Reset Search
 

 

Article

MAC To IP Resolution Using DHCP Requests Is Not Working

« Go Back

Information

 
TitleMAC To IP Resolution Using DHCP Requests Is Not Working
Symptoms
  • End System's IPs are not showing up in NAC Manager...IP Address column is blank.
  • Rules based on IP or IP Subnet are not working.
  • Debug data shows a message like this:  2016-09-30 13:49:41,976 DEBUG [MacToIpMessageHandler] ESDMAC:24-6B-23,ESDIP:192.168.25.49 MAC-to-IP message is not fully trusted, the option is set to use this data for end-systems on non-VLAN based switches, (switch: 10.10.44.109, RADIUS Resp Attrs: Extreme NetLogin - VLAN Name), only storing data in DB.
Environment
All NAC Platforms
Cause
This can be caused when a switch has been added to NAC as a VLAN Name or VLAN ID switch, as NAC's default logic is to only use DHCP Requests for "Non" VLAN switches.
Resolution
  1. Change the setting:  "Use DHCP Requests IPs" from "Never" or "Non-VLAN Based Switches" to "Always".
  2. Save then Enforce to the NAC Appliance Group.
  3. Re-test.
Additional notes
This type of issue is indicative of a switch that does not support RADIUS Accounting or SNMP query so therefore NAC reverts to using the requested IP from the End system (when DHCP is being relayed to NAC as it should be). When switches are specifically added into NAC as "VLAN" type switches, you must then tell NAC to use / trust requests from these switches by setting the option to "Always, as noted above.

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255