I have upgraded nac appliance from version 18.104.22.168 to 22.214.171.124 , which was running on an Extreme Access Control IA–A–20 hardware , by following steps described at https://gtacknowledge.extremenetworks.com/articles/Q_A/What-are-the-basic-steps-to-upgrade-a-NAC-app...
After the upgrade I can only access the appliance from console. I can also ping but however cannot connect through SSH, web interface or Netsight.
When upgrading to Management Center NAC Manager 8.0, you are required toMaybe that's the issue
upgrade your Access Control engine version to 7.1.2 or 8.0. Additionally, both
Management Center NAC Manager and the Access Control engine must be at
version 8.0 in order to take advantage of the new Access Control 8.0 features.
I've no experience with a hardware NAC but I'd have done a little bit more then following the guide you've mentioned.
First of all I'd never jump a major release, I'd upgrade from 6 to 7 and then to 8.
Also I'd read/follow the release notes and the documents that are mentioned there.
If you don't follow the rules something like that could happen - I've killed my VM NAC last time during the v8 upgrade because I didn't read the release notes.
The file for the required OS upgrade to v8 is very large and could take a while if the uplink is slow, I thought the process was finished and hit ctrl-c .... it wasn't and that was the end of my NAC.
The easy thing about a VM NAC - just install the .ova from scratch and set the basic parameters and then sync it and you are good to go.
This document provides information on upgrading from NAC 6.2, and NAC 6.3 to Extreme Access Control 8.0, including requirements and instructions for upgrading the software on your Access Control Gateway engines.Then it describes the requirements and steps to upgrade the engine software. It is totally 13 page document and I could not see anything that mentions about an interim upgrade.
I have also read Extreme Management Center Customer Release Notes where it was writing:
If you are upgrading from a NetSight/Management Center version prior to 7.1, you must perform an intermediate upgrade.But I understand that the statement is just for Netsight, not for NAC.
Please correct me if I am I wrong.
if you really want to troubleshoot this, check that the services are running, and things are listening accordingly. SSH uses the standard sshd daemon, so you should be able to netstat -an |grep 22 and verify that it is listening on that port. if you still cannot connect you can always try to run tcpdump and verify that a connection is getting established.
you can also run your client in debug mode to verify key exchange and identify if the problem is connectivity, or something like a key exchange issue (or even wrong credentials).