Authenticated Users on Switch Port

Usaia_Tawakevou · 12 February 2024 04:10

Is it possible for LibreNMS to show authenticated users via 802.1x authentication on switch ports ? Would be really helpful if that feature is possible

Speechy · 12 February 2024 04:24

+1 to this. I’m soon to implement 802.1x on our switches so if this is supported that would be good.

RR1 · 13 February 2024 07:19

This feature is already supported. Under Ports tab you can find NAC.
if its not there , enable NAC under poller modules

Usaia_Tawakevou · 13 February 2024 21:25

Anything else to enable ? Ive got the NAC enable under poller modules. Showing up as enabled too on the device Modules as well. However nothing shows up if I go to the Ports tab of the device

huge · 13 February 2024 22:09

Anything else to enable ?

Device must also support NAC polling. Some of the Ciscos, Aruba and Dell are supported others are probably not. What’s the make and model you are interested about?

Usaia_Tawakevou · 13 February 2024 23:10

HP Procurve and Aruba mostly the 2510’s, 2530’s,2810’s, and 3800’s. Got Meraki switch as well. Meraki MS225-48LP Cloud Managed PoE Switch and Meraki MS225-24P Cloud Managed PoE Switch.

Weve got 802.1X authentication enabled and working on these switch ports

RR1 · 14 February 2024 04:08

Capture the poller debug logs and look for the lines below to see if switch is responding to NAC module polling

#### Load poller module nac ####

Module enabled: Global + | OS | Device | Manual

Usaia_Tawakevou · 14 February 2024 19:57

Thanks @RR1. Ive run that capture and I never see that line

Load poller module nac

Even though if I go to the device itself I can see it enabled on the module of that device

So this means that the device doesnt support NAC ?

I beleive it only works with Cisco gears. Even our old Cisco 3750 switches showing that Load poller module nac line on the poller result. Unfortuntely my Meraki switch doesnt support it as well from the poller capture result

RR1 · 15 February 2024 04:52

So, apart from Meraki, you can see the NAC details for other cisco devices ?

Usaia_Tawakevou · 15 February 2024 19:42

Can only see it on Cisco 3750 and the Cisco Nexus 9000 we have. Dont see it on Meraki and HP Procurve/Aruba switches

PipoCanaja · 16 February 2024 22:39

Hi @Usaia_Tawakevou
NAC SNMP support is vendor specific. No standard MIB for that. So the support for each vendor must be written in LibreNMS. Cisco, Huawei, HP Procurve, Dell are supported currently (and I have no experience with the 2 later).
You need to write (or wait for somebody to write) support in LibreNMS for your devices.
Bye

Usaia_Tawakevou · 16 February 2024 23:57

Thanks. Yeah Ive seeks assitance from Arubanetworks support

laf · 17 February 2024 15:15

I think PipoCanaja meant someone has to write the support for LibreNMS if your device provides it already.

PipoCanaja · 17 February 2024 19:34

Right @laf . I clarified my post @Usaia_Tawakevou . Support must be added into LibreNMS using the vendor MIBs

Usaia_Tawakevou · 18 February 2024 06:04

Thanks for the clarification

Usaia_Tawakevou · 18 February 2024 19:42

Got it thanks.

Usaia_Tawakevou · 18 February 2024 19:46

Thank you for the clarification