cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
727
Views
0
Helpful
6
Replies

Reauthenticate by NAC

alex goshtaei
Level 1
Level 1

Hi All,

we have deployed L3 in-band scenario for wireless 2 years ago and the solution was working without any problem. we have upgrade wireless controller to 5508, since then, when users login to the first page and certified, and they want to browse to the internet, NAC redirects the web page and ask for authenticatin again, despite the users' devices are being shown as certified devices in the list.

any suggestion would be appreciate.

thanks

Alex

6 Replies 6

Tarik Admani
VIP Alumni
VIP Alumni

Hi can you check your floating device, seems that with the hardware change this will cause the Nac solution the see the same ip from two Mac addresses, one from the agent and the other from the network.

Thanks,

Sent from Cisco Technical Support iPad App

Hi Tarik,

thanks for the reply, we are not using clean access agent, only use web login. should I add WLC device as floating device to the NAC to fix this problem?

thanks

Alex

Yes if you are using the webportal, you can detect the clients mac address by using the java tools so that can also pose the disconnect as to which mac address is learned from the respective ip address. Do you have a floating device configured that shows the old mac address from the controller that existed before the upgrade?

Thanks,

Tarik Admani
*Please rate helpful posts*

no, I haven't configured floating device.

How about rebooting the NAC appliances. is it going to help and remove old MAC addresses ?

Please check and see if you have any entries configured here:

http://www.cisco.com/en/US/docs/security/nac/appliance/configuration_guide/412/cas/s_cca.html#wp1040166

Thanks,

Tarik Admani
*Please rate helpful posts*

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: