Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
512
Views
0
Helpful
2
Replies

NAC OOB Configuration

Go to solution
mamaral
Level 1
Level 1

‎12-28-2010 08:43 AM - edited ‎02-21-2020 04:11 AM

Hi!

I'm implementing an NAC oob solution. tTe CAS and CAM are in the Data-center on an remote network, and i need to control the vlan's that my users access on my remote sites.

How do i make them authenticate on the remote CAS? (the Cas is on an remote network)

TKX

Miguel

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Tiago Antunes
Cisco Employee
Cisco Employee

‎12-29-2010 12:48 AM

Hi,

Well, it looks like you are starting now, so I would advise to get in touch with the OOB concept and guidelines:

http://www.cisco.com/en/US/docs/security/nac/appliance/configuration_guide/48/cam/m_oob.html.

You have L2/L3 mode.

You have OOB/InB mode.

You have Real-Ip/Virtual gateway mode.

You have 2 main VLANs for the clients: authentication (untrusted) and access (trusted) vlans.

The goal is to make the client fall into the auth vlan prior to login, and the traffic flow through the CAS so that the CAS can permit/deny the client from passing traffic.

You have also, nice chalk-talks where you can see VODs explaining the steps for configuring several features/deployments:

http://www.cisco.com/en/US/prod/collateral/vpndevc/ps5707/ps8418/ps6128/prod_presentation0900aecd80549168.html.

HTH,
Tiago

--

If  this helps you and/or answers your question please mark the question as  "answered" and/or rate it, so other users can easily find it.

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Tiago Antunes
Cisco Employee
Cisco Employee

‎12-29-2010 12:48 AM

Hi,

Well, it looks like you are starting now, so I would advise to get in touch with the OOB concept and guidelines:

http://www.cisco.com/en/US/docs/security/nac/appliance/configuration_guide/48/cam/m_oob.html.

You have L2/L3 mode.

You have OOB/InB mode.

You have Real-Ip/Virtual gateway mode.

You have 2 main VLANs for the clients: authentication (untrusted) and access (trusted) vlans.

The goal is to make the client fall into the auth vlan prior to login, and the traffic flow through the CAS so that the CAS can permit/deny the client from passing traffic.

You have also, nice chalk-talks where you can see VODs explaining the steps for configuring several features/deployments:

http://www.cisco.com/en/US/prod/collateral/vpndevc/ps5707/ps8418/ps6128/prod_presentation0900aecd80549168.html.

HTH,
Tiago

--

If  this helps you and/or answers your question please mark the question as  "answered" and/or rate it, so other users can easily find it.

0 Helpful

Go to solution
mamaral
Level 1
Level 1
In response to Tiago Antunes

‎12-29-2010 04:12 AM

Hi,

TKX Tiago,

The documentation that you recomended was very useful!!!

Best regard's,

Miguel

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card