Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

NAC Network Module NME-NAC-K9

Hello Guys..the thing is that I am trying to configure two cisco routers 2800 with a NAC module, nme-nac-k9, but
there is little information about it.....is there any document or book that could help me with that...

I´ve already read and followed this PDF " Getting Started with Cisco NAC Network Modules in Cisco Access Routers " but it is not enough to set a remote office with tha..I have some doubts on how the ´phisical interfaces are involved in the trust or untrust schemme.

This part of the configuration, that I ve tried to use

ip dhcp excluded-address 10.57.41.248 10.57.41.254
ip dhcp excluded-address 10.57.42.248 10.57.42.254
ip dhcp excluded-address 10.57.43.248 10.57.43.254
!
ip dhcp pool Data_Network
   network 10.57.41.0 255.255.255.0
   default-router 10.57.41.254
   dns-server 10.88.1.50
   lease 0 4
!
ip dhcp pool Wi-Fi_Network
   network 10.57.42.0 255.255.255.0
   default-router 10.57.42.253
   dns-server 10.88.1.50
   lease 0 4
!
ip dhcp pool Voip_Network
   network 10.57.43.0 255.255.255.0
   option 150 ip 10.88.236.70
   default-router 10.57.43.252
   netbios-node-type p-node
   lease 0 4
!

.

.

.

interface Integrated-Service-Engine1/0
ip address 10.30.30.10 255.255.255.0
service-module ip address 10.30.30.9 255.255.255.0
service-module ip default-gateway 10.30.30.10
no keepalive
!
interface Integrated-Service-Engine1/0.41
description Data Network
encapsulation dot1Q 1 native
ip address 10.57.41.254 255.255.255.0
!
interface Integrated-Service-Engine1/0.42
description Wi-Fi Network
encapsulation dot1Q 2
ip address 10.57.42.253 255.255.255.0
!
interface Integrated-Service-Engine1/0.43
description VoIP Network
encapsulation dot1Q 3
ip address 10.57.43.252 255.255.255.0
!
interface Integrated-Service-Engine1/0.51
description Cas_T-U_Scenario
encapsulation dot1Q 51
ip address 10.88.51.252 255.255.255.0

#sh ip int brief
Interface                  IP-Address      OK? Method Status                Protocol
GigabitEthernet0/0         unassigned      YES unset  up                    down   
GigabitEthernet0/1         unassigned      YES unset  up                    up     
In1/0                      10.30.30.10     YES manual up                    up     
In1/0.41                   10.57.41.254    YES manual up                    up     
In1/0.42                   10.57.42.253    YES manual up                    up     
In1/0.43                   10.57.43.252    YES manual up                    up     
In1/0.51                   10.88.51.252    YES manual up                    up    

I ve already configure the trust and untrust interfaces of the NME-NAC-K9 but the doubt is here, how could I join the phisical router interfaces according to my config ???  wich interface can I use to connect the switch that has the networks mentioned before ??

By the other hand, I´ve read that the trust interface is a internal port of the router but then how I make to link that port with a router phisical interface ??

for example, I ve read that the untrust interface is the only network interface, how can I make it visible at the CLI in order to configure or something ??

Guys, I hope you could help me ??

Thanks a lot

514
Views
0
Helpful
0
Replies