VOSS RADIUS Reachability Mode use-radius is Rejected

A VOSS switch with EAPOL enabled will send RADIUS reachability packets every 180 seconds using RADIUS reachability mode use-radius. The Access-Request will contain the User Name Attribute with value reachme. If this username does not exist on the RADIUS server an Access-Reject (3) message is seen every time the Access-Request is sent.

In Extreme Access Control add the username reachme with password reachme in the Local  Password Repository and the Access-Request will return an Access-Accept message.

A new installation of Control will need at least one Authentication Rule setup under the Configuration>AAA>Default>Advanced AAA Configuration which will use the Local Authentication option for the Authentication Method.

I always change the Default setting from Basic to Advanced AAA Configuration to allow multiple Authentication Rules so can search Active Directory as well as Local.

XIQ-SE unable to discover VSP with SNMPv3

If XIQ-SE is unable to discover a VOSS switch with SNMPv3 it is most likely caused by a mismatch in SNMP credentials. This could be to do with authpriv settings using incorrect authentication or privacy mode or the passwords don’t match.

There is another, not very obvious cause where the two double quotes are pasted as “bb” when adding a new group.

snmp-server group HOMELAB “” auth-priv read-view ALL write-view ALL notify-view ALL

The “” signify that the group belongs in the GRT VRF 0.

The show snmp-server group command will show “bb” under the Prefix column when it should be blank.

The solution here is to remove the group and user and manually type the commands in on the CLI instead of pasting and you will find the show snmp-server group output now excludes “bb” characters and XIQ-SE can discover the switch.