Solved: Re: UDP 8905 traffic to default GW

shaffeelAhmed · ‎08-25-2010

Hi

I have NAC deployed in L2 OOB VGW mode and everything works fine. We see the FWSM , which has the L3 interface for the access VLAN, bombarded by UDP port 8905 traffic. I believe this is happening even after the PCs have changed to access VLAN (as I can see them in the online users list and their switchport is in Access VLAN. Is this normal and how can we stop it from happening? I have the discovery host set to default which is the CAM IP which ofcourse is on a separate subnet. Please let me know

Thanks

Shaffeel

Faisal Sehbai · ‎08-25-2010

Shaffeel,

You are correct on both counts.

HTH,

Faisal

View solution in original post

Faisal Sehbai · ‎08-25-2010

Shaffeel,

Agents are designed that way to send out traffic on port 8905 every 5 seconds. This is so when the agent is in the Auth VLAN, the CAS can 'sense' the agent and ask for authentication, so yes, it's a nuisance, but working as designed.

HTH,

Faisal

shaffeelAhmed · ‎08-25-2010

Faisal

Thanks for your response. So just to confirm, even after authentication and posture assessment is complete, the agent tries to send these packets every 5 seconds? There is no way to stop this behaviour?

Shaffeel

Faisal Sehbai · ‎08-25-2010

Shaffeel,

You are correct on both counts.

HTH,

Faisal