This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

NAC (ExtremeControl) - Don't see End-Systems Connected on my ERS Switch

NAC (ExtremeControl) - Don't see End-Systems Connected on my ERS Switch

kevin_phi
New Contributor

‎02-23-2021 10:12 AM

Hello every one, 

I tried to setup Extreme Control on my XMC in order to see what’s connected on our network.

The NAC appliance has been added to my XMC.

My Switch (ERS4900 Series) has been added in “Switches” on Access Control Tab. 

There are two IP Phones connected on the port 1 and 2 but I don’t see these devices in  “end-systems” on Access Control.

Does someone know what I have to do exactly (procedure?), maybe I missed something in my configuration...

I only need to use Access Control in “listen” mode, no authentication or security… only be able to see what’s connnected on my network in a first time.

It would be helpful if someone already have experience(s) about this. 

0 Kudos
16 REPLIES 16

PeterK
Contributor III

‎02-24-2021 02:19 PM

Because the radius rejects the the request from switch, it looks like there is a config missmatch.

if you have already checked the shared secret, Is your NAC-Config enforced to the control-engine?

This is one of the most mistakes...

0 Kudos

kevin_phi
New Contributor

‎02-23-2021 09:46 PM

Hi Tomasz, 

 

Yes correct. I would like to see the end-devices in NAC.

My NAC is enabled in my XMC but not in use. So that’s why I don’t know if the issue come from NAC/XMC or my switch or both.

Will get a look on your documentation and thanks for your feedback.

After seeing a lot of Extreme TechTalks, Videos and e-learning on Dojo Web portal, I thought  I understood that it will a quick and easy configuration but seems to be not the case.

0 Kudos

Tomasz
Valued Contributor II

‎02-23-2021 06:30 PM

Hi Kevin,

 

I don’t remember much of AAA config on ERS, but don’t you need non-EAP settings (in your output it’s 0.0.0.0) if MAC Auth is required? Assuming MAC Auth as you say you’d like to just see devices in NAC (no real authentication occurring?).

https://documentation.extremenetworks.com/ERS_Series/ERS49005900/SW/78x/ConfigSecERS49005900_7.8.1_C... (pages 197+?)

 

Hope that helps,

Tomasz

0 Kudos

kevin_phi
New Contributor

‎02-23-2021 02:21 PM

Yes but I don’t find what can cause my issue. 

I only need the use my NAC in listen mode, on paper it’s a quick and light config 

In all Extreme TechTalks, Videos or documentation it’s just said to add the NAC appliance in XMC and the switch that you need to “listen”…. 

And the support are not able to help me, it's an endless loop...

0 Kudos
GTM-P2G8KFN