Enforce fail on NAC

  • 0
  • 1
  • Question
  • Updated 3 years ago
  • Answered
Hi :-),

when I try to enforce the NAC appliances, I get a fail message (see pic below).
In the NAC Manager I can see the reason under "Status".
How can I solve this problem?

- The Netsight Server VM has a disabled firewall.
- SNMP settings are correct.
- I can see the appliances in Netsight Console and they are up. (Device Manager works too)

Thanks for any replies :-)

Photo of Tyrone Knight

Tyrone Knight

  • 260 Points 250 badge 2x thumb

Posted 3 years ago

  • 0
  • 1
Photo of Mike Thomas

Mike Thomas, Employee - GTAC - NMS

  • 7,640 Points 5k badge 2x thumb
Hi Tyrone. Did this ever work?
The NAC Icons are orange, this is typically a license issue.

You may want to review the following article
https://gtacknowledge.extremenetworks.com/articles/Solution/NAC-Orange-Arrow-in-NAC-manager-Unlicens...

Photo of Ronald Dvorak

Ronald Dvorak, Embassador

  • 48,894 Points 20k badge 2x thumb
A red/orange arrow means that there is a communication problem.
In short, without communication no enforcement.

SSH to the NAC appliance and run "nacstatus" - this might give some information on what is going wrong in the section "Communications Diagnostics",

If you see there a issue with WebServices you'd try...
https://gtacknowledge.extremenetworks.com/articles/Solution/New-NAC-Appliance-Green-in-NetSight-Cons...

What have you done tp run into this problem ?

-Ron
Photo of Tyrone Knight

Tyrone Knight

  • 260 Points 250 badge 2x thumb
Update: Problem solved.

There were wrong DNS server IP addresses in the appliance network settings over the NAC Manager.

Thanks again for your help! :-)
(Edited)