This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

NAC silent devices with EXOS and VOSS

NAC silent devices with EXOS and VOSS

Go to solution
Lukas99
New Contributor

a week ago

Hi,

in our network, we have “silent devices” such as label printers and VoIP phones. These devices are physically connected to the network but do not initiate any active communication. They are intended to be authenticated via NAC.

However, after some time, they become unreachable, as the system considers them "offline"—even though the corresponding port remains active. In this state, the device can no longer be accessed.

As soon as we manually assign a static VLAN to the port, the device starts working properly again.

We are using both EXOS and VOSS. The reauthentication timer is set to 8 hours.

For EXOS, we tried to resolve the issue by setting idle-timeout 0 via NAC, but unfortunately, this did not solve the problem.

Has anyone encountered similar behavior or found a solution?

Thanks

0 Kudos
2 ACCEPTED SOLUTIONS

Go to solution
Chris_H
Extreme Employee

a week ago

The problem here is most of the time the timeout of the FDB entry. 

If you haven't done so, you can check the following kb article with some options: https://extreme-networks.my.site.com/ExtrArticleDetail?an=000057116

View solution in original post

0 Kudos

Go to solution
rmu
Contributor

a week ago

hi

you need to set the session-timeout to 0.

Try to send theses attributes in the radius accept:

Session-Timeout=0

Idle-Timeout=0

 

NR

rmu

 

View solution in original post

6 REPLIES 6

Go to solution
Gabriel_G
Extreme Employee

a week ago

^^ Chris has the right answers.

 

If the idle-timeout of 0 is not working, you may want to check with GTAC to make sure that is a valid solution or if there is some issue there.



In my opinion, the easy solution is to have something ping these devices on a regular basis to keep them 'awake'. You can add devices to XIQ-SE as 'ping only' to accomplish just this task and also monitor the availability of these devices at the same time!

0 Kudos

Go to solution
rmu
Contributor

a week ago

hi

you need to set the session-timeout to 0.

Try to send theses attributes in the radius accept:

Session-Timeout=0

Idle-Timeout=0

 

NR

rmu

 

Go to solution
Lukas99
New Contributor
In response to rmu

Thursday

That's the best solution for me. Only the command "configure netlogin idle-timeout" is failing.

0 Kudos

Go to solution
Chris_H
Extreme Employee

a week ago

The problem here is most of the time the timeout of the FDB entry. 

If you haven't done so, you can check the following kb article with some options: https://extreme-networks.my.site.com/ExtrArticleDetail?an=000057116

0 Kudos
GTM-P2G8KFN