cancel
Showing results for 
Search instead for 
Did you mean: 

X460-G2 & Policy Manager: End User Sessions Username missing

X460-G2 & Policy Manager: End User Sessions Username missing

LeoP1
Contributor
Hi Guys,

I'm playing with EXOS 16.1, X460-G2 and Policy Manager / NAC ( NetSight 6.3) in my LAB and I found something odd.

When a user authenticates to any port of the X460-G2, in the Policy Manager Network Elements Tab -> Port Usage -> End User Sessions the Username shows as N/A (as Session ID).

In the old RED gear, it shows as expected but not on the new gear.

Looking at the X460-G2 console's, using a "show netlogin" the username is there...

When I added the switch to NAC Manager, it shows up the username with no problems.

I have customers with large B5's installed base, and some will now start using X450-G2/X460-G2, and many have no NAC, and use PM to find the username authenticated at ports.

Any ideas? Something still missing in this version?

Best regards,

-Leo
13 REPLIES 13

LeoP1
Contributor
Hi Stephen,

I got back to this issue now, because our long-term EOS customer started to refresh the old gear for X440-G2.

The same issue arises as happened in my lab... The xml-notification can't connect to the EMC (using the guide posted at the gtacknowledge)... The customer is running EMC 7.1.2.12 and EXOS 21.1.1.4-patch1-5.

X440-G2-RH-01.8 # sh xml-notification configuration
Target Name : netsight-target_172.18.1.50
Server URL : https://172.18.1.50:8443/axis/services/event (VR-Default)
Server User Name : xmlnotification
Enabled : yes
Queue Size : 100
Connection Status : fail
Source IP Address : 172.18.3.253
Configured Modules : idMgrX440-G2-RH-01.9 # sh xml-notification statistics
Target Name : netsight-target_172.18.1.50
Server URL : https://172.18.1.50:8443/axis/services/event
Server Queue Size : 100
Enabled : yes
Connection Status : fail
Events Received : 5
Connection Failures : 3
Events Sent Success : 0
Events Sent Failed : 5
Events Dropped : 0X440-G2-RH-01.14 # sh ssl
HTTPS Port Number: 443 (Enabled)
Signature Algorithm configured: sha512 With RSA Encryption
Private Key matches the Certificate's public key.
RSA Private Key: 2048
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 0 (0x0)
Signature Algorithm: sha512WithRSAEncryption
Issuer: C=US, O=Extreme Networks, CN=mX440-G2-RH-01
Validity
Not Before: Jul 10 12:59:02 2017 GMT
Not After : Jul 10 12:59:02 2018 GMT
Subject: C=US, O=Extreme Networks, CN=mX440-G2-RH-01
Manufacturing certificate: Present

In my lab I found the same issue: With the SAME config, on EXOS 21 it can't connect to EMC, but booting to the EXOS 22 it works fine.

The community and gtacknowledge posts said it works since EXOS 15, and I can't upgrade to EXOS 22 until the next customer maintenance window.

Any ideas?

Regards,

-Leo

StephenW
Extreme Employee
I got the same thing when using IE. If the password was wrong you would get a 401 message.

Did you make sure you selected the correct VR when setting up the XML notifications?

LeoP1
Contributor
I've already tried this tip, and was able to login, but got a "500 Internal Server Error" on Internet Explorer.

(I couldn't try with another browser, because of the customer's security policy).

Enabling the Verbose logging for OneView Web Applications, I can see a lot of logs, all coming from the Wireless Controllers, but nothing from the switch.

Maybe we have some Netsight server problem?

Best regards,

-Leo

StephenW
Extreme Employee
You can try going to the XML url in your PC browser and see if you can login with that user.

https://x.x.x.x:8443/axis/services/event

You will see a page like this:

This XML file does not appear to have any style information associated with it. The document tree is shown below.
The endpoint reference (EPR) for the Operation not found is /axis/services/event and the WSA Action = null


GTM-P2G8KFN