Wireless (General)

Expand all | Collapse all

Problem: Netlogin and APs, cameras, printers: devices don't work on port

  • 1.  Problem: Netlogin and APs, cameras, printers: devices don't work on port

    Posted 04-28-2018 09:26
    Hello, team,

    I've enabled netlogin on summits and it gives me all data I need. But there is a trouble has appeared. On ports where APs, Printers, cameras connected and netlogin is enabled these devices became inaccessible.

    What is a reason for such behaviour?

    May be there is a magic checkbox in NAC which will solve my problem?

    Here is my config on switches:

    configure radius netlogin primary server 192.168.128.160 1812 client-ip 192.168.21.185 vr VR-Default
    configure radius netlogin primary shared-secret encrypted "***"
    configure radius netlogin secondary server 192.168.128.162 1812 client-ip 192.168.21.185 vr VR-Default
    configure radius netlogin secondary shared-secret encrypted "***"
    configure radius-accounting netlogin primary server 192.168.128.160 1813 client-ip 192.168.21.185 vr VR-Default
    configure radius-accounting netlogin primary shared-secret encrypted "***"
    configure radius-accounting netlogin secondary server 192.168.128.162 1813 client-ip 192.168.21.185 vr VR-Default
    configure radius-accounting netlogin secondary shared-secret encrypted "***"
    enable radius
    disable radius mgmt-access
    enable radius netlogin
    configure radius timeout 15
    configure radius mgmt-access timeout 15
    configure radius netlogin timeout 15
    enable radius-accounting
    disable radius-accounting mgmt-access
    enable radius-accounting netlogin

    Many thanks in advance,
    Ilya


  • 2.  RE: Problem: Netlogin and APs, cameras, printers: devices don't work on port

    Posted 04-30-2018 05:34
    Hi Ilya I don't see in your configuration on what ports is authentication applied.

    I use the configuration belowe to apply MAC authentication on some ports

    configure netlogin move-fail-action authenticate
    configure netlogin vlan AUTH
    ###enable netlogin dot1x mac
    enable netlogin mac
    configure netlogin agingtime 1
    ###configure netlogin dynamic-vlan enable
    ###enable netlogin ports 1:1-x dot1x
    enable netlogin ports 31-32 mac
    configure netlogin ports 31-32 mode port-based-vlans
    configure netlogin ports 31-32 no-restart
    configure netlogin add mac-list ff:ff:ff:ff:ff:ff 48 ports 31-32
    ###configure netlogin dot1x timers reauth-period 7200
    enable netlogin authentication failure vlan ports 31-32
    enable netlogin authentication service-unavailable vlan ports 31-32
    disable netlogin logout-privilege
    disable netlogin session-refresh
    disable netlogin redirect-page

    ###VLAN to active in case Nac GW fault
    Create Vlan Guest tag 91
    configure netlogin authentication failure vlan Guest ports 31-32
    configure netlogin authentication service-unavailable vlan Guest ports 31-32

    the commands with ### is not used, hope this could help you.

    Ciao CLaudio



  • 3.  RE: Problem: Netlogin and APs, cameras, printers: devices don't work on port

    Posted 04-30-2018 05:34
    Hello, Claudio,

    I don't see solution for my problem in your message, sorry.

    My configuration is applied to all ports, except trunks. After that I manually exclude AP, printers and cameras ports.