NAC Active Directory Vlan Assignment

Unanswered Question
May 4th, 2007

Hi,

Can anybody confirm whether it is possible to assign Users to specific Vlans based on Active Directory attributes.

Cisco NAC 3100 Series devices will be deployed in the installation. At present no posture assessment is necessary, only Vlan assigment using AD username/password.

The documentation is unclear as to whether this can be achieved.

Thanks

Ian.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
iwearing Fri, 05/04/2007 - 07:58

Thanks for the reply.

Unfortunately the customer specifically wishes to use the NAC Servers for Vlan assisgnment based on AD attributes.

Next will come posture assessment etc.

I can find no documentation that verifies this is possible using NAC?.

Ian.

pplsi Fri, 05/04/2007 - 09:35

I know if you are doing a NAC appliance setup CAM/CAS you can map the OU from AD to a vlan.

Looks like you are using NAC framework which in that case I believe you would have to use the ACS.

Actions

This Discussion