This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Add IP Range devices to Access Control

Add IP Range devices to Access Control

Go to solution
EF
Contributor III

‎04-21-2025 05:08 AM

Hi Team,

when you add a device  to Access control it must exist in Network tab or be created at this moment, and it´s ok for a few devices, but this is a problem when you got a lot of devices and more big problem if they got IP by DHCP, for example XIQ APs.

Is there any way to create an "IP Range" or use regular expressions to create Access Control clients?

If not, I cant understand why is not implemented yet.

Cheers!!

EF

0 Kudos
2 ACCEPTED SOLUTIONS

Go to solution
Robert_Haynes
Extreme Employee
In response to Zdeněk_Pala

‎04-22-2025 05:41 AM

The XIQ AP import workflow @ https://github.com/extremenetworks/ExtremeScripting/tree/master/XMC_XIQ-SE/oneview_workflows and directly @ https://github.com/extremenetworks/ExtremeScripting/blob/master/XMC_XIQ-SE/oneview_workflows/xwf/XIQ...

View solution in original post

0 Kudos

Go to solution
Robert_Haynes
Extreme Employee
In response to EF

a month ago

You can also add the switches, APs, other devices as Ping Only devices. No SNMP. This will inhibit IP resolution and other SNMP-based exchanges Control would have with SNMP-capable devices. If you opt for this then IP resolution for example will depend on other means like DHCP relay mirroring / snooping or RADIUS Accounting to gleam IP information from the device/network.

View solution in original post

0 Kudos
7 REPLIES 7

Go to solution
EF
Contributor III

3 weeks ago

Hi Team,

thanks for your responses, but Im still think that sometimes is usefull have a range object because is not needed obtain any other info from the client and only want to allow make RADIUS request.

Thanks a lot for share your knowledge.

EF

 

0 Kudos

Go to solution
EF
Contributor III

a month ago

Hi Team,

thx for your response but I´m still cant undertand why EAC need "to talk" by SNMP with devices, I got 3K APs, 500 switches, some of them from others manufactures, FWs, etc...

I only want enable them like EACs clients and then return the right atributes matching policies.

About the scripts to sync APs, How often does it run? I see a problem if one AP obtain a diferent IP from DHCP server and there is a delay of minutes.

Regards

EF

0 Kudos

Go to solution
Robert_Haynes
Extreme Employee
In response to EF

a month ago

You can also add the switches, APs, other devices as Ping Only devices. No SNMP. This will inhibit IP resolution and other SNMP-based exchanges Control would have with SNMP-capable devices. If you opt for this then IP resolution for example will depend on other means like DHCP relay mirroring / snooping or RADIUS Accounting to gleam IP information from the device/network.

0 Kudos

Go to solution
Zdeněk_Pala
Extreme Employee
In response to EF

a month ago

You can also use discovery to add your devices to NAC... that can be scheduled also.

Regards Zdeněk Pala
0 Kudos
GTM-P2G8KFN