Buy or Renew
Buy or Renew
NEW! Stay up-to-date on Cisco Secure Access: Software Release Notes and Announcements
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
cancel
Start a conversation
746
Views
0
Helpful
3
Replies

NAC Installation

Reyad Safi
Level 1
Level 1

ā€Ž09-26-2011 08:59 AM - edited ā€Ž03-10-2019 06:26 PM

Hi Experts

We have  NAC 3350 Manager , and only 1 NAC 3350 Server.

we want to install it to serve users in H.Q and in remote branches.

what is the best scenario of installation to achieve the best solution ?

regards

Reyad

Labels:
0 Helpful
3 Replies 3

Reyad Safi
Level 1
Level 1

ā€Ž09-26-2011 10:35 PM

Hello

Any Suggestions

Reyad

0 Helpful

Bastien Migette
Cisco Employee
Cisco Employee
In response to Reyad Safi

ā€Ž09-27-2011 12:33 AM

Hello Reyad,

With NAC, you need that all your user traffic is going through the clean access server for at least authentication. Since you don't probably want that traffic from remote site still need to go through the NAC Server after authentication, you may want to go for a Out Of Band (OOB) deployment, with layer 3 support, since your remote sites mighte not be all L2 adjacent to the central site (depending on your connections between your sites).

Basically, users will be put in a VLAN, let's say A, before authentication. You should find a way to direct all traffic from VLAN A through the NAC Server. it's fairly easy if you have L2 connectivity, otherwise you need to implement policy based routing (PBR).

After authentication, user will be put in VLAN B, and traffic from VLAN B shouldn't go through the clean access server.

Hope this is clear.

0 Helpful

Reyad Safi
Level 1
Level 1
In response to Bastien Migette

ā€Ž09-27-2011 09:50 AM

Dear Bastien

i got the idea , thank you for your cooperatin ,

0 Helpful
Customers Also Viewed These Support Documents