I am new to the NAC solution but I have a VPN SSO Layer 3 VG INBAND MODE configuration that works with the VPN solution and now I want to expand my current config to do more. I am trying to have a conference room that will have ports that are placed in a CCA server vlan 94 untrust and if they pass posture accessment then they are placed in untrust vlan93. This works for the most part except for DNS...ie I have to put in the yahoo IP...also I am unable to pull a DHCP address...if I assign a vlan 93 IP I get the CAA to pop up and I can log into the local DB...but if I set to DHCP it will not pull an address. see attached sample
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...