Reset Search
 

 

Article

How to replicate NAC configuration if NetSight server is completely lost

« Go Back

Information

 
TitleHow to replicate NAC configuration if NetSight server is completely lost
Objective
Replicate NAC configuration after NetSight server has been completely lost.
Environment
  • Extreme Control
  • NetSight NAC 
Procedure
In the event that you lose your NetSight database, and all NAC configurations DO NOT ENFORCE AND NAC APPLIANCE WITH A NEW NETSIGHT SERVER. This will overwrite the configurations and you will not be able to pull them from the appliance to replicate them.

Use WinSCP to copy the following file from the NAC appliance: 

/opt/nac/server/config/applianceconfiguration.xml

This .xml file has 90% of all the configurations that were in NAC manager. 

You will need to go through this line by line to manually copy the rules, profiles, policy mappings, and options that were set on the NAC.

After you have completed parsing through the Applianceconfiguration.xml you'll notice components of groups are not contained in the Applianceconfiguration.xml.

To get the rest of the information: 

Putty to the NAC appliance and start logging all output to a file.

Type the following commands:
 
nacdb
\d
select * from nacgroup;

After you have dumped the contents of the DB  you can start to put together the rest of the criteria in the rule components. While putting this together watch for "/" characters or spaces in the data that may have been put in during the output.
 
Additional notes

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255