Exclude the switch from NAC temporary

Userlevel 1

I have an extreme NAC solution running. For maintenance reason, I would like to exclude a switch temporary from NAC. So after excluding, the NAC should answer all NetLogin events from this switch with an ACCEPT packet.

My idea was to great a device group in the netsight called "unmonitored" and add this switch temporary to this group. I would then create a NAC rule at the top which check, if the switch is in this device group or not.
But, I can't create a NAC rule which checks the device group.

Is there another way to do this? Or do I it wrong?

Thank you, best regards

4 replies

Userlevel 7
Hi Yves, that should work, below a example.
Make sure that the rule is above all other custom rules so it's checked first.
Add the switches to the location group.


Userlevel 1
Hi Ron, thanks for your answer. I know that I could do it this way. But my goal is, that a supporter can add the switch to a device groupt in the oneview.

Userlevel 7
You'd also configure/add it via EMC/Control...

Userlevel 1
Hi Ron,

yes I guess it's the only way to add the switch IP static to a location group.
Thank you anyway for your feedback.