Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Network Access Protection

i'm looking for a software that restrict the access to my network to just the domain PCs unless i specify other PCs by MAC or IP address.. in other words, if somebody try to connect his PC/hub/switch to our network, he will get blocked. i saw cisco clean access but i'm not sure if this will be the right software.


Re: Network Access Protection

In that case then I would recommend you to use Radius / 802.1x port based authentication. With Dot1x you can assign user a specific vlan that will let you control user moments across the network.

Please check this link,

New Member

Re: Network Access Protection

thank you Jagdeep. that's the answer i'm looking for. it seems i'm going in the right direction. i'm using ACS radius to authenticate. do i need to know these quest users domains in advance as most of the ACS documentation talks about external windows database. do i need to add their PC or not. thank you again for your help.