There is no method to authenticate the user
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎09-29-2015 04:00 PM
Having a really weird issue over here with NAC and 802.1X.
I can see client requests coming in, I've set up a rule to allow access but for some reason I get the following;
There is no method to authenticate the user DBDF207C-5A08-4333-BAC8-8404E41AD076 discarding request.
I'm also seeing "NAC System Misconfigured" but can't for the life of me figure out why/where.
Any pointers on where to start?
I can see client requests coming in, I've set up a rule to allow access but for some reason I get the following;
There is no method to authenticate the user DBDF207C-5A08-4333-BAC8-8404E41AD076 discarding request.
I'm also seeing "NAC System Misconfigured" but can't for the life of me figure out why/where.
Any pointers on where to start?
8 REPLIES 8
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎10-01-2015 02:16 PM
To post the resolution:
The error message "NAC system misconfigured" is due to an incomplete AAA configuration. The AAA configuration must be configured to in order to determine how authentications will be processed. If an 802.1x authentication is received by NAC Manager and there is not RADIUS server defined in a basic AAA configuration, or no specific configuration rule in the advanced AAA configuration this error message will be seen.
See following KCS article:
https://gtacknowledge.extremenetworks.com/articles/Solution/End-system-with-NAC-System-misconfigured...
The error message "NAC system misconfigured" is due to an incomplete AAA configuration. The AAA configuration must be configured to in order to determine how authentications will be processed. If an 802.1x authentication is received by NAC Manager and there is not RADIUS server defined in a basic AAA configuration, or no specific configuration rule in the advanced AAA configuration this error message will be seen.
See following KCS article:
https://gtacknowledge.extremenetworks.com/articles/Solution/End-system-with-NAC-System-misconfigured...
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎09-30-2015 03:44 PM
This has been addressed in a case with the GTAC.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎09-29-2015 04:16 PM
Hi Tom,
I'd make sure that the config is enforced = NAC is green in NAC manager and no yellow flag icon.
Then in NAC manager click on the client in the end-system tab, right-click and choose "configure evaluation tool" then "run evaluation".
Here you'd see why rules have no match, might be a good start to troubleshoot.
At least I use it all the time if I've a authentication issue or clients get the wrong role.
-Ron
I'd make sure that the config is enforced = NAC is green in NAC manager and no yellow flag icon.
Then in NAC manager click on the client in the end-system tab, right-click and choose "configure evaluation tool" then "run evaluation".
Here you'd see why rules have no match, might be a good start to troubleshoot.
At least I use it all the time if I've a authentication issue or clients get the wrong role.
-Ron
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎09-29-2015 04:16 PM
Aha, thanks for this. Looks like it's just a misconfiguration of the rules. Going to see if I can chat to GTAC.
