Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
447
Views
0
Helpful
3
Replies

CANAC and switches communication

ayman emara
Level 1
Level 1

‎10-31-2010 05:21 AM - edited ‎03-09-2019 11:14 PM

Hi all,

I have NAC manager and server that manages alot of switches

i want to remove some of the switches so as nac can't manage those switches.

Best Regards,

Ayman Yehia

Labels:
0 Helpful
3 Replies 3

jan.nielsen
Level 7
Level 7

‎10-31-2010 01:53 PM

So what is your question again ?

0 Helpful

ayman emara
Level 1
Level 1
In response to jan.nielsen

‎10-31-2010 03:53 PM

HI Jan,

what i ment that i want to remove the switches from NAC device and make the NAC UNable to manage the switches without changing the community string .

i want to do any thing possible from the switch side so as to make the NAC CAN NOT manage those switches without changing the community string.

Regards,

Ayman Yehia

0 Helpful

jan.nielsen
Level 7
Level 7
In response to ayman emara

‎11-01-2010 02:16 AM

You can use an access-list to filter out the ip addresses from the NAC system in your snmp commands on the switch. This will deny 10.10.10.10 to use snmp to the switch, and allow everything else.

access-list 10 deny 10.10.10.10

access-list 10 permit any
snmp-server community Public RO 10
snmp-server community Private RW 10

0 Helpful
Customers Also Viewed These Support Documents