Anyone got a template or script which would modify the necessary registry settings so that clean access agent will notice when the vlan changes and then would refresh ipconfig?
I've deployed the NAC 4.1.3 in a OOB Layer 3 with central CAS deployment. I've noticed that when you clear the certified device list users that are still logged in are placed in the untrusted VLAN but since the port never goes down the IP address on the client doesn't change. I can't enable port bouncing because I have IP phones. So we could enable RetryDetection in the registry along with PingArp but this requires I know how to mass modify registry setting via group policy. So does anyone have a adm template or logon script example I could use to accomplish this? I don't have the knowledge to make this happen. Any ideas? Thanks