Clean Access Server Virtual Gateway Out Band

Unanswered Question
Nov 2nd, 2007
User Badges:

Can anyone tell me how to install a CAS / CAM server for an existing Wireless LAN (WLC's) ? There is a document on the Cisco site for a NAC and WLC config, but that is a "real gateway" config. I would like to install a out of band "virtual gateway" solution.

Is it posible to use the CAS just for virus / patch scanning ? Authentication is working via an ACS RADIUS server...


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
sathappan Fri, 11/02/2007 - 22:22
User Badges:


You cannot go for Out of band mode for Wireless. You have to use Inband, but it can be real Ip gateway or virtual gateway.

For Inband Virtual gateway configuration, you can refer to the " secure wireless design" in the

remco.gussen Sat, 11/03/2007 - 07:11
User Badges:

Sorry, I made a mistake...

What I was trying to ask..... How can you configure In band Virtual Gateway for wireless ? There are documents for in band real gateway.. That is not what I want...

Is it posible to use the CAS just for virus / patch scanning ? Authentication is done by an ACS RADIUS server...


remco.gussen Sat, 11/03/2007 - 07:38
User Badges:

Ok, I'm going to read the doc. So if I want to set up PEAP to authenticate wireless clients by the ACS (RADIUS server in WLC points to ACS), that is posbile. I can use the NAC just for check security policies...

pszczola1 Mon, 11/05/2007 - 21:03
User Badges:

You have to set up Authentication server in Clean Access Manager as well. It could be your Radius server or LDAP with backend AD.

Define the default role which will be assigned to the user after the authentication in the authentication servers part and map the rules and requirements to the this role in Clean Acces Agent section-)


This Discussion