After upgrade to Enterasys NetSight and NAC from 4.4 to 5.1, sponsorship guest portal stopped working

  • 0
  • 1
  • Problem
  • Updated 4 years ago
  • Solved
The guest gets as far as the verification screen.  There he sits forever, since no code is coming.  The email and txt message that are supposed to be sent are now being rejected by our email server (Exchange).  It appears that NetSight is now forcing authentication of those messages.  The Exchange server is set to allow these messages anonymously, and so rejects the blank password in the auth exchange.  Oddly enough, this action is only happening with the guest portal.  Alarm and event notifications are still being successfully sent anonymously from NetSight.  WireShark traces have confirmed this behavior.  Again this behavior started with the upgrade to 5.1.  Does anyone have a cure?  Can the email messages sent via guest portal be modified to send anonymously as they did in the past versions?
Photo of Charlie Altherr

Charlie Altherr

  • 400 Points 250 badge 2x thumb

Posted 4 years ago

  • 0
  • 1
Photo of Charlie Altherr

Charlie Altherr

  • 400 Points 250 badge 2x thumb


Here are the sessions from the email traces:

NetSight Event Message Success:

220 MSECASHUB03.sauder.com Microsoft ESMTP MAIL Service ready at Thu, 29 May 2014 15:54:38 -0400

EHLO NXMGMT02.sauder.com

250-MSECASHUB03.sauder.com Hello [172.22.0.2]

250-SIZE

250-PIPELINING

250-DSN

250-ENHANCEDSTATUSCODES

250-STARTTLS

250-X-ANONYMOUSTLS

250-AUTH NTLM LOGIN

250-X-EXPS GSSAPI NTLM

250-8BITMIME

250-BINARYMIME

250-CHUNKING

250-XEXCH50

250-XRDST

250 XSHADOW

MAIL FROM:<netsight@sauder.com>

250 2.1.0 Sender OK

RCPT TO:<caltherr@sauder.com>

250 2.1.5 Recipient OK

DATA

354 Start mail input; end with <CRLF>.<CRLF>

From: netsight@sauder.com

To: caltherr@sauder.com

Message-ID: <1454121431.2431401393279071.JavaMail....>

Subject: eventType (eventSeverity) for deviceIpCtx

MIME-Version: 1.0

Content-Type: text/plain; charset=UTF8

Content-Transfer-Encoding: 7bit

***********************************************************************************************************

NAC NetSight Guest Portal Failure

220 MSECASHUB03.sauder.com Microsoft ESMTP MAIL Service ready at Thu, 29 May 2014 15:20:44 -0400

EHLO NXMGMT02.sauder.com

250-MSECASHUB03.sauder.com Hello [172.22.0.2]

250-SIZE

250-PIPELINING

250-DSN

250-ENHANCEDSTATUSCODES

250-STARTTLS

250-X-ANONYMOUSTLS

250-AUTH NTLM LOGIN

250-X-EXPS GSSAPI NTLM

250-8BITMIME

250-BINARYMIME

250-CHUNKING

250-XEXCH50

250-XRDST

250 XSHADOW

AUTH LOGIN

334 VXNlcm5hbWU6

bmV0c2lnaHRAc2F1ZGVyLmNvbQ==

334 UGFzc3dvcmQ6


535 5.7.3 Authentication unsuccessful


Photo of Brian Townsend

Brian Townsend, Employee

  • 486 Points 250 badge 2x thumb
Charlie,

Thank you for your inquiry.  I am posting the solution for the broader audience.  

After investigation, we have found that we are sending the Friendly User Name “Network Administrator” as the password to the email server.

 As a resolution, you can clear out the message string for “registrationVerificationEmailSentFromName”. 

This will clear out the password we are sending to the email client.

Take care

Brian