Problems with the Cisco NAC agent, does not perform remediation??

Unanswered Question
Apr 9th, 2010
User Badges:

Good Morning

I'm doing an implementation of NAC, but when the user is authenticated, the agent informs you that does not comply with defined security policies, to start the repair and re-scan the machine error appears "NAC Server is not available on the net" . The policy I am doing is to check a file on local disk C

Deputy error screen

I appreciate your responses as soon as possible

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
yeseniamm Fri, 04/09/2010 - 08:01
User Badges:

The policy I am doing is to check a file on local disk C


mecampr Wed, 07/21/2010 - 15:16
User Badges:

did you ever get that fixed, as it seems that is the same problem im having. The error only appears when i ask for remediation, if I allow it through without any rules, nac works fine.

JUAN HUICAB Wed, 07/21/2010 - 17:20
User Badges:

I think that the problem it could be in the way you assigned the new vlan to that user or the vlan itself, so I recommend you that double check the trafficc control at the remediation zone and verify that zone could reach CAM/CAS.

mecampr Thu, 07/22/2010 - 05:22
User Badges:

the problem i have is when it moves into remediation....phase 2. If no remediation is being done (ie no checks, rules scans etc) then it moves directly from phase 1 (authentication) to phase 3 (authenticated user and assign role) and all works fine.

I've looked under all the traffic rules and can see nothing that would mean it could not contact the CAS. There are some differences in 4.7, like the ethernet traffic filter. It seems to me when put in the temp role, the vlan should still be the auth vlan. There is a role based vlan option under edit roles, but it states that is only for normal login, not tem agent, so it should not apply.

Im starting to think something has gone wrong with the upgrade code somewhere....TAC looked at my config  and could see nothing on a quick check, im working with them to resolve the issue


This Discussion