08-07-2012 11:55 PM - edited 03-10-2019 07:23 PM
Hi ,
I implemented cisco nac 4.9 in our environment as OOB VG L2 with ADSSO integration ,
before ADSSO was implemented everything had worked correctly ,
I have unauthenticated and access vlan that have diffrenet IP range , when I do not have ADSSO started , clients after posture assessment put in access vlan and with DHCP release/request feature the ip address range change based on access vlan , and when the client push log out option in NAC agent , the client return to unauthenticated vlan and ip address change again,
but with ADSSO i have 2 problems :
1. when my domain users logg in to domain the LOG OUT option on cisco nac agent become grey out and they do not log out , so they had to logg off on domian to come back to unauthenticated vlan .
2. when the client comes back to unauthenticated vlan the ip address never change , i mean they put in unauthenticated vlan with access vlan ip address.
how should I do for these situation ? is it norml that domain users can not log out via nac agent >?
thanks ,
08-08-2012 06:35 AM
Here are you answers in line:
1. when my domain users logg in to domain the LOG OUT option on cisco nac agent become grey out and they do not log out , so they had to logg off on domian to come back to unauthenticated vlan. With ADSSO the login and logout commands are unavailable because this is how ADSSO works. If you are on the domain and in a clean access environment you will be logged in automatically. Below is the link that covers this behavior.
2. when the client comes back to unauthenticated vlan the ip address never change , i mean they put in unauthenticated vlan with access vlan ip address.
You will have to modify the xml file in order to enable the vlan detect option, this requires the agent to be installed and running. You can pull the NACAgentCFG.xml from the workstation make the change to the "
Thanks and please remember to rate helpful posts.
Tarik Admani
*Please rate helpful posts*
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide