Extreme Networks

Yves_Haslimann · ‎12-16-2016

Hello,

I have an extreme NAC solution running. For maintenance reason, I would like to exclude a switch temporary from NAC. So after excluding, the NAC should answer all NetLogin events from this switch with an ACCEPT packet.

My idea was to great a device group in the netsight called "unmonitored" and add this switch temporary to this group. I would then create a NAC rule at the top which check, if the switch is in this device group or not.
But, I can't create a NAC rule which checks the device group.

Is there another way to do this? Or do I it wrong?

Thank you, best regards
Yves

Yves_Haslimann · ‎12-17-2016

Hi Ron,

yes I guess it's the only way to add the switch IP static to a location group.
Thank you anyway for your feedback.

Yves

Ronald_Dvorak · ‎12-16-2016

You'd also configure/add it via EMC/Control...

Yves_Haslimann · ‎12-16-2016

Hi Ron, thanks for your answer. I know that I could do it this way. But my goal is, that a supporter can add the switch to a device groupt in the oneview.

Ronald_Dvorak · ‎12-16-2016

Hi Yves, that should work, below a example.
Make sure that the rule is above all other custom rules so it's checked first.
Add the switches to the location group.

-Ron

Extreme Networks

Exclude the switch from NAC temporary

Exclude the switch from NAC temporary