We are running NAC 4.7.2 in a OOB VGW configuration.
Let's say the mapping is from untrusted vlan 630 to trusted vlan 30 and that I have device that has failed it's posture check and needs to remediate to an external website. (The device that has failed stays in vlan 630 and has an same IP address it would use when it is moved into vlan 30.)
I would like to leave the device in vlan 630 but need to give it access to the Internet. Am I correct in that I should be able to do this using the proper filter?
If not what is the correct way to approach this scenario?
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
[toc:faq]Introduction:This document describes details on how NAT-T
works.Background:ESP encrypts all critical information, encapsulating
the entire inner TCP/UDP datagram within an ESP header. ESP is an IP
protocol in the same sense that TCP and UDP are I...