NAC does not show the name of APs

  • 0
  • 1
  • Problem
  • Updated 2 years ago
  • Solved
I have a setup of wireless controller C5210 v09.21.06.0006 integrated with NAC IA-A-300 for dot1.x authentication only without assessment. I installed this NAC 3 weeks ago. Till yesterday the NAC showed the AP name that the  End-system connected to as well as the MAC OUI Vendor of each end-system. But today this NAC does not show any of that information. It show only the MAC address of APs along the SSID name.

Is there any advice!

Thanks in advance.
Husam
Photo of Husam

Husam

  • 1,272 Points 1k badge 2x thumb

Posted 2 years ago

  • 0
  • 1
Photo of Mike Thomas

Mike Thomas, Employee - GTAC - NMS

  • 7,498 Points 5k badge 2x thumb
HI Husam, Please add some screenshots, and let us know which version of software is running on the NAC and Netsight appliances.
Photo of Husam

Husam

  • 1,272 Points 1k badge 2x thumb
Hi Mike, yes I followed franks' advice. The name of AP is shown now in the NAC log but the MAC OUI vednor is not despite this information is shown in wireless controller report! 
I did restart for nacctl  as well
Photo of Husam

Husam

  • 1,272 Points 1k badge 2x thumb
Hi Mike,

Another issue came up today. The NAC is not showing the event when a client moved from .1x ssid to other SSID. it usually shows that a client disconnected due to change the VNS/ subent. But now there is no event in this regard. The log keep as "accept" even if the client disconnected  or moved to another ssid!

Do you have any advice what is going on?

Thanks,
Husam
Photo of Mike Thomas

Mike Thomas, Employee - GTAC - NMS

  • 7,498 Points 5k badge 2x thumb
Well, it sounds like 
1-Either the EWC is not transmitting state changes to us (see Frank Thomas above note) or
2-The radius updates from the EWC are not being sent for that client.

So you may want to take a trace of the radius packets coming from the EWC and find out if they are being sent during this change period, and being reported.

I would reference the following for taking traces on the NAC.
https://gtacknowledge.extremenetworks.com/articles/How_To/NAC-Troubleshooting-Tips-common-tcpdump-co...

If the issue remains please open up a ticket with the GTAC
https://gtacknowledge.extremenetworks.com/articles/How_To/How-to-contact-Extreme-Networks-Global-Tec...
Photo of Husam

Husam

  • 1,272 Points 1k badge 2x thumb
Ok I will trace the radius packets Thanks
Photo of Husam

Husam

  • 1,272 Points 1k badge 2x thumb
Hi Mike,

it seems the problem in NAC manger and netsight database. The problem solved after I did restart for netsight database and service. 

Best regards,
Husam