Reset Search



MAC To IP Resolution Using DHCP Requests Is Not Working

« Go Back


TitleMAC To IP Resolution Using DHCP Requests Is Not Working
  • End System's IPs are not showing up in NAC Manager...IP Address column is blank.
  • Rules based on IP or IP Subnet are not working.
  • Debug data shows a message like this:  2016-09-30 13:49:41,976 DEBUG [MacToIpMessageHandler] ESDMAC:24-6B-23,ESDIP: MAC-to-IP message is not fully trusted, the option is set to use this data for end-systems on non-VLAN based switches, (switch:, RADIUS Resp Attrs: Extreme NetLogin - VLAN Name), only storing data in DB.
All NAC Platforms
This can be caused when a switch has been added to NAC as a VLAN Name or VLAN ID switch, as NAC's default logic is to only use DHCP Requests for "Non" VLAN switches.
  1. Change the setting:  "Use DHCP Requests IPs" from "Never" or "Non-VLAN Based Switches" to "Always".
  2. Save then Enforce to the NAC Appliance Group.
  3. Re-test.
Additional notes
This type of issue is indicative of a switch that does not support RADIUS Accounting or SNMP query so therefore NAC reverts to using the requested IP from the End system (when DHCP is being relayed to NAC as it should be). When switches are specifically added into NAC as "VLAN" type switches, you must then tell NAC to use / trust requests from these switches by setting the option to "Always, as noted above.



Was this article helpful?



Please tell us how we can make this article more useful.

Characters Remaining: 255