Need your favor, I was trying to do L2 OOB virtual gateway NAC for wired user with following :
Both interfaces of CAS are trunk with only respective VLAN allowed.
CAS is added to CAM.
Switch is added to CAS.
VLAN mapping is configured like 50(untrusted) has been mapped to 60(trusted)
Port profile is configured.
Switch port from CAS is configured with that port profile
When I connect my client to Auth vlan 50 so should I need to give static IP to my NIC or it should obtain the IP from DHCP (for both auth and access vlan)
First I gave static from auth vlan 50 but port normally connected and does not show any NAC web page.
Then I configured DHCP for access vlan 60 and put the client port in auth vlan 50 but still not asking me for NAC posture page.
When I check discovered clients then it shows my Laptop MAC .
Am I still missing some thing?
The NAC Captive portal is able to provide 3 options: Use Cisco NAC webagent, Download Clean Access Agent and Get restricted Access.
"Download Clean Access Agent" allows the user to download the agent, without using the webagent first. The user is only required to log in.
The button for "download Cean Access Agent", is available for all roles that are required to use the clean access agent. This is configurable at: Device Management > Clean Access > General Setup > Agent Login.
See the Installation and Configuration Guide(chapter 10) for more info