cancel
Showing results for 
Search instead for 
Did you mean: 

Error Detected for RFC 3576: Unknown Error Code: 0x0(Dec: 0)

Error Detected for RFC 3576: Unknown Error Code: 0x0(Dec: 0)

Martin_Flammia
Valued Contributor
Hi,

Am running an XCC controller version 05.46.03.0016 and XMC version 8.5.7.28. Aware support for XCC is in version IQ-SE 21.9 or higher, but we are where we are at the moment, with the upgrade scheduled in the future - although I don't believe this issue is related to IQ-SE version (could be wrong).

The error being observed is below, that I am struggling find a reference too.

Error Detected for RFC 3576 Authorization: 10.23.23.30: Reauthentication Failed: Unknown Error Code: 0x0(Dec: 0)

Looking at this article there is no mention of that that specific error:

Q A: Various RFC3576 RADIUS messages from the Wireless appliance appear in NAC under 'Alert' | Extre...

Equally there is the methodology below I could use to raise a GTAC case, but without the ability for me to capture or replicate the issue with a specific end-system, I believe it makes it challenging for support. The reason is the there so many clients on the network, and no one specific event that I can replicate or know about to reproduce the issue, other then there being reports of connectivity issues every now and then

How To: NAC Troubleshooting Tips - Debug Methodology for Authentication Issues | Extreme Portal

Here is what the list of logs look like when filter in XMC events under 'RFC 3576'

7269c5aaa4d049d0826d9c0bc6e21ae0.png
Initially wondering if anyone recognises the issue, what the cause might be, how to troubleshoot?

Additional note: Forgot to mention XCC is configured for External Captive Portal to Extreme Control. Guests initially land on interim VLAN and subnet, go through registration with verification. Once verification is approved the client is put onto a different VLAN and subnet. Generally this works well, and system has been working that way for many years. Not sure if the errors are new, or fairly recent addition.

Many thanks,

Martin
3 REPLIES 3

Ryan_Yacobucci
Valued Contributor

Hello,

These are usually have difficult to track down. 

tcpdump on the controller management interface while debug is enabled on the controller is required. We have investigated a few types of these issues and generally they are the result of a delayed processing of the RFC 3576/5176 packet from control. After 2 seconds control will send a re-try to which the controller will response with a NAK as it hasn't completed processing the first. 

This results in an error seen on Control. 

It's a good idea to contact support to get this looked at to verify it's not something different. In the cases we've looked as so far the Controller correctly disassociates the client, but because of the timing it results in a NAK in the error logs on Control. We don't see any negative client impact. 


Thanks
-Ryan

KyleA
New Contributor
I'm currently experiencing the exact same thing.

KyleA
New Contributor
Forgot to mention XCC is configured for External Captive Portal to Extreme Control. Guests initially land on interim VLAN and subnet, go through registration with verification. Once verification is approved the client is put onto a different VLAN and subnet. Generally this works well, and system has been working that way for many years. Not sure if the errors are new, or fairly recent addition.
MyMercy
GTM-P2G8KFN