NAC - wanna test the basic setup - does not work !!!!
·I have simple NAC setup with 1 NAC MGR “CAM” and 1 NAC SRVR “CAS”
·My users are running network 192.168.10.x/24 , and I wanna implement in L2 VG mode. Both NAC MGR and NAC SRVR can ping each other.
·CAM VLAN 55 = 192.168.55.x/24 , and CAS VLAN 66 = 192.168.66.x/24
·NAC MGR “CAM” has only 1 cable going to the core switch and NAC SRVR has 2 cables going to the core switch ( one is trusted trunk end and another is untrusted trunk end) . Created two VLANS 999 and 998 and put each of them on each link as blackhole prevention mechanism described in Cisco docs.
·I have a Windows 2008 DHCP Server who is giving the pool of IPs for users from 192.168.10.x/24 and it is working fine. Routing in the core switch is also ok.
·I have SSH and web access to both CAM and CAS boxes. They are also updating online smoothly.
·From the GUI, I have created the AV Rules also and CAM shows CAS as connected as well !!!! My version is 4.1.8 (upgraded from 4.1.3 )
INT VLAN 10 (USER VLAN) SVI is on core switch = 192.168.10.254 /24
INT VLAN 55 ( MGMT ) SVI is on core switch = 192.168.55.254/24
INT VLAN 66 (MGMT) SVI is on core switch = 192.168.66.254/24
1.I am not able to download or get the NAC Client software MSI or stub file or ActiveX prompt to download ….
2.I don’t know how to start troubleshooting at this stage. Please note that My client PC is windows XP machine and the port is already configured to VLAN 100.
I have 1 CORE switch only and my NAC boxes and client are connected to the same CORE switch.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...