NAC and HREAP - supported ?

Unanswered Question
Sep 28th, 2010
User Badges:


We have a setup with two sites.

The central site is running a 6509 VSS setup with 2 WISM modules.

There is 2 NAC installations - a L2 OOB and a new l3 OOB setup for the remotes sites.

The second site contains a 4506 and local servers and AP´s in HREAP mode, so we don´t have local traffic over the MPLS (100 mbit) to the central office.

But how do we get NAC working ?

It that supported ?

We have multiple WLAN´s with NAC enabled on the central site, and that works just fine.

Best regards


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Faisal Sehbai Wed, 09/29/2010 - 07:01
User Badges:
  • Gold, 750 points or more


Inband wireless would more than likely work (depending on design) but realize that ALL traffic will flow through the CAS for it. If the CAS is remote, then you'll have traffic going through the remote hop. Out of band is only supported so far in L2 scenarios.




If you find this post helpful, please rate so others can find the answer easily

JUAN HUICAB Fri, 10/01/2010 - 10:46
User Badges:

Also you have to consider the following:

The supported mode of HREAP in Cisco NAC Wireless Out-Of-Band is central authentication, central switching. In this state, the controller handles client authentication, and all client data is tunneled back to the controller. This state is valid only in connected mode. Local Switching is not supported with Cisco NAC Wireless OOB.




This Discussion