Reset Search
 

 

Article

Extreme Control - RADIUS Authentication Failures After Adding New Switch "Ignoring request to authenticate from unknown client"

« Go Back

Information

 
TitleExtreme Control - RADIUS Authentication Failures After Adding New Switch "Ignoring request to authenticate from unknown client"
Symptoms
  • A new switch has been added to an existing Control configuration and the Control appliances have been Enforced.
  • Authentications requests are being dropped and the radius.log and tag.log report the following:
Error: Ignoring request to authentication from unknown client
Error: Ignoring request to authentication address <CLIENT_IP> port 1812 from unknown client <NEW_SWITCH_IP> port 1645
  • The nacstatus "NAC Thread Pool Details"Reauthentication Service, SNMP Manager Refresh and Switch Configuration.
  • Several switches are currently down or unreachable via SNMP.
  • The newly configured switch is not listed in the clients.conf file on the Control appliance following Enforce.
Environment
  • Extreme Control (NAC)
  • All Software Releases
  • Software Releases 6.x, 7.x and 8.3.3.11 or earlier
Cause
One or more dependent thread pools have deadlocked or are processing a queue of incoming requests. A newly added switch may not be correctly provisioned following enforce under these conditions triggering the "unknown client" messages above.
Resolution
Restart the Extreme Control services via root CLI using the command below followed by re-enforcement of the appliance.
root@nac.local:/$ nacctl restart
Additional notes
The unknown client condition above is a general symptom of an underlying failure that can result in many different outcomes when thread locking or queuing occurs.

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255