Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
653
Views
0
Helpful
3
Replies

NAC high avialabilty

Go to solution
wael.kamal
Level 1
Level 1

‎02-07-2010 11:37 PM - edited ‎02-21-2020 03:52 AM

my teamleader give me a task to impliment NAC in an enterprise nertwork solution :

the solution contains wireless system using wireless LAN controller, VPN over WAN ,  reduendancy for every device .

1. i want to impliment NAC manager high availabilty and NAC server high avilabilty  from the istallation guide i found many senerios

2. i want  impliment the NAC server INband  what recomendations layer 2 or layer 3 implimentaions

3. i saw in the installation guide that in NAC high avialabilt use serial cabel  and no info about it

thank you for your help

Preview file
73 KB
Preview file
1766 KB
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
wkamil123
Level 1
Level 1

‎02-08-2010 02:31 AM

Hi,

The best solution for you is to deploy CCA in a L3 OOB central deployment mode. Local users will be connected to CAS in L2 OOB.

In future you can easily deploy NAC at the branche offices.

Looking for your network scheme, you must connect CAM and CAS to switchs WS-C4509-E.

CAM and CAS are using serial cable as a null modem, you can use it but it's not necessary if you connected two CAMs through crossover ethernet cable.

Kamil,

View solution in original post

0 Helpful

Go to solution
wkamil123
Level 1
Level 1
In response to wael.kamal

‎02-08-2010 08:01 AM

Why not?

On which device are you terminated IPSec tunnels? It's a Cisco ASA?

So, you can easily add to the CAM Cisco ASA as a VPN concentrator. Furthermore, you can deploy VPN SSO, if you have on the network environment Microsoft Active Directory server.

Kamil,

View solution in original post

0 Helpful
3 Replies 3

Go to solution
wkamil123
Level 1
Level 1

‎02-08-2010 02:31 AM

Hi,

The best solution for you is to deploy CCA in a L3 OOB central deployment mode. Local users will be connected to CAS in L2 OOB.

In future you can easily deploy NAC at the branche offices.

Looking for your network scheme, you must connect CAM and CAS to switchs WS-C4509-E.

CAM and CAS are using serial cable as a null modem, you can use it but it's not necessary if you connected two CAMs through crossover ethernet cable.

Kamil,

0 Helpful

Go to solution
wael.kamal
Level 1
Level 1
In response to wkamil123

‎02-08-2010 04:28 AM

i think L3OOBand deploment  will not work with IPSEC VPN and there are some  clients using  cisco VPN client

0 Helpful

Go to solution
wkamil123
Level 1
Level 1
In response to wael.kamal

‎02-08-2010 08:01 AM

Why not?

On which device are you terminated IPSec tunnels? It's a Cisco ASA?

So, you can easily add to the CAM Cisco ASA as a VPN concentrator. Furthermore, you can deploy VPN SSO, if you have on the network environment Microsoft Active Directory server.

Kamil,

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card