cancel
Showing results for 
Search instead for 
Did you mean: 

Connected wireless clients are not shown in NAC's End-Systems

Connected wireless clients are not shown in NAC's End-Systems

Ilya_Semenov
Contributor
Hello, team,

I have Netsight (7.1.1.9), NAC (7.1.1.9) and V2110 (10.43) installation. Both NAC and V2110 were added to Netsight console using SNMP v3 and they are OK (green).

Now I try to configure wireless users authorization through the NAC.

The problem is wireless clients are not shown in NAC's End-Systems tab, but they are in Wireless tab. When they connect to SSID they get TO NAC's portal interface, then they pass authorization with they AD credentials and then NAC freezes with Endless registration. Experienced guys say: bring you clients to NAC's End-Systems tab first. How? They don't appear there.

What most likely could be the problem?

Many thanks in advance,
Ilya

34 REPLIES 34

4f2c18382b934d63ae15a882ca137be9_RackMultipart20180524-110392-s9gb5y-ExtremeControl_RBR_inline.png


Yes , but looks like you have an old NMS where it was using ExtremeControl domain with PBR . For more then a year (I think starting from 8.0) we are using Role based redirection , therefore the policy domain is updated to that .

Hello, Yury,

do you mean this policy? Should I apply it to controller in NAC's console?

b9ac1ffac0c64e2ba5862c7224e8d999_RackMultipart20180524-114578-1wtlkj9-dddddffffffff_inline.jpg



Thanks!

Instead of creating roles by yourself, you can use Policy domain ‘Extreme Control’ , push it to controller, then you don’t need to strugle with roles. This domain will push all nessesary things you need for Nac integration. There is also XMC script available for integration with Nac - using combination of polocy domain push and script will make your life easier.

Ilia, you roles are way off! You have to have at least two roles on controller named : Unregistered , “Guest Access”. Those are the default role names NAC will send back as non-auth and auth respectively. Unless you changed the policy mapping in Nac configuration, you have to have those roles.
GTM-P2G8KFN