Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

NAC with CTA and VPN Concentrator, Does not detect CTA client

Hello.

We are trying to get the latest Cisco Trust Agent 2.0.0.30 to work with VPN. Cisco VPN client is version 4.8.00.0440, and the Concentrator is 3030, running software version 4.7.2e.

Connecting the computer to a switchport works great, both L2 and L3. But when starting the VPC client, I get authenicated but it seems like no EAPoUDP is sent/received, so it gets status clientless or non-responsive/unknown client.

Any tips on what could be wrong?

I've seen a couple of other simular questions on this forum, but no responds to it.

All filters are open on the concentrator, and no ACLs that is blocking.. And no firewall on the computer!

Regards,

Asbjørn Prøis

2 REPLIES
Community Member

Re: NAC with CTA and VPN Concentrator, Does not detect CTA clien

Hello again.

After som sniffing and debugging we found out that the computer gets a route to the concentrator, making it send the EAPoUDP packets outside the VPN-tunnel. route delete'ing it made a difference.

Now we see the EAPoUPD packets beeing sent and received (by sniffing om the computer).

Looking at the logs on the concentrator we now have this error :

http://www.cisco.com/cgi-bin/Support/Errordecoder/index.cgi?action=search&counter=0&paging=5&query=NAC/11

One step further at least.. Any ideas?

Regards,

Asbjørn Prøis

Community Member

Re: NAC with CTA and VPN Concentrator, Does not detect CTA clien

Only public interface is able to receive EAPoUDP.

-- Petter

3295
Views
0
Helpful
2
Replies
CreatePlease to create content