×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

NAC VPN

Unanswered Question
Jul 17th, 2006
User Badges:

Hello,


I finish IPsec Remote access tunnel in Pix515 with 7.2.1 version, and i want enable NAC for this connection,


I have configured the pix with the user guide, but i don?t find information about the CSACS configuration. Can anyone help me?


Regards.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
sachinverma Mon, 07/17/2006 - 23:22
User Badges:

Hi,

You must configure at least one Cisco Access Control Server to support NAC. Then use the aaa-server host command to name the Access Control Server group even if the group contains only one server.To configure NAC,kindly refer to following document.

http://www.cisco.com/en/US/products/ps6120/products_configuration_guide_chapter09186a008066ebb8.html


Let me know if it helps.Kindly rate this post.

Ernesto Fernand... Wed, 07/19/2006 - 05:17
User Badges:

Hello,


I have the VPN conection stablish and i see the Group in the correct profile, but the posture validation process don?t launch, in the pix log i see


%PIX-6-334001: EAPoUDP association initiated - 192.168.254.10

...

%PIX-5-334006: EAPoUDP failed to get a response from host - 192.168.254.10


I have CTA 2.0.1.14, CSACS 4.0 and VPN client 4.8.01


Regards.


m_chernogorsky Fri, 04/20/2007 - 01:14
User Badges:

Hello, as i understand from you future message,

you configure pix to wok with CTA

How ? ^-)


Now I Have the same problem

%PIX-6-334001: EAPoUDP association initiated -

...

%PIX-5-334006: EAPoUDP failed to get a response


CTA installed


Regards

Vivek Santuka Mon, 04/23/2007 - 07:30
User Badges:
  • Cisco Employee,

Hi,


Please check if CTA EOUDP service is running and also try increasing the EOUDP timeout on the PIX.


eou timeout retransmit 15


Regards,

Vivek

Actions

This Discussion