cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
911
Views
0
Helpful
5
Replies

NAC - Not able to HTTPS into NAC Servers (CAS)

yuchenglai
Level 1
Level 1

I was wondering if anyone has seen this issue.  I am not able to HTTPS into my NAC Servers but I am still able to manage them via my NAC Managers.  What would cause this?

2 Accepted Solutions

Accepted Solutions

David,

The network you're trying to access your CASs from, is that network part of the CASs Managed Subnets?

Faisal

View solution in original post

David,

Yeah, that won't work. All traffic for the Managed subnets is sent out the untrusted interface by default and since your client is on the trusted side, it would never reach it.

HTH,

Faisal

View solution in original post

5 Replies 5

Faisal Sehbai
Level 7
Level 7

David,

What URL are you trying to access to manage your CAS's? If just the IP or Hostname, add /admin at the end, so the URL should look like this:

https://IP_ADDRESS_OF_CAS/admin

HTH,

Faisal

Classification: UNCLASSIFIED

Caveats: NONE

Faisal,

I used to be able to HTTPS into the VIP of my CAS pairs as well as their physical IP addresses. It is strange that the NAC Manager is able to "manage" these CAS pairs even though I am no longer able to HTTPS into them nor ping them via their HA VIP nor via their individual physical IP addresses. Yes, I do know how to web console into my CAS pairs using their VIP and physical IP addresses.

David Lai

Network Engineer

Brooke Army Medical Center

Office: 210.916.3644

Desk: 210.916.7488

David.Lai@amedd.army.mil

David,

The network you're trying to access your CASs from, is that network part of the CASs Managed Subnets?

Faisal

Classification: UNCLASSIFIED

Caveats: NONE

Faisal,

That is affirmative. I was trying to access my CASs from a "managed subnet." Thank you pointing that out. I think that was why I was not able to access my CASs. I will try to access them again from an "unmanaged subnet."

Thanks your time and expertise Faisal!

David Lai

Network Engineer

Brooke Army Medical Center

Office: 210.916.3644

Desk: 210.916.7488

David.Lai@amedd.army.mil

David,

Yeah, that won't work. All traffic for the Managed subnets is sent out the untrusted interface by default and since your client is on the trusted side, it would never reach it.

HTH,

Faisal

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: