Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2790
Views
0
Helpful
3
Replies

NAC AGENT - DISCOVERY HOST IP ADDRESS with AD

Mubasher Sultan - 2x CCIE # 20149 (R&S | Sec)
Level 1
Level 1

‎12-25-2010 10:23 PM - edited ‎02-21-2020 04:11 AM

Hi,

We have deployed a Cisco NAC Agent in our network with GPO update... The deployment model is L3 OOB / Real IP Gateway.

The issue is that, we need to put the IP address in each host manually to start communicating with Cisco NAC Manager.

Is there any way to make it automatic?

Regards,

Mubasher

0 Helpful
3 Replies 3

Tiago Antunes
Cisco Employee
Cisco Employee

‎12-28-2010 02:21 AM

Hi,

You can also distribute the NACAgentCFG.xml file with that value set.

Please find here detailed info regarding this file:

http://www.cisco.com/en/US/docs/security/nac/appliance/configuration_guide/48/cam/m_agntd.html#wp1348376.

For the discovery host value you need only to edit the field:

http://www.cisco.com/en/US/docs/security/nac/appliance/configuration_guide/48/cam/m_agntd.html#wp1348769.

HTH,

Tiago

--

If  this helps you and/or answers your question please mark the question as  "answered" and/or rate it, so other users can easily find it.

0 Helpful

Mubasher Sultan - 2x CCIE # 20149 (R&S | Sec)
Level 1
Level 1
In response to Tiago Antunes

‎01-23-2011 12:32 AM

Hi Tiago Antunes,
Thanks for the link.
But it still doesnt help.
The problem is .Installing the Agent through MSI File. Added the registry key "ServerUrl" in MSI File and after installing, the "ServerUrl" Registry key appears in windows Registry but still agent not showing the discovery host ip in the client App, We have to manually put the IP Address.
we have more than 1000 windows clients and we cannot install the agent manually.

0 Helpful

henrybett
Level 1
Level 1
In response to Mubasher Sultan - 2x CCIE # 20149 (R&S | Sec)

‎06-19-2013 07:42 AM

Hi Mubashir,

I faced the same problem with cisco ISE and Tiago's response actually helped see below.

" You can also distribute the NACAgentCFG.xml file with that value set.

Please find here detailed info regarding this file:

http://www.cisco.com/en/US/docs/security/nac/appliance/configuration_guide/48/cam/m_agntd.html#wp1348376. "

In that link, read the section: Agent Customization Settings


From a NAC agent that has successfully been deployed with the IP configured , go to the NAC agent installation folder 

C:\Program Files (x86)\Cisco\Cisco NAC Agent , and copy the NACAgentCFG.xml , open with wordpad and edit the line

IP of PDP node or ISE standalone server

Then place the edited NACAgent.xml file in the same folder as the one where your GPO will pick the agent from. When the Agent is installed , it automatically picks the configs from the .xml file.

Regards,

Henry



0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card