Buy or Renew
Buy or Renew
NEW! Stay up-to-date on Cisco Secure Access: Software Release Notes and Announcements
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
543
Views
3
Helpful
5
Replies

Clean Access design

JASON ANDERSON
Level 1
Level 1

‎04-18-2005 04:02 AM - edited ‎03-09-2019 10:58 AM

I'm working on a Clean Access design for a small college. Does anyone have any good resources for design, specifically for supporting approx. 1000 users? I'm also looking for part numbers but have only found one so far.

Thanks!

Labels:
0 Helpful
5 Replies 5

matt.austin
Level 1
Level 1

‎04-19-2005 03:05 AM

Well, if you haven't read ask the expert yet, that may be a good place to start. For some beginning information:

Cisco Clean Access requires 2 needed components, and one optional component.

1. Clean Access Server

2. Clean Access Mananger

3. Cisco Clean Access Agent (Optional)

I received pricing on this from http://www.cdw.com. When you look on there page, do a search for Cisco Clean Access. There prices were lower than what my Cisco Rep. had given me. A good link for information is: http://www.cisco.com/en/US/products/ps6128/, for starters. As far as performance questions and the like, let me know, I have dug into this quite a bit, and have an enormous amuont of information about the product.

Good Luck,

Matt

akharb
Level 1
Level 1
In response to matt.austin

‎01-04-2006 08:53 AM

Hi Matt,

I do have some requirements for 4000+ users. How can I speak to you about the performance requirements and the deployment mode for such a scenario.

0 Helpful

nchong
Level 1
Level 1
In response to akharb

‎01-08-2006 08:23 PM

Hello!

CAS performs up to 1Gbps throughput with gig interfaces on eth0 and eth1. Eech CAS can support up to 1500 users (our recommended number).

a. The user count is concurrent number of users, not total number of users.

b. CCA has been deployed in many environments with over 5000 concurrent users. Multiple CASes are deployed in such a network. Mutilpe CASes can be centrally located in the distribution or even the core switch layers.

c. CCA can support the concurrent users for L2 users or L3 multi-hop users.

Regards,

Nick

0 Helpful

charles.diebold
Level 1
Level 1
In response to akharb

‎01-26-2006 06:38 AM

If anyone has any thoughts or suggestions send them our way please.

We are currently trying to implement the NAC appliance as well and are having "problems" putting it mildly. Even working with TAC we have come up short.

The scenario is a campus environment with one central 6509 distributing VLAN's for the campus. What they are requesting is 2 VLAN's to be forced to go through the applaince. We have configured device in a virtual gateway mode.

The problems we see are:

1. we get a DHCP address and get forced to the appliance O.K. but from there we can not get to any websites or even ping the DHCP server we got the address from.

2. The clean access download process from the appliance is modem speed slow. 12 - 20k. (Duplex and speed setting have been checked)

Any suggestions or guidance would greatly be appreciated.

0 Helpful

ryanwilhelm
Level 1
Level 1
In response to charles.diebold

‎07-12-2006 03:54 AM

Charles,

Did you ever make any headway on the issues you were having? We have an identical set up and I want to avoid these types of issues. Thanks!

0 Helpful
Customers Also Viewed These Support Documents