Header Only - DO NOT REMOVE - Extreme Networks

Manually add device to NAC


We currently have our NAC authenticating into AD to be able to tie devices to a staff member with network logon credentials. I want to be able to add devices that do not have a browser to authenticate, and tie those devices to a user in AD. I am currently just putting them onto a hidden wireless network, so I have no idea who owns what device.

4 replies

Userlevel 3
If you are using a wireless 802.1X network, there is no way to do this unless they have some way to configure 802.1X credentials. If you are just using a captive portal/MAC authentication, then you can create a new end system list of those MAC addresses with the appropriate ownership in the description and create new rule to allow those MAC addresses onto the network. If you want to allow your users to register their own devices on, you can look into the self-registration pages within NAC.
Matthew Hum wrote:

If you are using a wireless 802.1X network, there is no way to do this unless they have some way to configure 802.1X credentials. If you are just using a captive portal/MAC authentication, then you can create a new end system list of those MAC addresses with the appropriate ownership in the description and create new rule to allow those MAC addresses onto the network. If you want to allow your users to register their own devices on, you can look into the self-registration pages within NAC.

That's exactly what we're running, the captive portal with MAC authentication. Any chance there is a knowledge base article about creating the new end system list and adding the MAC addresses in?
Userlevel 4
Matthew Hum wrote:

If you are using a wireless 802.1X network, there is no way to do this unless they have some way to configure 802.1X credentials. If you are just using a captive portal/MAC authentication, then you can create a new end system list of those MAC addresses with the appropriate ownership in the description and create new rule to allow those MAC addresses onto the network. If you want to allow your users to register their own devices on, you can look into the self-registration pages within NAC.

Additionally if you're using the captive portal, as an administrator you can register a device to a specific user as well.
Matthew Hum wrote:

If you are using a wireless 802.1X network, there is no way to do this unless they have some way to configure 802.1X credentials. If you are just using a captive portal/MAC authentication, then you can create a new end system list of those MAC addresses with the appropriate ownership in the description and create new rule to allow those MAC addresses onto the network. If you want to allow your users to register their own devices on, you can look into the self-registration pages within NAC.

We are using the captive portal. Where do I go to force the registration to a specific user? I see their profile is Unregistered NAC Profile, whereas those who are registered are in the Default NAC Profile.
Userlevel 4
Matthew Hum wrote:

If you are using a wireless 802.1X network, there is no way to do this unless they have some way to configure 802.1X credentials. If you are just using a captive portal/MAC authentication, then you can create a new end system list of those MAC addresses with the appropriate ownership in the description and create new rule to allow those MAC addresses onto the network. If you want to allow your users to register their own devices on, you can look into the self-registration pages within NAC.

https:///administration will get you to the registration portal. Log in as an administrator then you can register a device to a user.

Reply