I try to mount a NAC lab with the following architecture :
- 802.1x on switch ports
- ACSv5 with an external database (windows) for machine and user authentification
- ACS v5 do vlan assignement and it works great.
- Nac Manager
- Nac agent on workstations : tried with CTA or CAA
I try to add a posture validation to check for the presence of an antivirus.
So I insalled a NAC Manager and add a "External Policy Check" on my ACS policy rule.
The Endpoint has CTA or CCA for posture validation.
It seems ACS doen't even try to make the request to the manager. I get the following error in ACS :
STEP_79=15038 Skipping External Policy because of missing or malformed required attributes
My question is : What do I need to do external posture validation with acs5 to a Nac Manager.
The guide reference I used is : http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_system/5.0/user/guide/common_scenarios.html#wp1053461
Thanks for your answer