cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
743
Views
0
Helpful
2
Replies

NAC server in Remote location from CAM

Hi,

I am configuring NAC manager and two nac servers in my company. The CAM and one of the CAS is located in our head office. The second CAS is located in our branch office. The second CAS (remote to CAM) will control only the local users in remote office. I can get the CAM and all CASes talking to each other, but the agents in the remote location cannot see the local NAC and therefore cannot authenticate on the local CAS. I am using In-Band Virtual Gateway deployment. The agents in the head office have no problems and can authenticate succesfully. The CAS in the Remote office is L2 adjacent to the agents so the configuration should be same with the head office setup?? or I am missing something here? There is no restrictions between the two offices and all the ports and traffic is open between the two sites.

Has anyone got an idea?? Do I need to configure my routers to pass any ARP queries to the CAM?

Thanks,

Tugs

2 Replies 2

Tarik Admani
VIP Alumni
VIP Alumni

What is your discovery host set to if it is set to the hostname of the CAM are their dns servers able to resolve the discover host? Also are the clients able to get redirected to the login page if you try www.google.com?

Thanks,

Tarik

Hi Tarik,

Thanks for your response!!!

I have resolved the issue. It wasn't a configuration issue. I resolved the issue by replacing the switch, which the CAS is connected in remote office. I was using a quite old switch (cisco 3550) and replaced it with 3560 switch which fixed the issue.

I found out that there is a compatibility issue between the CAS and 3550m switches. If the CAS and the client are connected to the same 3550 switch, the switch breaks the communication between the CAS and the client. So, BE AWARE.

Cheers,

Tugs

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: