This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Guest and IoT Manager Configuration

Guest and IoT Manager Configuration

Ronald_Dvorak
Honored Contributor

‎02-13-2019 11:16 PM

Hi,

In case you are like me and don't read 170+ pages of the configuration manual you might run into the same issue as me.

After deploying the .ova and the initial IP setup via VM console you need to access the GUI via the admin url - if you just use the IP you get to the provisioner login and you get "Server error - Please contact Admin".

So please use the below url to access as admin to finish the initial configuration...

https:// < GIM-IP > /GIM/admin/login

-Ron
0 Kudos
24 REPLIES 24

Rodney_Lacroix
Extreme Employee

‎02-21-2019 03:41 PM

Ron,

GIM communicates ONLY to the Access Control Engine IP address using REST calls.

The Access Control Engine acts as an intermediary between the GIM and XMC (where the actual GIM domain data resides). Part of this communication is providing authentication to XMC to GET/POST information from/to the GIM domain on XMC - this requires that you configure a user with the appropriate GIM rights to read/write this data, as per the documentation.

The GIM configuration on the XMC side is used to validate the location/licensing of GIM, the Access Control Engine(s) it will communicate via, and authentication.
0 Kudos

Ronald_Dvorak
Honored Contributor
In response to Rodney_Lacroix

‎02-21-2019 04:35 PM

Thanks Rodney,

now it makes more sense.

After a minor config change in my auth rules it's working now.
I had to add a new rule for mgmt access so the provisioner could login.

-Ron

6708d6995b344e41871f7d7391e1a9bc_30361d0f-e596-49b2-860b-0683e11b6c62.png

0 Kudos

htw
New Contributor III
In response to Ronald_Dvorak

‎06-19-2019 12:41 PM

Hi,
I have the same "error 500 / GIM Domain is NULL" problem, but I have configured like Rodney said.
XMC & GIM are both version 4.2.6
XMC server.log:
2019-06-19 14:11:11,546 ERROR [com.enterasys.netsight.tam.server.web.rs.GimTemplatesRSServiceImpl] GIM Domain is NULL

GIM = 192.168.64.212

00edb05274a947a691192fa96bcfb848_fbde51c5-b96b-4816-88d3-0b7100a16c66.jpg


dedicated NAC for guest stuff = 192.168.64.204
XMC is also in same subnet.

00edb05274a947a691192fa96bcfb848_a981bdb9-3ed3-410a-8e60-82519ecde1ee.jpg



Guest and IoT Config is provided with a domain and a password repository:

00edb05274a947a691192fa96bcfb848_f14d3e15-e2a5-4972-b1eb-16e02780bb9b.jpg


This password repository contains one User, which is enabled, but has no GIM checkmark.

Engine group "Gäste-NAC" has an own AAA configuration ("Gastportal AAA") which puts requests from location GIM to local auth "GIM_repository". I have no LDAP configs there since I test with local reository only.

00edb05274a947a691192fa96bcfb848_48c4ac64-4f22-4af9-a223-e64729183b5e.jpg


Location group "GIM" contains: switch 192.168.64.212, Port: *, AP ID: *
Everthing is enforced, but I still get error: "Error fetching Guest Users. Error on Access Control Engine/XMC.
Please check to make sure that your GIM configuration (Manager and GIM domain) on XMC is set correctly."

Does anyone have an idea?
0 Kudos

Rodney_Lacroix
Extreme Employee
In response to htw

‎06-19-2019 12:58 PM

Can you confirm on your GIM administration screens that you have the correct gateway identified, shared secret for RADIUS processing to the gateway and that the XMC admin user name and password (or a user with proper GIM administration rights) is configured?
0 Kudos
Top
GTM-P2G8KFN