Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
309
Views
0
Helpful
1
Replies

NAC Framework and CTA

jason.eberhard
Level 1
Level 1

‎03-11-2009 10:03 AM - edited ‎02-21-2020 03:20 AM

I've had a NAC Framework test environment (ACS 4.0 & CTA 2.1) for a couple of years now. We finally have the green light to move forward into production so I'm bringing more machines into the lab for additional testing.

I went to download the CTA again today as I couldn't find my original file and I see this in the 2.1 release notes (which I don't remember seeing before):

"Cisco Secure Services Client (SSC) replaces the CTA 802.1x Wired Client as the preferred supplicant in a deployment of the NAC security solution. NAC is supported for use in a wired network environment."

So should I now download the non-supplicant version of CTA and use it with SSC? I'm not sure I see the benefit of that.

Plus wouldn't that mean my switchports would need to be configured for both 802.1x and EAPoUDP for auth and posture respectively since the non-supplicant CTA doesn't use 802.1x like the supplicant version.

The above is the reason I hadn't used the CTA on any Mac clients and just do 802.1x with no posture for them.

0 Helpful
1 Reply 1

APatotski
Level 1
Level 1

‎07-23-2009 11:13 PM

Hello JASON,

You can use SSC with non-supplicant CTA in 802.1x NAC framework environment. You do not need to config EAPoUDP on switchports.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card