Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

NAC Framework and CTA

I've had a NAC Framework test environment (ACS 4.0 & CTA 2.1) for a couple of years now. We finally have the green light to move forward into production so I'm bringing more machines into the lab for additional testing.

I went to download the CTA again today as I couldn't find my original file and I see this in the 2.1 release notes (which I don't remember seeing before):

"Cisco Secure Services Client (SSC) replaces the CTA 802.1x Wired Client as the preferred supplicant in a deployment of the NAC security solution. NAC is supported for use in a wired network environment."

So should I now download the non-supplicant version of CTA and use it with SSC? I'm not sure I see the benefit of that.

Plus wouldn't that mean my switchports would need to be configured for both 802.1x and EAPoUDP for auth and posture respectively since the non-supplicant CTA doesn't use 802.1x like the supplicant version.

The above is the reason I hadn't used the CTA on any Mac clients and just do 802.1x with no posture for them.

New Member

Re: NAC Framework and CTA

Hello JASON,

You can use SSC with non-supplicant CTA in 802.1x NAC framework environment. You do not need to config EAPoUDP on switchports.