Placing clients in untrusted after log off of AS SSO

Answered Question
May 21st, 2010
User Badges:

I have a L3 OOB NAC deployment with AD SSO. Users are mapped to different roles depending on OU membership and then to different VLANs. What happens is that if a user with a certain role logs on to a client and is palced in his VLAN, say VLAN10, and then logs off the PC, the PC stays in VLAN10.


Another user from a different role now comes along and logs onto that same PC stays in that same VLAN, but really needs to move to another VLAN because he/she has a different role.


If the system is rebooted then everything works fine as the SNMP linkdown trap is sent to the NAM.


How can I cause the clients using AD SSO change the role of the port to unauthenticated when they log off the system? I know that this can work with in-band but i don't know if it can be done with OOB.

Correct Answer by Faisal Sehbai about 7 years 1 month ago

Sachin,


OOB Logoff feature is coming in 4.8, due out in late summer. Currently what you're looking to do can't be done.


HTH,

Faisal

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
Faisal Sehbai Fri, 05/21/2010 - 19:17
User Badges:
  • Gold, 750 points or more

Sachin,


OOB Logoff feature is coming in 4.8, due out in late summer. Currently what you're looking to do can't be done.


HTH,

Faisal

sganpat Sat, 05/22/2010 - 20:22
User Badges:

Thanks for the info. I'll look out for that.

Actions

This Discussion