NAC question

From: Noel Debouver III (noeldebouveriii@yahoo.com)
Date: Fri Jan 05 2007 - 20:06:15 ART

• Next message: Mike O: "Private-vlan config"
• Previous message: Noel Debouver III: "802.1x Interpretation"
• Next in thread: Ivan: "Re: NAC question"
• Maybe reply: Ivan: "Re: NAC question"
• Maybe reply: Noel Debouver III: "Re: NAC question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Users from VLAN_20 going to VLAN_22. Configure R2 to authorize them on radius
server at 10.1.1.1 and check the last antivirus updates.
 
I'm thinking:

aaa
new-model
aaa authentication eou default group radius
ip admission name AV
eapoudp

int F0/2
ip access-group 101 in
ip admission AV

access-list 101
permit udp any any eq 21862
access-list 101 deny ip any any

radius-server
host 10.1.1.1 key CCIE

By the way I researched my answer from a white paper
by Cisco on NAC. So I am not sure if port 21862 is just for CA or is it in
general?

Any ideas.

Would you do it diffently, why or why not?

• Next message: Mike O: "Private-vlan config"
• Previous message: Noel Debouver III: "802.1x Interpretation"
• Next in thread: Ivan: "Re: NAC question"
• Maybe reply: Ivan: "Re: NAC question"
• Maybe reply: Noel Debouver III: "Re: NAC question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu Feb 08 2007 - 23:46:55 ART