cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
671
Views
0
Helpful
11
Replies

http redirection not happening to download the Agent

Hi,

I have installed CAM & CAS with 4.1.2 & configured everything was working fine.Then I upgraded to 4.1.3 then all the configuration of the CAs had to be done again.After cnfiguring I am facing a problem. When I am bouncing the port the port vlan changes to unauthenticated vlan but its not redirecting to download the Agent. I doubt I have mistaken something in the traffic policy.

Can anyone pls guide me in this regard?

Thanks in advance

Sachi

11 Replies 11

dosic
Level 1
Level 1

Hi, Sachi

Client can download caa agent if

1. his credentials are ok

2. in the Device Management > Clean Access > General Setup >Agent Login u have marked

Require use of Clean Access Agent (for Windows & Macintosh OSX only)

Hi Varnavsky,

Thanks for ur response.

Yes it is marked.

The problem is its not redirecting when you try to access network.Only thing happening is its changing to authentication vlan.Do you think any problem in traffic policy?

Thanks again

Sachi

dosic
Level 1
Level 1

Sachi,

I've a question for you. When the authorized client turns off does your switch port change its vlan from access to autentication?

ramkumar-b
Level 1
Level 1

1. Can u check whether the SSL Certs are issued to the correct IP addresses?

2. Do u have a Proxy Server for redirection?

then enable proxy IP on the NAS.

3. Is time synchronized betweel all NAC devices?

4. Is name resolution and DNS working fine and configured correctly?

kindly confirm.

Hi Ram,

Thanks for ur valued response.

I have checked all the issues u have mentioned. Everything is ok. Still its not redirecting to the Agent download page.

Thanks again

Sachi

dosic
Level 1
Level 1

Hi, Sachi.

Can you explain -When I am bouncing the port the port vlan changes to unauthenticated vlan but its not redirecting to download the Agent.

Do you mean that when the pc is in the unauthenticated vlan the caa does not pop-up?

Or smth else?

HiVarna,

Actualy after taking the port under control when I am trying to access anything it should redirected to CAS to download the agent & install it. This redirection is not happening.

Thanks in advanse for ur response

Sachi

Hi.

To get redirection the client should open his web-browser with some url and before this client's pc should get correct ip address, default gw, dns server and may be some other type of data from the dhcp-server.

After this your client sends dns request to the dns which is learned from the dchp server to explore the ip adddress of the web-server.

Your NAC server should pass-through dhcp and dns requests to the servers.

After the client's pc has got the ip-address from the dns it will try to connect to this web-server.

And only then your NAC Server catchs http traffic from the client pc and the client should see the login page asking for his credentials.

Are you sure that your dhcp, dns are correct?

Check them, pls.

To get the login page for credentials you should add it to the NAC Manager through Administration > User Pages > Login Page > Add.

May be this helps you.

Regards

I'm facing a similar problem. My DHCP is allocating address and parameters correctly but DNS is unreachable from the untrusted segment. DNS is reachable from the CAS itself but it's not letting it through or relaying from unauthenticated clients. What can I check to figure out what is wrong ? Any help appreciated :)

I'm facing a similar problem. My DHCP is allocating address and parameters correctly but DNS is unreachable from the untrusted segment. DNS is reachable from the CAS itself but it's not letting it through or relaying from unauthenticated clients. What can I check to figure out what is wrong ? Any help appreciated :)

I got it sorted ! The CAS is forwarding the IP packet containing DNS requests and the DNS server lacked of a route entry back to requester.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: