… ???
Is there a way to ignore this particular MAC adress in fog ? -
@laurentb You can edit clients and ignore specific MAC on that client.
I don’t believe there’s currently a way to do it for a group since each client is presumed to have unique MAC addresses.
-
@quazz i can’t edit the client because i don’t see the client in my pending hosts
-
@laurentb I know that, but presumably there will be another client that already has that MAC is my thinking. Although, I don’t know if that will allow you to add the other host as it may still complain about duplicate MACs
-
@Quazz ok but there is a way to look for the hosts who have this duplicate MAC ?
In the menu “list all hosts” i don’t have the possibility search by MAC and in the menu “Host Listing Export” it don’t find any “00:09:0F:AA:00:01”.
-
@laurentb Interesting, that means none of the clients with this software have been able to retrieve their security tokens from the server.
We’ll likely have to wait on @Joe-Schmitt 's input on this as he is the main developer of the client.
-
@LaurentB I think you should start by filtering those MACs. Go to FOG Configuration -> FOG Settings -> FOG Client - Host Register and set
QUICKREG PENDING MAC FILTER
to00:09:0F
. Now with that no clients should be able to register those MACs anymore. But we also need to see if there are entries with those MACs in the database and clear those:shell> mysql -u root -p Enter password: ... mysql> use fog; Database changed mysql> SELECT hmID,hmHostID,hmMAC,hmPending FROM hostMAC WHERE hmMAC LIKE '%00:09:0F%';
Post output here…
PS: Turns out Joe is very busy at the moment so we’ll have to try and sort this one out.
-
I made the change and the SQL, the result follows :
root@srv-fog1-n0:~# mysql Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 6992132 Server version: 5.7.22-0ubuntu18.04.1 (Ubuntu) Copyright (c) 2000, 2018, Oracle and/or its affiliates. All rights reserved. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. mysql> use fog Reading table information for completion of table and column names You can turn off this feature to get a quicker startup with -A Database changed mysql> SELECT hmID,hmHostID,hmMAC,hmPending FROM hostMAC WHERE hmMAC LIKE '%00:09:0F%'; +------+----------+-------------------+-----------+ | hmID | hmHostID | hmMAC | hmPending | +------+----------+-------------------+-----------+ | 13 | 5 | 00:09:0f:fe:00:01 | 0 | | 1817 | 5 | 00:09:0f:aa:00:01 | 0 | +------+----------+-------------------+-----------+ 2 rows in set (0.00 sec) mysql>
-
@Quazz and @Sebastian-Roth have you an idea ?
-
are you there ?
-
@laurentb Sorry, I didn’t really know how to proceed on this, I don’t really use clients often myself.
The host with ID 5 has the offending MAC address, see if you can remove it from that one as a starting point.
-
@Quazz could you tell me how ? i’m not really good in mysql…
-
@LaurentB I am real sorry. Have been very busy in the last days and could’t find the time to answer. To delete those entries form the hostMAC table follow this:
shell> mysql -u root -p Enter password: ... mysql> use fog; Database changed mysql> DELETE FROM hostMAC WHERE hmMAC LIKE '%00:09:0F%';
After that you might want to check if there is still a MAC entry for that host - hope there is:
mysql> SELECT hmID,hmHostID,hmMAC,hmPending,hmPrimary FROM hostMAC WHERE hmHostID = 5;
-
don’t worry @Sebastian-Roth you are already very nice to help me !!!
Here the result :
mysql> DELETE FROM hostMAC WHERE hmMAC LIKE '%00:09:0F%'; Query OK, 2 rows affected (0.00 sec) mysql> SELECT hmID,hmHostID,hmMAC,hmPending,hmPrimary FROM hostMAC WHERE hmHostID = 5; +------+----------+-------------------+-----------+-----------+ | hmID | hmHostID | hmMAC | hmPending | hmPrimary | +------+----------+-------------------+-----------+-----------+ | 10 | 5 | 58:82:a8:92:b1:bf | | 1 | | 2413 | 5 | 18:60:24:48:df:c6 | 1 | 0 | | 2414 | 5 | 88:b1:11:2a:50:9a | 1 | 0 | | 2415 | 5 | 88:b1:11:2a:50:9d | 1 | 0 | | 2416 | 5 | 88:b1:11:2a:50:99 | 1 | 0 | | 2418 | 5 | ec:8e:b5:a4:5e:a3 | 1 | 0 | | 2419 | 5 | 00:50:b6:78:8a:9a | 1 | 0 | | 2420 | 5 | e4:b3:18:d0:7a:51 | 1 | 0 | | 2421 | 5 | e6:b3:18:d0:7a:50 | 1 | 0 | | 2422 | 5 | e4:b3:18:d0:7a:50 | 1 | 0 | +------+----------+-------------------+-----------+-----------+ 10 rows in set (0.00 sec) mysql> exit
-
@LaurentB I am really wondering about all those different MAC addresses for this host. Does it have that many ethernet/wireless interfaces?
Now that you have blacklisted the MACs and cleared the database what do you get from the fog-client logs?
-
Hi !!! I’m back after 2 months … (including 1 of vacation after all) and I start working on Fog again…
Still have the same problem on various computer
I’m sure the problem comes from Forticlient because I did the following test 2 times with the same result :
- FOG is allready in a computer with Forticlient BUT i don’t see it in my hosts
- I remove Forticlient
- i reboot the computer
- MAGIC, my computer appear in the pendings hosts… i try to deploy an application and it works perfectly…
- After a reboot i can still see the computer in my hosts
- i made a fresh install of Forticlient and made a reboot
- i see the client in my hosts BUT it was offline with the red sign “Connection time out”
And so I can not use snappins because the server no longer sees the client ! ;( ;( ;(
For desktops no problem but for laptops they all have the forticlient …
@Sebastian-Roth / @Quazz / @Wayne-Workman if you have any ideas it could help me !
-
@LaurentB said in I don't see some hosts:
see the client in my hosts BUT it was offline with the red sign “Connection time out”
Just a comment on that, the red dot just means pings to that host are not working. This does not mean the FOG Client is not working. Often, I have had the red dot and the FOG Client works just fine.