NAC Network Module NME-NAC-K9

Unanswered Question
Jun 28th, 2010

Hello Guys..the thing is that I am trying to configure two cisco routers 2800 with a NAC module, nme-nac-k9, but
there is little information about it.....is there any document or book that could help me with that...

I´ve already read and followed this PDF " Getting Started with Cisco NAC Network Modules in Cisco Access Routers " but it is not enough to set a remote office with tha..I have some doubts on how the ´phisical interfaces are involved in the trust or untrust schemme.

This part of the configuration, that I ve tried to use

ip dhcp excluded-address 10.57.41.248 10.57.41.254
ip dhcp excluded-address 10.57.42.248 10.57.42.254
ip dhcp excluded-address 10.57.43.248 10.57.43.254
!
ip dhcp pool Data_Network
   network 10.57.41.0 255.255.255.0
   default-router 10.57.41.254
   dns-server 10.88.1.50
   lease 0 4
!
ip dhcp pool Wi-Fi_Network
   network 10.57.42.0 255.255.255.0
   default-router 10.57.42.253
   dns-server 10.88.1.50
   lease 0 4
!
ip dhcp pool Voip_Network
   network 10.57.43.0 255.255.255.0
   option 150 ip 10.88.236.70
   default-router 10.57.43.252
   netbios-node-type p-node
   lease 0 4
!

.

.

.

interface Integrated-Service-Engine1/0
ip address 10.30.30.10 255.255.255.0
service-module ip address 10.30.30.9 255.255.255.0
service-module ip default-gateway 10.30.30.10
no keepalive
!
interface Integrated-Service-Engine1/0.41
description Data Network
encapsulation dot1Q 1 native
ip address 10.57.41.254 255.255.255.0
!
interface Integrated-Service-Engine1/0.42
description Wi-Fi Network
encapsulation dot1Q 2
ip address 10.57.42.253 255.255.255.0
!
interface Integrated-Service-Engine1/0.43
description VoIP Network
encapsulation dot1Q 3
ip address 10.57.43.252 255.255.255.0
!
interface Integrated-Service-Engine1/0.51
description Cas_T-U_Scenario
encapsulation dot1Q 51
ip address 10.88.51.252 255.255.255.0

#sh ip int brief
Interface                  IP-Address      OK? Method Status                Protocol
GigabitEthernet0/0         unassigned      YES unset  up                    down   
GigabitEthernet0/1         unassigned      YES unset  up                    up     
In1/0                      10.30.30.10     YES manual up                    up     
In1/0.41                   10.57.41.254    YES manual up                    up     
In1/0.42                   10.57.42.253    YES manual up                    up     
In1/0.43                   10.57.43.252    YES manual up                    up     
In1/0.51                   10.88.51.252    YES manual up                    up    

I ve already configure the trust and untrust interfaces of the NME-NAC-K9 but the doubt is here, how could I join the phisical router interfaces according to my config ???  wich interface can I use to connect the switch that has the networks mentioned before ??

By the other hand, I´ve read that the trust interface is a internal port of the router but then how I make to link that port with a router phisical interface ??

for example, I ve read that the untrust interface is the only network interface, how can I make it visible at the CLI in order to configure or something ??

Guys, I hope you could help me ??

Thanks a lot

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.

Actions

This Discussion