Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
405
Views
0
Helpful
1
Replies

NAC Framework NAC-L3-IP, passing posture validation, but no ACLs downloaded

jasonhumes
Level 1
Level 1

‎06-17-2008 12:20 PM - edited ‎02-21-2020 02:53 AM

Hi

I've got the NAC Framework NAC-L3-IP setup using an 1800 router and Cisco ACS Server 4.2. When my client attempts to reach the internet (through our NAD configured for network admission), I get a popup saying the Posture is Healthy, the ACS server says its good, yet I never get any of my configured ACLs downloaded to the router. I think my problem is with my RADIUS AUthorization Components...what should the Healthy RAC look like? This is what I've currently got;

IETF Session-Timeout (27) 36000

IETF Termination-Action (29) RADIUS-Request (1)

Cisco IOS/PIX 6.0 cisco-av-pair (1) status-query-timeout=300

I've got that RAC tied to a NAP and a downloadable ACL also associated to it through the Network Access Profiles page.

Can anyone provide help with this. Thanks

0 Helpful
1 Reply 1

jasonhumes
Level 1
Level 1

‎06-17-2008 12:22 PM

Ooops, nevermind, I had to enable aaa authorization network default group radius and then the ACLs downloaded as expected. Thanks!

Jason

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card