Reset Search



NAC Troubleshooting Tips - Debug methodology for Captive Portal Issues

« Go Back


TitleNAC Troubleshooting Tips - Debug methodology for Captive Portal Issues
To be able to debug Captive Portal Issues
Netsight NAC Manager

Prior to debugging, first take a tcpdump from the NAC appliance to make sure it is actually seeing the web trafffic, if it is not, you have a port redirect issue, addressed elsewhere. You can also use what we call 'direct dial' from the client or NAC Manager and go directly to the NAC IP to see if you get a Portal Web Page. For more on tcpdump's see NAC Troubleshooting Tips - common tcpdump commands used for isolating issue

To use Debugging in NAC to troubleshoot Captive Portal issues.

1. Right click the NAC appliance in NAC manager and select "Webview" > "Diagnostics" > "Appliance/Server Diagnostics" 

2. Enable "Verbose" diagnostics for these debugs:

Authentication Request Processing - NAC 
Rules Engine - Captive Portal
IP Resolution
Captive portal - Authentication
Captive Portal - Process and Configuration
Captive portal - Display
Captive portal - Registration and Remediation

3.  At the bottom  of the diagnostic web page click "OK". 

4.  SSH into the NAC appliance and start a tcpdump that filters on the IP address of the End System, as follows:

tcpdump -i eth0 -s 0 -w portal.pcap host x.x.x.x     (where x.x.x.x is the IP address of the test End System...and where eth0 is the applicable appliance interface)

5. Reproduce the issue you are reporting.

6.  Once completed testing please make sure to disable diagnostics by going back into Webview and hitting the "Reset defaults" button on the bottom. Note the time the issue happened to be able to reflect in logs.  Stop the tcpdump using ctrl-c.

7. Gather in the /var/log/tag.log, var/log/syslog, the /var/log/messages, the /var/log/radius/radius.log, and the .pcap (from step 4) from the NAC appliance

8.  In NAC Manager go to File, Database, Backup NAC Configuration. The backup file will be on the NetSight server in the path listed there. 
To do this with Web interface, see below.
How To Backup or Restore NAC / Control Database from Extreme Management Center (XMC)

9.  From OneView go to Administration, Diagnostics, Support, Generate Show Support, Start (at the top). When finished this file will also be on the NetSight server in the given path. See the below link for more elaborate instructions:
     How to generate a show support from Oneview

10.  Use WinSCP or other SCP/SFTP client to upload files locally from the NAC and Netsight Servers.
How to use WinSCP to copy files to and from a Netsight / Extreme Control Center Appliance

11.   In NAC Manager, locate the test End System and export the End System “Events “ for this device to HTML format., per below: 
 To export the End System Events, highlight the End System under the End Systems tab then in the middle “pane” (middle of the NAC Manager screen) under the “End System Events” tab highlight any event      and right click on the event then select Table Tools, Export. ***Please export to HTML format*** 
For Web Interface see  - Exporting Client End System Events Using Extreme Management Center


Additional notes



Was this article helpful?



Please tell us how we can make this article more useful.

Characters Remaining: 255