All-
I am in a lab environment working on a project that, among others, includes Cisco's NAC product.
We are responsible for providing basic network services, such as DHCP, WSUS, Anti-virus and Certificate Services. We have completely loaded and tested our configuration and have added Cisco NAC to the environment.
Currently, the computers that are not managed by an ACS work without a hitch. Computers managed by the ACS are not receiving Group Policy and thus, are not downloading updates from WSUS.
Could there possibly be a timing issue that is preventing GPO from being applied because the CTA and ACS are still sorting out whether the computer should even has access?
-When we disconnect those machines and plug them into switches with no knowledge of NAC they work fine.
-When we change the applicable ACLs to prmit ip any any, we still get no joy when the computers are being managed by ACS.
There is Cisco on-site support available, but not until Feb 7th. I would like to make some progress between now and then. Any help would be greatly appreciated.
GC