Extreme Networks

Tom_Taylor · ‎09-29-2015

Having a really weird issue over here with NAC and 802.1X.

I can see client requests coming in, I've set up a rule to allow access but for some reason I get the following;

There is no method to authenticate the user DBDF207C-5A08-4333-BAC8-8404E41AD076 discarding request.

I'm also seeing "NAC System Misconfigured" but can't for the life of me figure out why/where.

Any pointers on where to start?

Ryan_Yacobucci · ‎10-01-2015

To post the resolution:

The error message "NAC system misconfigured" is due to an incomplete AAA configuration. The AAA configuration must be configured to in order to determine how authentications will be processed. If an 802.1x authentication is received by NAC Manager and there is not RADIUS server defined in a basic AAA configuration, or no specific configuration rule in the advanced AAA configuration this error message will be seen.

See following KCS article:

https://gtacknowledge.extremenetworks.com/articles/Solution/End-system-with-NAC-System-misconfigured...

Mike_Thomas · ‎09-30-2015

This has been addressed in a case with the GTAC.

Ronald_Dvorak · ‎09-29-2015

Hi Tom,

I'd make sure that the config is enforced = NAC is green in NAC manager and no yellow flag icon.

Then in NAC manager click on the client in the end-system tab, right-click and choose "configure evaluation tool" then "run evaluation".

Here you'd see why rules have no match, might be a good start to troubleshoot.
At least I use it all the time if I've a authentication issue or clients get the wrong role.

-Ron

Tom_Taylor · ‎09-29-2015

Aha, thanks for this. Looks like it's just a misconfiguration of the rules. Going to see if I can chat to GTAC.