I have a some question on Cisco NAC and not sure if it is able to support it:
1. Can NAC honor/trust qos packet when it is setup for inband/out of band?
2. For creation of lobby admin on management of local guest accounts(using clean access appliance); does the cisco nac appliance support
authentication of lobby admin via acs/external db? If not, would adding a guest server achieve it?
3. Does the nac appliance support non cisco wireless controller as well as mixture of cisco/non-cisco switches? If so, if the switch support snmp mib mac-notification/link up/link down; would that be sufficient?
4. Does Cisco NAC comes with a predefined set of AV rules to check that any of the support AV is running for posture check (example if NAC support 100 different virus product; can it check all 100 of the different product that may be installed on a PC for posture check). An example of this would be hotel/whereby there are people from with different antivirus products installed trying to access the network and the antivirus need to be running and installed and updated in order to access network). I do know that the default pre-confgiured rule can check for installation/definition however not sure on application/service status running.
For VGW setups, you have to have them in separate subnets. For RIP, they can be in same subnet without problem.
If you find this post helpful, please rate so others can find the answer easily