cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

477
Views
0
Helpful
6
Replies
alex goshtaei
Beginner

Reauthenticate by NAC

Hi All,

we have deployed L3 in-band scenario for wireless 2 years ago and the solution was working without any problem. we have upgrade wireless controller to 5508, since then, when users login to the first page and certified, and they want to browse to the internet, NAC redirects the web page and ask for authenticatin again, despite the users' devices are being shown as certified devices in the list.

any suggestion would be appreciate.

thanks

Alex

6 REPLIES 6
Tarik Admani
Advocate

Hi can you check your floating device, seems that with the hardware change this will cause the Nac solution the see the same ip from two Mac addresses, one from the agent and the other from the network.

Thanks,

Sent from Cisco Technical Support iPad App

Hi Tarik,

thanks for the reply, we are not using clean access agent, only use web login. should I add WLC device as floating device to the NAC to fix this problem?

thanks

Alex

Yes if you are using the webportal, you can detect the clients mac address by using the java tools so that can also pose the disconnect as to which mac address is learned from the respective ip address. Do you have a floating device configured that shows the old mac address from the controller that existed before the upgrade?

Thanks,

Tarik Admani
*Please rate helpful posts*

no, I haven't configured floating device.

How about rebooting the NAC appliances. is it going to help and remove old MAC addresses ?

Please check and see if you have any entries configured here:

http://www.cisco.com/en/US/docs/security/nac/appliance/configuration_guide/412/cas/s_cca.html#wp1040166

Thanks,

Tarik Admani
*Please rate helpful posts*

Content for Community-Ad