802.1X in NAC OOB

ZINSOU ADAM JOCELYN ADISSO · ‎08-21-2012

We are installing a NAC Solution version 4.9, and we want to know which protocol between 802.1X and SNMP is recommended for discovery?

We have multiple vlans for users and only one authentication vlan.

Thanks in advance,

Jocelyn

Tarik Admani · ‎08-21-2012

Hi,

In a wired environment, dot1x and snmp will not work well together. So you will set the port the way it is and let the CAM use SNMP on moving users to their role based vlans.

It is ok if you have multiple vlans and one authentication vlan, when you configure the user roles on the manager you can set the vlan attribute there.

Please explain what you are referring to as discovery? Are you referring to snmp traps being sent for new mac addresses?

For wireless and if you want to enable SSO, then you will have to use radius and snmp both.

Tarik Admani
*Please rate helpful posts*

ZINSOU ADAM JOCELYN ADISSO · ‎08-22-2012

Hi Tarik,

yes by discovery, i 'm talking about the control plane

Ok if i understand i can use either dot1x or smnp.

or you mean no dot1x at all?

In case i can use dot1x, which deployment type is recommended?

Thanks!

saxenanitesh8522 · ‎08-23-2012

Hi

For NAC Deployment SNMP is the best of doing it. It can be any version of SNMP with you can to discover the clients and the switches in the network

Nitesh

Rate if helpful.

Tarik Admani · ‎08-23-2012

For wired do not use dot1x, for wireless with the single sign on feature you have to use dot1x, so that the radius accounting from the controller is sent to the CAS, the authenticaiton stay with your internal radius server.

Thanks,

Tarik Admani
*Please rate helpful posts*