Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2501
Views
0
Helpful
4
Replies

NAC agent error while connected to wired network

fashour
Level 1
Level 1

‎08-25-2010 07:08 AM - edited ‎02-21-2020 04:03 AM

We have this senario: out of band L2 NAC deployment for wireless. Everything works great, however, when the client is connected to wired network which is not part of the NAC enforcement, we get this Error popping up over and over again:

Invalid switch configuration-OOB Error: OOB client x:x:x:x:x/y.y.y.y not found

I know that this error is coming because the switch is not added in the CAM. We can mask the issue by either unchecking the popup option on the NAC agent icon in system tray or changing the CAS ip on the NAC agent to unreachable address. Moreover, IP connectivity of the client is not affected by this message as we can reach the network from the client. The only issue is that we have the popup. Is there a way to stop the agent from doing SWISS discovery when on wired network? Any insight would be appreciated.

0 Helpful
4 Replies 4

Faisal Sehbai
Level 7
Level 7

‎08-25-2010 01:21 PM

Hello,

You can set the agent to not AutoPop, but that would be the default then and it wouldn't pop up on the Auth networks when the users will have to do it manually.

Current versions don't have the capability to not SWISS on one network and do it on the others.

For more on the options available for client configuration, please review here:

http://www.cisco.com/en/US/docs/security/nac/appliance/configuration_guide/48/cam/m_agntd.html#wp1348376

HTH,

Faisal

0 Helpful

fashour
Level 1
Level 1
In response to Faisal Sehbai

‎08-25-2010 02:18 PM

Are there plans to support SWISS out of wireless interface and not wired as per our example?

0 Helpful

Faisal Sehbai
Level 7
Level 7
In response to fashour

‎08-26-2010 03:55 AM

Fadi,

Not that I know of. I'll double check and update you.

Faisal

0 Helpful

Bryan Wulfric
Level 1
Level 1
In response to Faisal Sehbai

‎04-04-2012 08:33 AM

Hi Faisal,

I'm facing similar issue with wireless NAC user, not to wired NAC user. Some wireless NAC user cannot login to their NAC agent, the error message is OOB Error: connected device not found. When this happen, i user clear mac address-table dyna on switches. I wonder if there are some parameter that i need to tune in the NAC or WLC or the switches?

Thanks.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card