X460-G2 & Policy Manager: End User Sessions Username missing
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎08-19-2015 06:20 PM
Hi Guys,
I'm playing with EXOS 16.1, X460-G2 and Policy Manager / NAC ( NetSight 6.3) in my LAB and I found something odd.
When a user authenticates to any port of the X460-G2, in the Policy Manager Network Elements Tab -> Port Usage -> End User Sessions the Username shows as N/A (as Session ID).
In the old RED gear, it shows as expected but not on the new gear.
Looking at the X460-G2 console's, using a "show netlogin" the username is there...
When I added the switch to NAC Manager, it shows up the username with no problems.
I have customers with large B5's installed base, and some will now start using X450-G2/X460-G2, and many have no NAC, and use PM to find the username authenticated at ports.
Any ideas? Something still missing in this version?
Best regards,
-Leo
I'm playing with EXOS 16.1, X460-G2 and Policy Manager / NAC ( NetSight 6.3) in my LAB and I found something odd.
When a user authenticates to any port of the X460-G2, in the Policy Manager Network Elements Tab -> Port Usage -> End User Sessions the Username shows as N/A (as Session ID).
In the old RED gear, it shows as expected but not on the new gear.
Looking at the X460-G2 console's, using a "show netlogin" the username is there...
When I added the switch to NAC Manager, it shows up the username with no problems.
I have customers with large B5's installed base, and some will now start using X450-G2/X460-G2, and many have no NAC, and use PM to find the username authenticated at ports.
Any ideas? Something still missing in this version?
Best regards,
-Leo
13 REPLIES 13
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎08-09-2016 06:24 PM
Leo,
I think you need to enable identity management(IDM) with Kerberos snooping on the switch in order to get any username information without NAC. I believe Netsight only looks at IDM data and not netlogin data.
Here is a KCS article on how to setup IDM with Netsight and NAC. It should give you the configurations to use for a non NAC deployment.
https://gtacknowledge.extremenetworks.com/articles/How_To/How-to-configured-Identity-Management-for-...
User guide link as well:
http://documentation.extremenetworks.com/exos/EXOS_21_1/Identity_Management/c_configuring-identity-m...
Let me know if you get it working.
Stephen
I think you need to enable identity management(IDM) with Kerberos snooping on the switch in order to get any username information without NAC. I believe Netsight only looks at IDM data and not netlogin data.
Here is a KCS article on how to setup IDM with Netsight and NAC. It should give you the configurations to use for a non NAC deployment.
https://gtacknowledge.extremenetworks.com/articles/How_To/How-to-configured-Identity-Management-for-...
User guide link as well:
http://documentation.extremenetworks.com/exos/EXOS_21_1/Identity_Management/c_configuring-identity-m...
Let me know if you get it working.
Stephen
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎08-09-2016 12:43 PM
Hi guys,
Any news?
Best regards,
-Leo
Any news?
Best regards,
-Leo
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎08-09-2016 12:43 PM
Wow...sorry this one has fallen through the cracks Leo.
We'll make sure we get you a response here.
We'll make sure we get you a response here.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎06-10-2016 01:16 PM
Hello guys,
It's about 10 months and no answer... Any info?
Now I'm deploying a PoC with X460G2 on a customer large B5 installed base (XOS 21 and ECC 7) and the Username still not showing up...
Best regards,
_Leo
It's about 10 months and no answer... Any info?
Now I'm deploying a PoC with X460G2 on a customer large B5 installed base (XOS 21 and ECC 7) and the Username still not showing up...
Best regards,
_Leo
