I'm currently working on a test implementation of Cisco NAC with McAfee.
Everything works, the client is put into the right VLAN, etc.
But unfortunately, every few minutes (it happens in all the VLANs so it's not a specific VLAN problem or so) the Trust Agents closes the connection and the user needs to re-entry his credentials (name and password).
In the ACS logs on "failed attempts", the following appears:
message-type: authen failed
auth-failure-code: could not connect to external policy server - timeout error.
reason: a token was not returned from a policy. policy = ePO (this is the external ePo server policy).
Another strange thing is that, although several users are succesfully logged-in, there aren't any users shown at Reports > logged-in users...
I'm working with an internal ACS database for the user credentials.
Does anyone know what could cause this?