Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

NAC Deployement

Hi

in campus envirments where a collapsed 2 Core and 2 Distribution with VSS enabled on both 6513 core/Distribution, along with 2000 users,

Question Is:

according the above situation what is the best deployment for NAC Manager/NAC Server,in term of L2/L3 out of band,What do y say in this deplyoment

Thanks

7 REPLIES
New Member

Re: NAC Deployement

I would recommend reading the following white paper and then updating your post with a more specific question:

http://www.cisco.com/en/US/prod/collateral/vpndevc/ps5707/ps8418/ps6128/prod_white_paper0900aecd802bdc42.html

Re: NAC Deployement

Hi,

I agree that you should be more specific.


For example L2 is when the NAS is going to be adjacent on the same L2 segment of the client.
L3 generally is better since the NAS does not have to be adjacent to the client (more scalable)

In-band is when the traffic passes through the NAS all the time.
OOB is when only the authentication and posture passes through the NAS, then all normal traffic
is redirected to the appropiate VLAN.
For OOB you need Cisco Switches.

One NAS server can only serve certain connections, therefore depending on your topology you might need
more than one NAS servers and a Lite-Manager or Standard Manager.

Check out the NAC datasheet for the NAC Appliances and let us know if you have any questions.

Federico.

New Member

Re: NAC Deployement

thanks all, I ll be back to you

New Member

Re: NAC Deployement

thanks all, I ll be back to you

New Member

Re: NAC Deployement

guys

Plz refer to the above post,i m going to go with L3 out-of-band implementation,any help now

Thanks

Re: NAC Deployement

Hi,

OOB, L3...

You still need to decide the physical deployment mode: (edge or central) and the passing traffic mode: (bridge mode or gateway mode)

Please refer to this presentation to get technical knowledge overview:

http://www.cisco.com/en/US/prod/collateral/vpndevc/ps5707/ps8418/ps6128/prod_presentation0900aecd8048676a.pdf

This links you can find the configuration guides:

http://www.cisco.com/en/US/products/ps6128/products_installation_and_configuration_guides_list.html

Here's the general information you require to know (data sheet):

http://www.cisco.com/en/US/prod/collateral/vpndevc/ps5707/ps8418/ps6128/product_data_sheet0900aecd802da1b5.html

Let us know if you have any questions.

Federico.

New Member

Re: NAC Deployement

Thanks Federico

229
Views
15
Helpful
7
Replies