Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

NAC Framework NAC-L3-IP, passing posture validation, but no ACLs downloaded

Hi

I've got the NAC Framework NAC-L3-IP setup using an 1800 router and Cisco ACS Server 4.2. When my client attempts to reach the internet (through our NAD configured for network admission), I get a popup saying the Posture is Healthy, the ACS server says its good, yet I never get any of my configured ACLs downloaded to the router. I think my problem is with my RADIUS AUthorization Components...what should the Healthy RAC look like? This is what I've currently got;

IETF Session-Timeout (27) 36000

IETF Termination-Action (29) RADIUS-Request (1)

Cisco IOS/PIX 6.0 cisco-av-pair (1) status-query-timeout=300

I've got that RAC tied to a NAP and a downloadable ACL also associated to it through the Network Access Profiles page.

Can anyone provide help with this. Thanks

1 REPLY
New Member

Re: NAC Framework NAC-L3-IP, passing posture validation, but no

Ooops, nevermind, I had to enable aaa authorization network default group radius and then the ACLs downloaded as expected. Thanks!

Jason

249
Views
0
Helpful
1
Replies