Header Only - DO NOT REMOVE - Extreme Networks

EXOS XML-Notification vs NetSight webservice: Auth failure -> Lockout for webservices


Userlevel 4
Hello Guys,

I have a customer migrating from EOS to EXOS, and we got several issues... We are working on Auth and Policy problems, but the XML-Notification (plus Identity Manager) are rising some alerts...

We configured the switches (X440-G2 22.2.1.5 patch1-4) like this:

#
# Module xmlc configuration.
# create xml-notification target netsight-target_172.18.1.50 url https://172.18.1.50:8443/axis/services/event vr VR-Default
configure xml-notification target netsight-target_172.18.1.50 user nsadmin encrypted-auth bnNhZG1pbjouIVNjaHVsekAyMDEzIzA3
configure xml-notification target netsight-target_172.18.1.50 from 172.18.7.241
enable xml-notification netsight-target_172.18.1.50
configure xml-notification target netsight-target_172.18.1.50 add idMgr

The password was typed as asked during the config (and triple-checked), but we are getting warnings on Console Log of Auth Failed and account lockout... There are several EXOS switches sending notifications to NetSight 7.1.2.12

The customer is running a Windows version of NetSight and the account isn't locked out on the OS.



Any ideas?

Best regards,

-Leo

2 replies

Userlevel 6
Hello Leo,

When we setup XML notifications to NAC I believe we use the webservice credentials and not the NetSight user credentials.

Can you try with whatever webservice credentials are configured? By default they should be admin/Extreme@pp

Just a guess so cross your fingers.

Thanks
-Ryan
Userlevel 4
Hi Ryan,

This customer doesn't have NAC yet... We are using the GTACKnowledge solution (IDM+Netlogin) to show users in NetSight without NAC.

By the way, the XML-Notification doesn't work with any tested (by me) NetSight version when running EXOS 21.x... With the very same config, booting a 22.x it connects to Netsight instantly.

As stated in the GK posts and manuals, you need a OneView enabled user (with the according rights to login to the EMC).

Thanks for your support!

-Leo

Reply