NAC and HREAP - supported ?

tue_noergaard · ‎09-28-2010

Hi..

We have a setup with two sites.

The central site is running a 6509 VSS setup with 2 WISM modules.

There is 2 NAC installations - a L2 OOB and a new l3 OOB setup for the remotes sites.

The second site contains a 4506 and local servers and AP´s in HREAP mode, so we don´t have local traffic over the MPLS (100 mbit) to the central office.

But how do we get NAC working ?

It that supported ?

We have multiple WLAN´s with NAC enabled on the central site, and that works just fine.

Best regards

Tue

Faisal Sehbai · ‎09-29-2010

Tue,

Inband wireless would more than likely work (depending on design) but realize that ALL traffic will flow through the CAS for it. If the CAS is remote, then you'll have traffic going through the remote hop. Out of band is only supported so far in L2 scenarios.

HTH,

Faisal

--

If you find this post helpful, please rate so others can find the answer easily

JUAN HUICAB · ‎10-01-2010

Also you have to consider the following:

The supported mode of HREAP in Cisco NAC Wireless Out-Of-Band is central authentication, central switching. In this state, the controller handles client authentication, and all client data is tunneled back to the controller. This state is valid only in connected mode. Local Switching is not supported with Cisco NAC Wireless OOB.

From cisco.com

Regards

Juan Huicab Internetworking juan.huicab@nextiraone.com.mx T 52 (81) 1001 8000 E 8015 C 52 (81) 1077 2435 San Pedro Garza García, N. L. México www.nextiraone.com.mx