Network Access Control

 View Only

  • 1.  SNAC: Simple Forward PEAP to client host in enforcer log

    Posted Jun 19, 2013 04:21 AM

    Hello all,

     

    Any idea what's happening? This PC below, keep having intermittent issue with SNAC.... the logs looks so weird

     

     

    Jun/18/2013 11:55:24.366 [ radproxy.c][ 4551]: EAP Identity received from client host/MSB15Symantec.xxxx.xxxxDomain.com(00-1E-0B-26-4A-3E)[00000479]!

    Jun/18/2013 11:55:24.366 [ radproxy.c][ 4793]: Forward identity to 172.16.82.47 with client host/MSB15Symantec.xxxx.xxxxDomain.com(00-1E-0B-26-4A-3E)[00000479] from authenticator 172.16.82.62! HI=14

    Jun/18/2013 11:55:24.372 [ radproxy.c][ 6504]: Old challenge format, after PEAP body.

    Jun/18/2013 11:55:24.372 [ radproxy.c][ 6578]: Send PEAP Challenge to client host/MSB15Symantec.xxxx.xxxxDomain.com(00-1E-0B-26-4A-3E)[00000479] via switch 172.16.82.62

    Jun/18/2013 11:55:24.380 [ radproxy.c][ 5242]: PEAP from client host/MSB15Symantec.xxxx.xxxxDomain.com(00-1E-0B-26-4A-3E)[00000479], start packet eap id is 2, current eap packet id 2

    Jun/18/2013 11:55:24.380 [ radproxy.c][ 5257]: From client host/MSB15Symantec.xxxx.xxxxDomain.com(00-1E-0B-26-4A-3E)[00000479], Payload=83, EAP Length=271, eaphdr=4, Reply=52

    Jun/18/2013 11:55:24.380 [ radproxy.c][ 8353]: Get UID as from client host/MSB15Symantec.xxxx.xxxxDomain.com(00-1E-0B-26-4A-3E)[00000479]:

    Jun/18/2013 11:55:24.380

    00000000 D9 43 49 F8 89 E2 65 50 59 32 64 4E D3 3A 5A 53 .CI...eP Y2dN.:ZS

    00000010 AD A5 BD 61 14 40 FC 3E F9 7C B5 32 50 63 1E 23 ...a.@.> .|.2Pc.#

    00000020 8A 17 C7 C1 17 10 12 8C 98 66 9C B4 EC 76 7D 19 ........ .f...v}.

    00000030 E9 64 D8 5F E6 8E F3 82 A7 5B 33 2A 73 36 46 07 .d._.... .[3*s6F.

    00000040 EA 7D 82 77 0A 11 12 26 00 49 88 FA BD 63 DA D5 .}.w...& .I...c..

    00000050

    Jun/18/2013 11:55:24.380 [ radproxy.c][ 8374]: Get profile serial number from LAN client host/MSB15Symantec.xxxx.xxxxDomain.com(00-1E-0B-26-4A-3E)[00000479]: B8EC-06/17/2013 21:17:04 498, and server is Valid B8EC-06/17/2013 21:17:04 498

    Jun/18/2013 11:55:24.380 [ radproxy.c][ 8291]: Get current SEPM IP 10.17.18.22 for client host/MSB15Symantec.xxxx.xxxxDomain.com(00-1E-0B-26-4A-3E)[00000479]

    Jun/18/2013 11:55:24.380 [ radproxy.c][ 8533]: In R_id=1, client host/MSB15Symantec.xxxx.xxxxDomain.com(00-1E-0B-26-4A-3E)[00000479]

    Jun/18/2013 11:55:24.380 [ radproxy.c][ 5719]: Forward remove HI packet to 172.16.82.47 from client host/MSB15Symantec.xxxx.xxxxDomain.com(00-1E-0B-26-4A-3E)[00000479] via 172.16.82.62.

    Jun/18/2013 11:55:24.381 [ radproxy.c][ 6648]: Simple Forward PEAP to client host/MSB15Symantec.xxxx.xxxxDomain.com(00-1E-0B-26-4A-3E)[00000479] via switch 172.16.82.62



  • 2.  RE: SNAC: Simple Forward PEAP to client host in enforcer log

    Posted Jun 19, 2013 10:56 AM

    I men, I have three questions for you??

    Your client authentic correctly,(I suppose no but you tell me)?? , which is your form to authenticate the clientes with SNAC (full or transparent)?? and did you use the RADIUS or Active Directory to authenticate the user??.

    And try to delete the data in your RADIUS or Active Directory for this client and check that authentication in your PC is disable on the tab Authentication.

    I had some similar with a phone but I solved re-load the firmware´s phone and discharge again the data in the RADIUS.

     

    I hopes help. Regards



  • 3.  RE: SNAC: Simple Forward PEAP to client host in enforcer log

    Posted Jun 27, 2013 02:48 AM

    Thanks for the input gonz

     

    Apparent the SEPM did not manage to provide UID to enforcer in this case.... most likely due to replication since we have 2 SEPM console

     

    We are running on full mode for SNAC