cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
499
Views
0
Helpful
2
Replies

NAC L3 OOB VGM Deployment examples

cpradoscarvajal
Level 1
Level 1

Greetings,

Currently my customer has a L2 OOB VGM deployment for the users inside the campus network.

The customer is opening new branch offices and wants to use the same NAC server for those office (NAC centrally deployed).

I would like to get some example and guidance on how to configure the NAC in Layer 3 OOB VGM, since I wouldn't like to change my network topology in order to accomodate for Real-IP mode.

I have only found examples for Real-IP Layer 3.

2 Replies 2

Faisal Sehbai
Level 7
Level 7

I've never seen anyone do this deployment successfully. In L3 RIP you can force traffic using PBR or ACLs. How will you accomplish that with L2 VLANs?

Faisal

cpradoscarvajal
Level 1
Level 1

Yes i agree with you. I asked because the NAC can be configured that way, and also Cisco's documentation suggests it is possible.

The only way I thought that could accomplish L3 OOB VGM is by having a second interface in the WAN router connected to the unauthenticated VLAN, and redirecting traffic to that interface (PBR).

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: