Solved: Can't access CAM VIP - NAC

jcarvalh · ‎01-13-2011

Hello.

I have NAC implemented in HA.

All used to work fine until I was unable to control the switches and also unable to access the CAM via VIP.

If i reboot both CAM then the VIP will "work" for 15 min (I am able to acces the VIP via HTTPS and also I am able to control the switchs via SNMP) but then it just stops working.

In a capture I notice that the response from the CAM to a syn is a packet with an ack and a reset. Also if I login (using real IP address) to the CAM via SSH I can telnet the VIP on port 443, so it seems that the service is up.

Anyone with ideas?

Best regards,

Joao

Tiago Antunes · ‎01-13-2011

Hi,

That sounds like a mac table expire...

Can you check the switch where the CAM is connected if the mac address gets lost after those 15 mins?

When it stops "working", set up a sniffer trace on a PC and try to access the VIP. Can you chare the sniffer trace?

HTH,
Tiago

--

If this helps you and/or answers your question please mark the question as "answered" and/or rate it, so other users can easily find it.

View solution in original post

Tiago Antunes · ‎01-13-2011

Hi,

That sounds like a mac table expire...

Can you check the switch where the CAM is connected if the mac address gets lost after those 15 mins?

When it stops "working", set up a sniffer trace on a PC and try to access the VIP. Can you chare the sniffer trace?

HTH,
Tiago

--

If this helps you and/or answers your question please mark the question as "answered" and/or rate it, so other users can easily find it.

jcarvalh · ‎01-13-2011

Hello Tiago.

I went to check issues with mac address and find out that there is a duplicated ip address. That was the reason to the strange behavior

Anyway your hint was helpfull.

Thanks,

Joao.