Re: Network congestion with NAC

Xavier Lloyd · ‎02-01-2011

Hi all,

I've deployed successfully in L2 OOB VG mode with PCs plugged in behing IP phones, however everytime I connect the NAC to the network the Internet slows down and the phone quality degrades. What could be the cause of this? An ideas?

Thanks,

~Xavier.

Lauren Sullivan · ‎02-08-2011

Hi Xavier,

Sounds like a loop. Check the switchports connected to the trusted and untrusted side of the CAS - I'm assuming you've got them set to trunks. If so, make sure there are no shared VLANs between the two ports, and make sure the native VLAN on each is set to a different garbage VLAN.

So, for a quick example. Say you're mapping VLAN 500 to VLAN 5 and VLAN 600 to VLAN 6, and VLAN 998 and 999 are currently not being used on your network.

trusted side

switchport trunk native vlan 998

switchport trunk allowed vlan 5, 6

untrusted side

switchport trunk native vlan 999

switchport trunk allowed vlan 500, 600

Of course, you'll also want to allow the management VLAN on the trusted side, too.

One other thing - are you seeing any errors on the directly connected switch about those ports or the CAS MAC addresses?

HTH,

Lauren

Xavier Lloyd · ‎02-08-2011

Hi Lauren,

I don't have any common VLANs between the trusted and untrusted ports and I've configured everything on the CAS and CAM according to the best practices in the config guide so I suspect that it's a network problem.

Since the time I made the post, I haven't heard anyone complain about the Internet again so the problem seems to have resolved itself. If it happens again then I'll be sure to take a look at the switch and provide the information you asked for.

Thanks for the help =]

Xavier