Does Cisco NAC support for HP Switches

Magesh G. · ‎12-28-2011

Dear all,

the existing network has HP switches , is there any way i can deploy Cisco NAC solution here ?

Pls revert .

thanks ,

Tarik Admani · ‎12-28-2011

No we do not support other switches for NAC outside of Cisco, it was never tested so it was never supported. I am sure if you understand how nac works you can get this to work however, it would be difficult to get support from either HP or Cisco since this isnt supported. However for an inband solution you may be able to get this to work, however for OOB you are out of luck, all the SNMP libraries arent present for any other products but cisco, nor can you add them either.

Thanks,

Tarik Admani

jonmarso_07 · ‎12-31-2011

My friend for the NAC support other brands of equipment is necessary to configure it in-band mode.

jonmarso_07 · ‎12-31-2011

Mode in-band traffic passes through the NAC, and this can be a problem.

OOB mode it is adjacent then today is a most widely used solution, but go in there and test the band because only this will work perfectly in your environment.

boulest · ‎05-16-2012

I am implementing NAC in a very large network, I want to make sure it will work with all types of switches. If I implement it in In-band Mode, will this guarantee work with any switch vendor?

mlezerkiewicz · ‎08-02-2013

If you are planning on very large install OOB is the way to go for wired and wireless. You will not be able support more than 40 CASes and i encounter problems with 4.9.1 at 16 HA OOB pairs and needed to upgrade. Good luck.

Sent from Cisco Technical Support iPad App

prajith.ep · ‎07-23-2013

I am also having the same issue. I have configured NAC in In-Band mode.NAC is connected to HP Procurve 5406. But its its not working with HP Procurve, however if I connect NAC with Cisco L3, it works fine. How can I make it work with HP.

boulest · ‎07-23-2013

Cisco NAC has lots of limitations, and surly this is one of them. But while I respect the fact that cisco will not support NAC on HP switches. It can work. And it will perform just fine, once you understand “Cisco NAC” and able to configure it for the first time, you will be able to support it without the need of TAC.

The idea is that Cisco NAC sends commands to the switches on the network to apply specific access list or Vlan changes, since Cisco can only speak Cisco, it does not know how to tell other switches to do that. . The work around is that you would have the NAC running in in-line mode on your network, yes this will introduce a bottleneck, but that is the only way to do it. The NAC then will look at the traffic based on the MAC or IP and apply set of policies depending on the source or the destinations.

Please do your research and look at other NAC solutions before you decide the best vendor to go with.

prajith.ep · ‎07-30-2013

I am not at all able to make NAC work with HP switch, Please advice me how to configure the HP switch so that NAC will work

game123 · ‎01-13-2014

Well, NAC does not require cisco switches i believe. as per theory you are just supposed to pass on the logic of auth(untrust) vlan to access(trust) vlan and connect your switches in L2 or L3 topology with Cisco CAS (also called NAS) server.

Just as hint :

CAM (also called NAM) will use mostly 1 ethernet port (2nd port you need only for HA if you have 1 more CAM box)

CAS (also called NAS ) will minimum require 2 ports. Both normally will be trunks and pass relevant traffic as per theory of auth and acc vlans.

Hope this helps.

-K-

manjeets · ‎08-17-2013

Kindly go through the compatiblity matrix of NAC :

http://www.cisco.com/en/US/products/ps6128/products_device_support_tables_list.html