cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3260
Views
0
Helpful
1
Replies

NAC with CTA and VPN Concentrator, Does not detect CTA client

asbjornlp
Level 1
Level 1

Hello.

We are trying to get the latest Cisco Trust Agent 2.0.0.30 to work with VPN. Cisco VPN client is version 4.8.00.0440, and the Concentrator is 3030, running software version 4.7.2e.

Connecting the computer to a switchport works great, both L2 and L3. But when starting the VPC client, I get authenicated but it seems like no EAPoUDP is sent/received, so it gets status clientless or non-responsive/unknown client.

Any tips on what could be wrong?

I've seen a couple of other simular questions on this forum, but no responds to it.

All filters are open on the concentrator, and no ACLs that is blocking.. And no firewall on the computer!

Regards,

Asbjørn Prøis

1 Reply 1

asbjornlp
Level 1
Level 1

Hello again.

After som sniffing and debugging we found out that the computer gets a route to the concentrator, making it send the EAPoUDP packets outside the VPN-tunnel. route delete'ing it made a difference.

Now we see the EAPoUPD packets beeing sent and received (by sniffing om the computer).

Looking at the logs on the concentrator we now have this error :

http://www.cisco.com/cgi-bin/Support/Errordecoder/index.cgi?action=search&counter=0&paging=5&query=NAC/11

One step further at least.. Any ideas?

Regards,

Asbjørn Prøis

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: