Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
508
Views
0
Helpful
2
Replies

NAC L3 OOB VGM Deployment examples

cpradoscarvajal
Level 1
Level 1

‎10-02-2009 07:08 AM - edited ‎02-21-2020 03:43 AM

Greetings,

Currently my customer has a L2 OOB VGM deployment for the users inside the campus network.

The customer is opening new branch offices and wants to use the same NAC server for those office (NAC centrally deployed).

I would like to get some example and guidance on how to configure the NAC in Layer 3 OOB VGM, since I wouldn't like to change my network topology in order to accomodate for Real-IP mode.

I have only found examples for Real-IP Layer 3.

0 Helpful
2 Replies 2

Faisal Sehbai
Level 7
Level 7

‎10-02-2009 09:50 AM

I've never seen anyone do this deployment successfully. In L3 RIP you can force traffic using PBR or ACLs. How will you accomplish that with L2 VLANs?

Faisal

0 Helpful

cpradoscarvajal
Level 1
Level 1

‎10-02-2009 10:44 AM

Yes i agree with you. I asked because the NAC can be configured that way, and also Cisco's documentation suggests it is possible.

The only way I thought that could accomplish L3 OOB VGM is by having a second interface in the WAN router connected to the unauthenticated VLAN, and redirecting traffic to that interface (PBR).

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card