Nac 800 To Infoblox Connector; Configuring The Infoblox Server; Configuring Nac 800 - HP ProCurve NAC 800 User Manual

Remote Device Activity Capture

NAC 800 to Infoblox Connector

NOTE:
TIP:
12-20

NAC 800 to Infoblox Connector

Infoblox™ is a DHCP server appliance that writes to syslog when it vends IP
addresses. These syslog messages (DHCPACK syslog lines) are translated and
forwarded to the NAC 800 Device Activity Capturer (DAC) by way of the
connector (syslog-to-dac.py).
Please verify that your Infoblox software is current (NIOS™ 4.1r5-0 or later).
After you upgrade or perform a new installation, the connector file (syslog-
to-dac.py) is in the following directory:
/usr/local/nac/bin

Configuring the Infoblox Server

You must configure syslog on the Infoblox server to send debug level DHCP
logs to the NAC 800 ES IPs on TCP port 514, using the local3 facility. The actual
steps to set this up may vary by NIOS. Contact Infoblox support for assistance
(http://www.infoblox.com/support/).
If the Infoblox DHCP is clustered, there is a floating/management IP and
multiple LAN IPs (one for each of the nodes in the DHCP cluster). In this
configuration:
■ The switches must be configured to forward DHCP requests (using
iphelper, for example) to the floating/management IP (not the indi-
vidual LAN IPs)
The iptables firewall on the ESs should be configured to allow syslog
■
traffic from the individual LAN IPs (one entry per Infoblox DHCP
node).

Configuring NAC 800

To configure NAC 800:
Home window>>System configuration>>Select an enforcement
cluster>>Quarantining
In the Quarantine method area, select the 802.1X radio button.
1.