04-30-2010 09:28 AM - edited 02-21-2020 03:56 AM
I was wondering if anyone has seen this issue. I am not able to HTTPS into my NAC Servers but I am still able to manage them via my NAC Managers. What would cause this?
Solved! Go to Solution.
05-02-2010 04:06 PM
David,
The network you're trying to access your CASs from, is that network part of the CASs Managed Subnets?
Faisal
05-03-2010 01:20 PM
David,
Yeah, that won't work. All traffic for the Managed subnets is sent out the untrusted interface by default and since your client is on the trusted side, it would never reach it.
HTH,
Faisal
04-30-2010 08:45 PM
David,
What URL are you trying to access to manage your CAS's? If just the IP or Hostname, add /admin at the end, so the URL should look like this:
https://IP_ADDRESS_OF_CAS/admin
HTH,
Faisal
05-01-2010 02:07 PM
Classification: UNCLASSIFIED
Caveats: NONE
Faisal,
I used to be able to HTTPS into the VIP of my CAS pairs as well as their physical IP addresses. It is strange that the NAC Manager is able to "manage" these CAS pairs even though I am no longer able to HTTPS into them nor ping them via their HA VIP nor via their individual physical IP addresses. Yes, I do know how to web console into my CAS pairs using their VIP and physical IP addresses.
David Lai
Network Engineer
Brooke Army Medical Center
Office: 210.916.3644
Desk: 210.916.7488
David.Lai@amedd.army.mil
05-02-2010 04:06 PM
David,
The network you're trying to access your CASs from, is that network part of the CASs Managed Subnets?
Faisal
05-03-2010 06:52 AM
Classification: UNCLASSIFIED
Caveats: NONE
Faisal,
That is affirmative. I was trying to access my CASs from a "managed subnet." Thank you pointing that out. I think that was why I was not able to access my CASs. I will try to access them again from an "unmanaged subnet."
Thanks your time and expertise Faisal!
David Lai
Network Engineer
Brooke Army Medical Center
Office: 210.916.3644
Desk: 210.916.7488
David.Lai@amedd.army.mil
05-03-2010 01:20 PM
David,
Yeah, that won't work. All traffic for the Managed subnets is sent out the untrusted interface by default and since your client is on the trusted side, it would never reach it.
HTH,
Faisal
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: