Reset Search
 

 

Article

Incorrect Rule Hit on NAC

« Go Back

Information

 
TitleIncorrect Rule Hit on NAC
Symptoms
  • Incorrect rule hit on NAC
  • NAC sending reverse DNS queries to decommissioned DNS servers
  • Query to decommissioned servers breaking NAC rule engine processing because there are several Host LDAP Groups defined
  • manually adjusting the "/etc/resolv.conf" on the NAC does not fix
Environment
  • NAC
  • Captive Portal
Cause
Without the ability to resolve the FQDN of the incoming end-systems , NAC is missing the LDAP "Exists" Rules".
Resolution
Use NAC manager to correct the DNS
Additional notes
Adjustment of Network Parameters on the NAC Appliance needs to be accomplished via either a re-run of the initial configuration script (called via the "nacconfig" command), or via the

"Networking" Tab in the "Appliance Settings" of the NAC Manager GUI. These processes do adjust
the "/etc/resolv.conf"; however, they also make broader changes within the NAC Application a level above the Linux OS.


 

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255