This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

ExtremeControl - put Clients to Quarantine after long absence

ExtremeControl - put Clients to Quarantine after long absence

Stefan_K_
Valued Contributor

‎07-15-2021 11:57 AM

Hello,

we have one customer that does 802.1x Authentication (EAP-TLS) in his networks using ExtremeControl and Summit switches. Everything is working fine so far.
He has the request that clients that have been out of the office (aka not seen in NAC) for longer than 14 days are put into quarantine even though they have a corect cert on their machine. 

Basically: I need to find a way to put these computers into a NAC end-system group automatically.

Do you guys think that there is a way to do achieve this? I’m not very firm with Extreme API. 
Do you maybe have even simplier ideas on how to set this up (or something similar)?

Thanks and best regards
Stefan

0 Kudos
3 REPLIES 3

Stefan_K_
Valued Contributor

‎07-15-2021 12:34 PM

Will take a look at this!

Ah, so this would be like the other way round… Sounds quick and dirty. Will definitely keep this in mind.

Thank you guys for your first input! 🙂 

0 Kudos

StephanH
Valued Contributor III

‎07-15-2021 12:15 PM

Hi,

I think the API is the best way.

But for the sake of completeness you could of course also use the "Age End-Systems Older Than" and delete the client from groups after 14 days (but not add it to a group as you wish). (The settings can be found under Administration->Options->Access Control->Data Persistence).

Regards Stephan

Miguel-Angel_RO
Valued Contributor II

‎07-15-2021 12:00 PM

Hi Stefan,

If you aren’t ok with the API’s, you could look at the NAC request tool to script this.

Mig

0 Kudos
GTM-P2G8KFN