Clean Access Agent logging in to Random CAS

Unanswered Question
Jul 20th, 2009
User Badges:

Hi,


We have configured NAC in L3 OOB out of band mode where enforcement is defined at Remote Router end. We have defined Discovery IP address from CAS untrusted interface (note that we have not configured Policy base Routing scenario)but most of the time user try to connect to other CAS though its not there in Discovery Host. e.g. if Discovery IP is 172.16.16.100 then its logging in to 172.16.16.102 . Even Cisco TAC is also not able to find the root cause. Can any pne help me out in this?


Thanks...

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
amritpatek Mon, 07/27/2009 - 11:33
User Badges:
  • Silver, 250 points or more

Obtaining the Root Certificate from the CAS


Because Internet Explorer allows exporting of the CAS certificate, this section describes how to obtain the root certificate on a Windows system. Administrators can then transfer the certificate to their Mac via email as an attachment, FTP, or USB storage device.


There are three ways to retrieve the root certificate:


•Get the Root Certificate From the Mac OS X Agent Bundle


•Transfer the Root Certificate from Windows Using Internet Explorer


•Use Web Login to Get the Root Certificate

Get the Root Certificate From the Mac OS X Agent Bundle


Step 1 In the Finder, go to /Applications/CCAAgent.app.


Step 2 Ctrl-click on the CCAAgent.app to display the context menu.


Step 3 Choose Show Package Contents and search for the "perfigoca.crt" certificate in the /Contents/Resources/ folder.


Step 4 Drag and drop the "perfigoca.crt" certificate to the keychain.


Actions

This Discussion