NAC VPN

Ernesto Fernandez gomez-pinto · ‎07-17-2006

Hello,

I finish IPsec Remote access tunnel in Pix515 with 7.2.1 version, and i want enable NAC for this connection,

I have configured the pix with the user guide, but i don?t find information about the CSACS configuration. Can anyone help me?

Regards.

sachinverma · ‎07-17-2006

Hi,

You must configure at least one Cisco Access Control Server to support NAC. Then use the aaa-server host command to name the Access Control Server group even if the group contains only one server.To configure NAC,kindly refer to following document.

http://www.cisco.com/en/US/products/ps6120/products_configuration_guide_chapter09186a008066ebb8.html

Let me know if it helps.Kindly rate this post.

Ernesto Fernandez gomez-pinto · ‎07-19-2006

Hello,

I have the VPN conection stablish and i see the Group in the correct profile, but the posture validation process don?t launch, in the pix log i see

%PIX-6-334001: EAPoUDP association initiated - 192.168.254.10

...

%PIX-5-334006: EAPoUDP failed to get a response from host - 192.168.254.10

I have CTA 2.0.1.14, CSACS 4.0 and VPN client 4.8.01

Regards.

m_chernogorsky · ‎04-20-2007

Hello, as i understand from you future message,

you configure pix to wok with CTA

How ? ^-)

Now I Have the same problem

%PIX-6-334001: EAPoUDP association initiated -

...

%PIX-5-334006: EAPoUDP failed to get a response

CTA installed

Regards

Vivek Santuka · ‎04-23-2007

Hi,

Please check if CTA EOUDP service is running and also try increasing the EOUDP timeout on the PIX.

eou timeout retransmit 15

Regards,

Vivek