cancel
Showing results for 
Search instead for 
Did you mean: 

Guest and IoT Manager Configuration

Guest and IoT Manager Configuration

Ronald_Dvorak
Honored Contributor
Hi,

In case you are like me and don't read 170+ pages of the configuration manual you might run into the same issue as me.

After deploying the .ova and the initial IP setup via VM console you need to access the GUI via the admin url - if you just use the IP you get to the provisioner login and you get "Server error - Please contact Admin".

So please use the below url to access as admin to finish the initial configuration...

https:// < GIM-IP > /GIM/admin/login

-Ron
24 REPLIES 24

My apologies, I did not see the first screen shot. Has the gateway been enforced since modifying/making the GIM changes? I don’t see an enforce flag so I assume so, but want to be sure.

htw
New Contributor III
Hi Rodney,
thanks for your response. You did not miss the first screenshot, I added it later 🙂

Yes, nacg is enforced. I also restarted XMC and logged in with account root and its password into XMC to check if password is correct.

So, I just replicated your configuration scenario including a new engine group, (including the umlaut), GIM domain, password repository. I did not see any issues.

HOWEVER, I did see the error when I changed the shared secret to something that did not match the entry as it exists on XMC.

On GIM, Administration -> RADIUS, make sure that the shared secret on that page matches the shared secret as defined on your GIM server as entered on the "Guest & IOT Managers" tab of the engine group. Communication, local or otherwise, will happen via RADIUS between GIM and the NAC engine. If the secrets between the two do not match (i..e, mine were both 123456, but I changed the secret on the GIM side to 1234567), you will get the following:


Error fetching Guest Users. Error on Access Control Engine/XMC.
Please check to make sure that your GIM configuration (Manager and GIM domain) on XMC is set correctly.

htw
New Contributor III
Hi Rodney,
I checked both credentials and they were the same. I changed both of them to 123456 (and also NAC Appliance Group / Appliance Settings / Credentials /Switch Communication /Shared Seccret, just to be sure) but the problem still persits.

aed82ebd67104a49ad834adfe1bce7ef_89855d92-7718-4f83-add4-1c98aa64600a.jpg


(Screenshot was made after saving setting and enforcing nacg.)

aed82ebd67104a49ad834adfe1bce7ef_1d6fefe2-4b9e-4a58-8f7c-33f85f6812dc.jpg


netsight server log: ERROR [com.enterasys.netsight.tam.server.web.rs.GimTemplatesRSServiceImpl] GIM Domain is NULL

At this point, I’m not sure. From what I can tell, everything appears correct and I cannot reproduce the issue without purposely misconfiguring something. Aside from deleting the GIM domain and LPR and recreating, it might be time to have GTAC take a look at the system(s).
GTM-P2G8KFN