There is no method to authenticate the user


Userlevel 2
Having a really weird issue over here with NAC and 802.1X.

I can see client requests coming in, I've set up a rule to allow access but for some reason I get the following;

There is no method to authenticate the user DBDF207C-5A08-4333-BAC8-8404E41AD076 discarding request.

I'm also seeing "NAC System Misconfigured" but can't for the life of me figure out why/where.

Any pointers on where to start?

8 replies

Userlevel 7
Have you contacted GTAC so someone can review your configurations?
Userlevel 2
Doug wrote:

Have you contacted GTAC so someone can review your configurations?

Just sent them through a config report
Userlevel 7
Doug wrote:

Have you contacted GTAC so someone can review your configurations?

I see it, 01156247. I'll get someone to take a look at it...

Thanks Tom!
Userlevel 2
Nope, first step was me posting here to see if I'm being stupid 🙂 Let me contact em
Userlevel 7
Hi Tom,

I'd make sure that the config is enforced = NAC is green in NAC manager and no yellow flag icon.

Then in NAC manager click on the client in the end-system tab, right-click and choose "configure evaluation tool" then "run evaluation".

Here you'd see why rules have no match, might be a good start to troubleshoot.
At least I use it all the time if I've a authentication issue or clients get the wrong role.

-Ron
Userlevel 2
Ron wrote:

Hi Tom,

I'd make sure that the config is enforced = NAC is green in NAC manager and no yellow flag icon.

Then in NAC manager click on the client in the end-system tab, right-click and choose "configure evaluation tool" then "run evaluation".

Here you'd see why rules have no match, might be a good start to troubleshoot.
At least I use it all the time if I've a authentication issue or clients get the wrong role.

-Ron

Aha, thanks for this. Looks like it's just a misconfiguration of the rules. Going to see if I can chat to GTAC.
Userlevel 6
This has been addressed in a case with the GTAC.
Userlevel 6
To post the resolution:

The error message "NAC system misconfigured" is due to an incomplete AAA configuration. The AAA configuration must be configured to in order to determine how authentications will be processed. If an 802.1x authentication is received by NAC Manager and there is not RADIUS server defined in a basic AAA configuration, or no specific configuration rule in the advanced AAA configuration this error message will be seen.

See following KCS article:

https://gtacknowledge.extremenetworks.com/articles/Solution/End-system-with-NAC-System-misconfigured-error-in-NAC-Manager/

Reply