This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 

EXOS XML-Notification vs NetSight webservice: Auth failure -> Lockout for webservices

EXOS XML-Notification vs NetSight webservice: Auth failure -> Lockout for webservices

LeoP1
Contributor

ā€Ž07-25-2017 09:17 PM

Hello Guys,

I have a customer migrating from EOS to EXOS, and we got several issues... We are working on Auth and Policy problems, but the XML-Notification (plus Identity Manager) are rising some alerts...

We configured the switches (X440-G2 22.2.1.5 patch1-4) like this:

#
# Module xmlc configuration.
# create xml-notification target netsight-target_172.18.1.50 url https://172.18.1.50:8443/axis/services/event vr VR-Default
configure xml-notification target netsight-target_172.18.1.50 user nsadmin encrypted-auth bnNhZG1pbjouIVNjaHVsekAyMDEzIzA3
configure xml-notification target netsight-target_172.18.1.50 from 172.18.7.241
enable xml-notification netsight-target_172.18.1.50
configure xml-notification target netsight-target_172.18.1.50 add idMgr

The password was typed as asked during the config (and triple-checked), but we are getting warnings on Console Log of Auth Failed and account lockout... There are several EXOS switches sending notifications to NetSight 7.1.2.12

The customer is running a Windows version of NetSight and the account isn't locked out on the OS.



Any ideas?

Best regards,

-Leo

0 Kudos
2 REPLIES 2

LeoP1
Contributor

ā€Ž07-26-2017 11:16 AM

Hi Ryan,

This customer doesn't have NAC yet... We are using the GTACKnowledge solution (IDM+Netlogin) to show users in NetSight without NAC.

By the way, the XML-Notification doesn't work with any tested (by me) NetSight version when running EXOS 21.x... With the very same config, booting a 22.x it connects to Netsight instantly.

As stated in the GK posts and manuals, you need a OneView enabled user (with the according rights to login to the EMC).

Thanks for your support!

-Leo
0 Kudos

Ryan_Yacobucci
Extreme Employee

ā€Ž07-26-2017 11:09 AM

Hello Leo,

When we setup XML notifications to NAC I believe we use the webservice credentials and not the NetSight user credentials.

Can you try with whatever webservice credentials are configured? By default they should be admin/Extreme@pp

Just a guess so cross your fingers.

Thanks
-Ryan
0 Kudos
GTM-P2G8KFN