- Bronze, 100 points or more
We are working on configuring a NAC Framework test network. We've got to the point where we can successfully evaluate and flag a client PC as healthy or quarantine and enable/disable it's switchport as appropriate. The next step that we are having a problem with is assigning the port to a VLAN, whatever we do the port always seems to stay in the default VLAN1. We've created additional VLANs for healthy and quarantined PCs but can't get the ports assigned whatever we try. We're pretty sure we are getting the syntax of the various settings in ACS correct as wherever possible we are using templates to create settings profiles and where no templates are available we've checked our settings very carefully.
The only error we can see is from a radius debug on the switch during the authentication process where it returns these messages:
03:48:39: dot1x-ev:Received VLAN is No Vlan
03:48:39: dot1x-ev:Received VLAN Id -1
There are several repeats of these during the debug.