Cisco Nac Agent pops up continously after succesful login
I have a clean access server configured as OOB real IP gateway.
The clients are placed in authentication VLANs on the edge of the LAN that are a couple of L3 hops from the CAS.
We have policy based routing configured to pass client traffic from the authentication VLANs to the CAS.
Once the client is certified it is popped into the clients access VLAN.
All worked ok except that the NAC agent keeps popping up after successful login, attempting to login again.
I have now deployed an ACL to drop traffic from the client Access VLANs to the CAS so the client doesn't keep poppin up.
As far as I can see there is a SWISS service running with the agent that keeps sending data packets to the CAS and causes ths agent in our case to keep trying to authenticate again and again. The ACL I created prevents these packets and stops the continuing login attampts.
The annoying this is that the client can't update its user IP details in the CAM logs when I apply this ACL.
Is this by design? I would have thought once the client is logged on then the agent wouldn't need to keep trying to log on again.
GeneralWhich Cisco Secure products include access to SecureX?What are the SecureX data retention/privacy policies?What is SSE?How can I unlink my smart account from SSE and link it to a new account?Do I have to use the same SSE region as the SecureX regio...
More people are working remotely, and this increases the risk of security breaches and the difficulty in defending remote workers where they work and securing the devices they use.
Learn about Cisco Remote Secure Worker solutions that verify workers, secu...
GeneralWhich Cisco Secure products include access to SecureX?What are the SecureX data retention/privacy policies?What is SSE?How can I unlink my smart account from SSE and link it to a new account?Do I have to use the same SSE region as the Secur...
On December 8, FireEye reported that it had been compromised in a sophisticated supply chain attack: more specifically through the SolarWinds Orion IT monitoring and management software. The attackers leveraged business software updates in order to distr...