Complete NAC failure / backout scenario ?

Unanswered Question
Dec 18th, 2007

Hello, we have several CAS applainces some running in-band and some are running out-of-band with 2 CAMs running in a failover pair. My question is if we were to have a failure of some sort with the entire NAC infrastructure and have to reach out to all of our distribution switches, has anyone thought of possibly a script via the SNMP write string to "normal up" all ports so that we won't lock out users in limbo in the auth VLAN? I know this is pretty far fetched, but has anybody thought about what they would do in such a scenario? Thanks in advance for any suggestions, John

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
pplsi Wed, 12/26/2007 - 10:59

This has been a concern of mine as well. The only thing I know of to do is put the ports in unmanged.

If you can't access the cam you will need to ssh into the switches and manually change the ports.

I hope someone has a better solution though.


This Discussion