• October 24, 2020, 10:50:03 PM
Welcome, Guest. Please login or register. Registration is free.
Did you miss your activation email?

Author Topic: ERS4500, ERS5632, NAC, No DHCP or no network access.  (Read 2766 times)

0 Members and 1 Guest are viewing this topic.

Offline CraigStrydom

  • Rookie
  • **
  • Posts: 4
ERS4500, ERS5632, NAC, No DHCP or no network access.
« on: April 23, 2014, 05:10:42 AM »
Hi Guys,

Our network consists of ERS4500 for edge, ERS56xx for distribution layer and ERS86xx for core.

I have also rolled out a Packetfence NAC solution in one building which is where the problems occur.
This NAC has to be rolled out to all buildings (200 ERS 4500, 7 ERS56xx, 2x ERS8600).

It seems that after a few days/weeks, some devices (notebook/desktop/ip phone) will not get DHCP addresses or not be able to ping the default gateway.

This is resolved by either rebooting the ERS4500 or sometimes the 56xx distro switch (3x).

It sound a lot like the problem described here: https://forums.networkinfrastructure.info/nortel-ethernet-switching/strange-featurebug-with-dhcp-and-win7-in-an-ers5632-ers-4500-env/msg14256/#msg14256

The vlans used are mostly layer 3 with dhcp relay but 3x layer 2 vlans are required for registration and guests for the NAC. The layer 2 vlans span the edge, distro and core switches. Vlans are assigned by the NAC based on mac address. I can see on the switch and the NAC logs that the devices go into the correct vlan.

The affected switches sometimes have partly missing log files - the logs seem to just stop at some date but without indication as to what could cause it.

ERS4500 Software:
Ethernet Routing Switch 4548GT-PWR                                   
Avaya Copyright (c) 1996-2013,  All Rights Reserved                 
SSH                                                                 
HW:12       FW:5.3.0.3   SW:v5.6.3.025


Config File attached.

This could also be conflicting config settings but I do not have anyone that can check including our supplier.

Any pointers will be appreciated.

Regards,
Craig.



« Last Edit: April 23, 2014, 05:13:50 AM by CraigStrydom »


Offline MatzeKS

  • Sr. Member
  • ****
  • Posts: 311
    • matzeks
    • Controlware GmbH - Germany
Re: ERS4500, ERS5632, NAC, No DHCP or no network access.
« Reply #1 on: April 24, 2014, 02:38:17 AM »
Hello Craig & Welcome to the Forums,

are your affected devices VoIP-Phones or mostly permanently connected devices?
One value that you can try is to enable globally re-authentication for your device 1x per day for instance.

# Global
eapol multihost non-eap-reauthentication-enable

# Port-based (Range Accessport 1 - 48):
interface Ethernet ALL
eapol port 1-48 status auto re-authentication enable re-authentication-period 86400
exit


Maybe EAP-ReAuth Feature could be available in current Version SW:v5.7.0.009.
I suggest to upgrade one ERS-4500 first, add the new values to that config and see if it helps.

Good luck
« Last Edit: April 24, 2014, 02:41:26 AM by MatzeKS »
------------------------------------------------------
ACE-Fx #00050

Offline CraigStrydom

  • Rookie
  • **
  • Posts: 4
Re: ERS4500, ERS5632, NAC, No DHCP or no network access.
« Reply #2 on: April 25, 2014, 03:14:05 AM »
Hi MatzeKS,

One thing I forgot was that it is also not possible to connect to the switch via console cable when it goes into that state.

I will give re-auth a try and post the results.

Thank you very much.
« Last Edit: April 25, 2014, 03:15:51 AM by CraigStrydom »