Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
3254
Views
0
Helpful
8
Replies

ISE and NAC Agent

jthullen
Level 1
Level 1

‎04-30-2012 08:43 AM - edited ‎03-12-2019 05:40 PM

Hello, we currently run NAC for our wired (OOB), wireless (IB) and VPN (IB) enviroments. We are looking at migrating over to ISE for our wireless enviroment as a first step, with follow-up projects to move the VPN and wired clients over. I have been reading that ISE will still use the NAC agent. Our current NAC enviroment is at 4.7.2 and we are running the 4.7.2.10 agent. We do not want to upgrade this enviroment, we would rather focus on migrating to ISE. So our thought was to upgrade the clients to the latest NAC agent version 4.9.1.5. This agent is supported against the 4.7.2 NAC Manager. The problem is, I do not see this agent version listed as supported in the ISE compatibility matrix. Instead, they list a NAC agent of 4.9.0.37, which ironically, is NOT listed in the NAC compatiblity matrix. So what version of NAC agent should we run in a mixed enviroment? I am hoping 4.9.1.5 is supported against ISE, and the matrix is simply not updated yet. Thank you in advance for your help.

Labels:
0 Helpful
8 Replies 8

Tarik Admani
VIP Alumni
VIP Alumni

‎05-01-2012 06:21 AM

Hi,

The nac agents will not work together, you will have to upgrade your environment to support the same agent version for both environments.

thanks,

Tarik Admani

0 Helpful

jthullen
Level 1
Level 1
In response to Tarik Admani

‎05-01-2012 06:40 AM

Not sure I understand. The 4.9.1.5 NAC agent does run against our CAM, as we have tested that and it is listed in the support matrix. So if we upgrade our NAC applainces, we would still run that agent. Does that agent tun against ISE, and if not, what is Cisco's recommendation to bring ISE into the enviroment? We have to have a migration path, and wireless seemed like a logical first step. But we need a NAC agent that will work against Clean Access AND ISE as our laptops will be wireless and wired at different times. Which Agent would be recommended?

0 Helpful

Tarik Admani
VIP Alumni
VIP Alumni
In response to jthullen

‎05-02-2012 12:38 AM

Hi,

I am following up on this for your, I am confirming to see if the ISE documentation needs to be updated or if it hasnt been officially tested. I completely understand why this is critical.

Thanks

Tarik Admani

0 Helpful

jthullen
Level 1
Level 1
In response to Tarik Admani

‎05-02-2012 04:49 AM

Thank you Tarik, I really appreciate your help with this issue. Hopefully there is a client compatibile with both, I will keep my fingers crossed until I hear from you!.

0 Helpful

Eduardo Aliaga
Level 4
Level 4
In response to jthullen

‎05-12-2012 08:26 PM

are there any updates about this problem ?

0 Helpful

jthullen
Level 1
Level 1
In response to Eduardo Aliaga

‎05-13-2012 05:32 AM

I have not heard back from Tarik on this issue yet.

0 Helpful

Eduardo Aliaga
Level 4
Level 4
In response to jthullen

‎08-06-2012 10:51 AM

Hello everybody. Are there any updates about the agents compatibility issue between ISE and NAC manager ?

0 Helpful

Tarik Admani
VIP Alumni
VIP Alumni
In response to Eduardo Aliaga

‎08-06-2012 12:13 PM

Sorry for the delay, but in agent release 4.9 is is supported:

http://www.cisco.com/en/US/docs/security/nac/appliance/release_notes/49/49rn.html#wp1268309

However even the statements made seem to require some testing before rolling this out.

Thanks,

Tarik Admani
*Please rate helpful posts*

0 Helpful
Customers Also Viewed These Support Documents
Top