NAC L3 OOB VGM Deployment examples

Unanswered Question
Oct 2nd, 2009


Currently my customer has a L2 OOB VGM deployment for the users inside the campus network.

The customer is opening new branch offices and wants to use the same NAC server for those office (NAC centrally deployed).

I would like to get some example and guidance on how to configure the NAC in Layer 3 OOB VGM, since I wouldn't like to change my network topology in order to accomodate for Real-IP mode.

I have only found examples for Real-IP Layer 3.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Faisal Sehbai Fri, 10/02/2009 - 09:50

I've never seen anyone do this deployment successfully. In L3 RIP you can force traffic using PBR or ACLs. How will you accomplish that with L2 VLANs?


cpradoscarvajal Fri, 10/02/2009 - 10:44

Yes i agree with you. I asked because the NAC can be configured that way, and also Cisco's documentation suggests it is possible.

The only way I thought that could accomplish L3 OOB VGM is by having a second interface in the WAN router connected to the unauthenticated VLAN, and redirecting traffic to that interface (PBR).


This Discussion