some days ago we have built up our first vpex enviroment with netlogin mac enabled ports and redundant controller bridges. Allthought the netlogin request is positively answered by the nac-server the port goes in unautheticated state.
In the gtac kwonledge base I found the following article https://extremeportal.force.com/ExtrArticleDetail?an=000086551 which give hints on a enabled policy. What we have to do to solve our problem?
Best answer by Benjamin Kümmel
here some words about my solution. As I’ve read now I need policies to solve my netlogin-problem in a vpex enviroment.
The first step was to enable policies on the switches and add some snmp write credentials so that the emc can push the policies to the switches.
Now I created on the emc a new empty policy domain and created one new policy role to give full access by permitting traffic. After saving these simple settings I distributed the policy to the switches by adding the newly created policy domain to the switches. Before that it was neccesary to add the new write credentials to the access profile.
After that I modified the given nac-configuration and modified the rules that emc now gives back the allow all policy to switches instead the enterprise user policy after a successful request.