Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Users might experience few discrepancies in Search results. We are working on this on our side. We apologize for the inconvenience it may have caused.
New Member

NAC OOB L3 and many untrusted vlans

Hello

I am planning OOB L3 real IP deployment and have few questions:

1. After CAM decides to which vlan user will be redirected what protocol does it use to tell switch to set this vlan ? For this deployment i found only: http://www.cisco.com/en/US/docs/security/nac/appliance/configuration_guide/413/cas/s_L3oob.html but it's incomplete. There is not detailed explenation how it works. Could you suggest any other link ?

2. What types of rules are available for setting destination vlan ? I want to have many untrusted vlans and each of them should be mapped to specified trusted vlan (if user authenticates and validates)

Thanx

1 REPLY
New Member

Re: NAC OOB L3 and many untrusted vlans

1. SNMP is used to read and write the vlan info on the switches.

2. You can use port profiles or NAC roles to set destination vlans. An example of how Port profiles would be used is if you want a port to start in a desired authentication vlan and transition to a specific access vlan afetr posture assessment and authentication. NAC roles can be used to assign ports to a specific auth vlan based on things like credentials....

Hope this helps.

Ern

134
Views
5
Helpful
1
Replies
CreatePlease to create content