NAC - Not able to HTTPS into NAC Servers (CAS)

Answered Question
Apr 30th, 2010
User Badges:

I was wondering if anyone has seen this issue.  I am not able to HTTPS into my NAC Servers but I am still able to manage them via my NAC Managers.  What would cause this?

Correct Answer by Faisal Sehbai about 6 years 10 months ago

David,


Yeah, that won't work. All traffic for the Managed subnets is sent out the untrusted interface by default and since your client is on the trusted side, it would never reach it.


HTH,

Faisal

Correct Answer by Faisal Sehbai about 6 years 10 months ago

David,


The network you're trying to access your CASs from, is that network part of the CASs Managed Subnets?


Faisal

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
yuchenglai Sat, 05/01/2010 - 14:07
User Badges:

Classification: UNCLASSIFIED

Caveats: NONE


Faisal,


I used to be able to HTTPS into the VIP of my CAS pairs as well as their physical IP addresses. It is strange that the NAC Manager is able to "manage" these CAS pairs even though I am no longer able to HTTPS into them nor ping them via their HA VIP nor via their individual physical IP addresses. Yes, I do know how to web console into my CAS pairs using their VIP and physical IP addresses.


David Lai

Network Engineer

Brooke Army Medical Center

Office: 210.916.3644

Desk: 210.916.7488

[email protected]

Correct Answer
Faisal Sehbai Sun, 05/02/2010 - 16:06
User Badges:
  • Gold, 750 points or more

David,


The network you're trying to access your CASs from, is that network part of the CASs Managed Subnets?


Faisal

yuchenglai Mon, 05/03/2010 - 06:52
User Badges:

Classification: UNCLASSIFIED

Caveats: NONE


Faisal,


That is affirmative. I was trying to access my CASs from a "managed subnet." Thank you pointing that out. I think that was why I was not able to access my CASs. I will try to access them again from an "unmanaged subnet."


Thanks your time and expertise Faisal!


David Lai

Network Engineer

Brooke Army Medical Center

Office: 210.916.3644

Desk: 210.916.7488

[email protected]

Correct Answer
Faisal Sehbai Mon, 05/03/2010 - 13:20
User Badges:
  • Gold, 750 points or more

David,


Yeah, that won't work. All traffic for the Managed subnets is sent out the untrusted interface by default and since your client is on the trusted side, it would never reach it.


HTH,

Faisal

Actions

This Discussion

Related Content