NAC L3 OOB switch ports not switching fronm auth to access

Unanswered Question

We have a L3 OOB, workstations are using the CA Agent, both XP and Vista machines. After login the CA Agent keeps looping, refreshing ip successful, the switchport never changes from the untrusted Authentication VLAN to the Access VLAN, the workstations shows in Online Users OOB screen in the Access VLAN, they also never show up in the certified device list. Anyone ever have this issue.

Thanks in advance for your assistance.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)

No other error messages, just looping throught refreshing IP, I did get a call back from TAC, the issues was that after working with a number of TAC Eng during the installation, one TAC eng had me remove the managed subnets and create static routes. This was incorrect, the rule is that, if the clients are L2 adjacent to the CAS when starting out in the authentication vlan your need to use managed subnet not static routes. So the clients would never get into the certified device list and the CAM would not send an SNMP to the switch to change to the access VLAN. Once this was changed it is working correctly now.

thanks you for your response.


netadmrona Wed, 08/26/2009 - 05:25
User Badges:

I am having the same issue. Did you ever find a solution?

jad.sadek Wed, 08/26/2009 - 10:52
User Badges:

Provide some details:

- what type of authentication are you using?

- Did you check the list of supported switches and their IOS to make sure your switch is compliant?

pszczola1 Thu, 10/08/2009 - 07:56
User Badges:


Forgive me a stupid question, but are there any Vmware running on the computers in questions? It happens when NAC detacts several MAC addresses.



This Discussion