Episode Information
Episode Name: Episode 19 - Troubleshooting the NAC Appliance
Contributors: Nevin Absher, Blayne Dreier, Jay Johnston, Magnus Mortensen
Posting Date: May 10, 2011
Description: This episode focuses on the Network Admission Cont...
What hardware makes up Cisco’s NAC solution?On Cisco’s network security solutions Web page, you’ll find the following list of Cisco technologies, all of which play a part in the complete Cisco NAC solution:Advanced Services for Network SecurityCisco ...
Hi Golly,Hopefully I don't confuse you more as I try to explain this. The issue is actually seen with anything where L2 vlans are bridged (NAC, FWSM, IDS). If you're bridging 2 L2 vlans, and both have an SVI, the mac address for the RP is injected ...
Hey Adrian,You may want to look at the logs to see why it is giving an error when you try to start it. Normally it's something easy like time skew. Changing the untrusted IP shouldn't cause any problems with the SSO service.On 4.1.x check /perfigo/...
Hi,A CAS can be configured to support L2 and L3 users at the same time, but it can only be either In-Band or Out of Band. VPN users are only supported with an In-Band CAS.So unfortunately for your situation you would either need to add a second CAS,...
Hello,The problem you are seeing is because of the Self entries on each ACS being set to 127.0.0.1. For replication to work you have to set all 4 ACS entries to the same shared secret, even the Self ones. The issue is when you try to change those e...