I have NAC deployed in L2 OOB VGW mode and everything works fine. We see the FWSM , which has the L3 interface for the access VLAN, bombarded by UDP port 8905 traffic. I believe this is happening even after the PCs have changed to access VLAN (as I can see them in the online users list and their switchport is in Access VLAN. Is this normal and how can we stop it from happening? I have the discovery host set to default which is the CAM IP which ofcourse is on a separate subnet. Please let me know
Agents are designed that way to send out traffic on port 8905 every 5 seconds. This is so when the agent is in the Auth VLAN, the CAS can 'sense' the agent and ask for authentication, so yes, it's a nuisance, but working as designed.
Thanks for your response. So just to confirm, even after authentication and posture assessment is complete, the agent tries to send these packets every 5 seconds? There is no way to stop this behaviour?
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...