Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Cisco NAC Configuration Issue

Hi,

Cisco NAC is connected to the core switch. All the access switches are L2 connected to the core switch and to the clients.

The user vlan is 101 and the access vlan is 11. The trusted and untrusted interface of Cisco Access server has same IP.NAC is configured as L2 OOB Virtual gateway mode. Please let me if this is correct in this scenario.

Also , the access switch and the the client is discovered in Cisco NAC. What should be configuration of auth vlan in Core switch and also that the user is not able to redirect to NAC agent and the user is not shown under online users in Cisco NAC. Also, the posture assessment is not happening.

Please let me know the solution for this.

Regards,

Shalvi Yadav

1 REPLY

Cisco NAC Configuration Issue

Hi,

Please explain the vlans one more time, is the vlan 101 for clients that are unauthenticated and then being mapped over to 11 once their traffic is inspected and permitted (trusted). If so, you will need to setup vlan mapping from 101 to 11 you will need to configure a managed subnet entry (an unused ip address from vlan 11 that is tagged with vlan 101).

then you will have to make sure that vlan 101 is a l2 vlan and that all switches that are connected to the clients are set to trunk vlan 101 and 11 to client. Also the port setting of all clients will need to be set to vlan 101.

As far as setting up oob there is more to it, you will need to open a TAC case if you are looking for configuration assistnace with the nac system.

I hope that gets you started or provide some help.

Tarik admani

Tarik Admani *Please rate helpful posts*
351
Views
0
Helpful
1
Replies
CreatePlease to create content