06-23-2008 10:36 AM - edited 02-21-2020 03:47 PM
Hi
So I've got NAC-L3-IP working on my Cisco 1800 IOS firewall/router through the use of;
aaa authentication eou default group radius
ip admission name secureLAN eapoudp inactivity-time 60 list 102
interface FastEthernet1.50
encapsulation dot1Q 50
ip address 10.1.10.1 255.255.255.0
ip access-group inside in
ip helper-address 192.168.199.100
ip inspect default in
ip admission secureLAN
And I'm trying to get the same working on an ASA5520 running 7.2(3).
So, I've found out how to configure NAC on the ASA5500 for remote access VPN connections, but not LAN connections. Is this not possible on the ASA5500 like on an IOS firewall? Thanks
Jason
06-27-2008 02:40 AM
Network Admission Control (NAC) protects the enterprise network from intrusion and infection from worms, viruses, and rogue applications by performing endpoint compliancy and vulnerability checks as a condition for production access to the network.
Refer the following url for more info on configuring NAC with ASA 7.2:
http://www.cisco.com/en/US/docs/security/asa/asa72/configuration/guide/vpnnac.html
06-27-2008 04:00 AM
Hi
That link you provided details configuring NAC on remote access VPN connections, which I've got working no problem...what I'd like to do is have NAC applied to outbound LAN connections, like what is possible with a router.
Is this not possible? Thanks.
Jason
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide