Does Cisco NAC support Wireless LAN?

Similar Messages

• Does Cisco NAC support for HP Switches

  Dear all,
                       the existing network has HP switches , is there any way i can deploy Cisco NAC solution here ?
  Pls revert .
  thanks ,

  Cisco NAC has lots of limitations, and surly this is one of them. But while I respect the fact that cisco will not support NAC on HP switches. It can work. And it will perform just fine, once you understand “Cisco NAC” and able to configure it for the first time, you will be able to support it without the need of TAC.
  The idea is that Cisco NAC sends commands to the switches on the network to apply specific access list or Vlan changes, since Cisco can only speak Cisco, it does not know how to tell other switches to do that. . The work around is that you would have the NAC running in in-line mode on your network, yes this will introduce a bottleneck, but that is the only way to do it. The NAC then will look at the traffic based on the MAC or IP and apply set of policies depending on the source or the destinations.
  Please do your research and look at other NAC solutions before you decide the best vendor to go with.

• Does Cisco NAC Support Continuous Posture Assessment ?

  Hi all,
  Cisco does not seem to support continuous posture assessment when running out of band or in band ? What I mean is after authentication during authorization phase I ve been assigned to a role and according to that role I receive a posture result, if that posture result is pass then Ive been evaluated as a healthy end point and receive a Certificate. Then the switchport that I am connected to gets assigned to the corporate VLAN. Afterwards till my certificate expires system will always think that I am healthy.
  Ive gone through 4.8 release notes, it still does not seem to be supported ?
  Any comments are appreciated.
  Dumlu

  I think this is mentioned in the release notes; did you check the following section?
  http://www.cisco.com/en/US/docs/security/nac/appliance/release_notes/48/48rn.html#wp1105597
  Regards
  Farrukh

• Does Apple TV support wireless connection to the new MacBook Pro retina in an extended display mode?

  Does Apple TV support wireless connection to the MacBook Pro retina display in an extended display mode? What is the output resolution and is sound also transmitted across?

  SB1983, by extended display do you mean mirror?  All MBP since early 2011 support it if they are running OS X 10.8 Mountain Lion.  The resolution will depend on your Apple TV (2 Gen is 720 and 3rd Gen 1080) and wifi, it will lose some quality but I find it minimal.  It does also mirror the sound.
  Jules

• Does the 4s support wireless emergency alerts?

  Does the 4s support wireless emergency alerts or do I need an app if so what app?

  The iPhone doesn't suport video input, only output. And HML seems to be for Android...
  You can use various screen mirroring apps to wirelessly display things on the phone.
  Otherwise, use Airplay or some other screen sharing method to display things on the HDTV

• Does the MX712 support wireless scanning using the MX Navigator EX v. 3.1.4 software?

  Does the MX712 support wireless scanning using the MX Navigator EX v. 3.1.4 software?
  When I attempt to scan wirelessly, it presents and error message asking if the scanner is turned off, or I need to have a USB connection to the laptop.
  Thanks - Joel

  Hi JoelAK,
  Wireless scanning is supported, however, it appears you are using the wrong version of MP Navigator EX.  The version that is appropriate for your device is MP Navigator EX VER. 5.1.0.  This application can be downloaded from our website.  
  On this site, be sure you have the most up to date drivers as well.  Once setup, try the scan again using the correct version of MP Navigator.
  Did this answer your question? Please click the Accept as Solution button so that others may find the answer as well.

• Inline Posture between Cisco ISE and Wireless LAN Controller

  Hi,
  I was looking into Cisco ISE solution for deploying NAC.
  I have a question about the network topology.
  In  the user guide documents of cisco ISE, it is written that for Wireless  LAN Controllers (WLC) and VPN devices, an additional server, Inline Posture, is needed.
  However, in the following integration document, there is not an inline posture between WLC and Cisco ISE server.
  https://supportforums.cisco.com/docs/DOC-18121
  I  want to know if Inline Posture is a requirement, if not a  requirement, what are the benefits of having it between Cisco ISE Server  and WLC.
  Thanks & Regards
  Sinan

  Hello,
  Please go through below mentioned links which might be helpful for you.
  http://www.cisco.com/en/US/docs/security/ise/1.2/user_guide/ise_ipep_deploy.html
  http://www.cisco.com/en/US/docs/security/ise/1.2/installation_guide/ise_deploy.html
  Best Regards,

• Does Cisco NAC Appliance deployment require CS-ACS?

  I've gone through all the partner training on the Cisco NAC appliance and mgmt station, and CiscoSecure ACS 4.0+ is mentioned just about everywhere in the user verification steps.
  If a customer does not have CSACS, or AAA for that matter (say in just a MS Exchange environment), the NAC appliances can still be used, correct?
  I'm assuming they can, but that leads to if any functionality/checks would be lost in that case, and if so, what?
  Anybody have any ideas on that?
  Thanks!

  Yes, you could use NAC with the local database for a client demonstration. This is actually my preferred method.
  Of course, you would lose the central management functionality which comes with ACS or a hook to Active Directory via KTPass (This command-line tool enables an administrator to configure a non-Windows Server 2003 Kerberos service as a security principal in the Windows Server 2003 Active Directory).
  Though by all means deploy NAC, even if you are simply want to demonstrate its functionality. Configure the authentication portion last, after your customer is happy with the demonstrated results.
  Hope this helps.

• Does Cisco ASA support android ?

  Dear all,
  Does Cisco ASA 5505 support android ? for smartnet phone and other systerm use anddroid.?
  Best Regards,
  Rechard

  Rechard,
  Just adding my two cents:
  ASA and Native L2TP-IPSec Android Client Configuration Example
  Android and L2TP/IPsec Clients
  AnyConnect Mobile License
  HTH.
  Message was edited by: Javier Portuguez

• NAC with Wireless LAN controller

  There are 10 VLANs coming out of wireless controller (trunk to L2 Switch).
  How do we implement NAC so that clients are forced to go to NAC instead of the L3 gateway?
  Thanks!
  Prasanna

  The CAS configurtaion guide will provide you more data related to your queries.Try configuring CAS which will resolve the issue.
  Refer the Clean Access Manager Installation and Configuration Guide present in the following url:
  http://www.cisco.com/en/US/docs/security/nac/appliance/configuration_guide/413/cam/413_cam_book.html
  Refer the Clean Access Server Installation and Configuration Guide present in the following url:
  http://www.cisco.com/en/US/docs/security/nac/appliance/configuration_guide/413/cas/413_cas.html

• Does cisco router support "tcp reset" mesg when the traffic blocked by access lit ?

  hi ,
  im trying to know if i  blocked a destination with an access list on cisco.
  can i make "tcp-rest " to that connection instead on dropping it ??
  i belive it supported on ASA appliance , but not sure if supported on cisco routers.
  im trying to migrate from linux router to cisco router and apply the same config , one of the challenging task is , i have 
  "reject-with=tcp-reset"
  im wondering if i can do it on cisco router
  waiting ur responce
  regards

  One of the things that keeps me engaged with these forums is that they challenge me and give me opportunities to learn new things. My initial reaction to your question about IPS on IOS router was to say that this is not supported. But I did some research and find that apparently IPS functionality is now supported on some (but not all) of Cisco IOS routers. See this link for additional detail:
  http://www.cisco.com/c/en/us/products/collateral/security/ios-intrusion-prevention-system-ips/product_data_sheet0900aecd803137cf.html
  HTH
  Rick

• Does Cisco 7600 Support QPPB with QoS?

  Hi,
  The BGP routes can successful marks an IP precedence values by QPPB. But the QoS seems is not working when match the IP precedence. 
  Any help is much appreciated!
  class-map match-all Prec-3
   match access-group 20
   match precedence 5
  class-map match-all allow
   match access-group 20
  policy-map Meter
   class Prec-3
   class allow
  interface GigabitEthernet9/0/0
   ip address 20.20.20.1 255.255.255.0
   media-type rj45
   speed 1000
   no negotiation auto
   bgp-policy destination ip-prec-map
  interface GigabitEthernet9/0/1
   ip address 10.10.10.1 255.255.255.0
   media-type rj45
   speed 1000
   no negotiation auto
   service-policy output Meter
  router bgp 100
   table-map QPPB
   bgp log-neighbor-changes
   network 200.200.200.0
   neighbor 10.10.10.2 remote-as 200
  ip forward-protocol nd
  ip as-path access-list 100 permit 200$
  access-list 20 permit 200.200.200.1
  route-map QPPB permit 10
   match as-path 100
   set ip precedence critical
  Router# show ip bgp
  BGP table version is 3, local router ID is 20.20.20.1
  Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
                r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
                x best-external, a additional-path, c RIB-compressed,
  Origin codes: i - IGP, e - EGP, ? - incomplete
  RPKI validation codes: V valid, I invalid, N Not found
       Network          Next Hop            Metric LocPrf Weight Path
   *>  100.100.100.0/24 10.10.10.2               0             0 200 i
   *>  200.200.200.0    0.0.0.0                  0         32768 i
  Router#show ip route 100.100.100.0
  Routing entry for 100.100.100.0/24
    Known via "bgp 100", distance 20, metric 0
    Tag 200, precedence critical (5), type external
    Last update from 10.10.10.2 1d06h ago
    Routing Descriptor Blocks:
    * 10.10.10.2, from 10.10.10.2, 1d06h ago
        Route metric is 0, traffic share count is 1
        AS Hops 1
        Route tag 200
        MPLS label: none
  Router#show policy-map interface
   GigabitEthernet9/0/1
    Service-policy output: Meter
    Counters last updated 00:00:01 ago
      Class-map: Prec-3 (match-all) 
        0 packets, 0 bytes
        5 minute offered rate 0000 bps
        Match: access-group 20
        Match:  precedence 5
      Class-map: allow (match-all) 
        0 packets, 0 bytes
        5 minute offered rate 0000 bps
        Match: access-group 20
      Class-map: class-default (match-any) 
        3908 packets, 261198 bytes
        5 minute offered rate 0000 bps, drop rate 0000 bps
        Match: any
  Router#

  Command Accounting is a TACACS+ feature so not for ISE....yet.
  However, you can do the following to send commands to syslog and not including passwords (hidekeys). I just picked 200 commands/lines to store in the local command buffer/log. increase or decrease as you have memory.  The notify syslog is what sends it via syslog.
  conf t
  archive
  log config
  logging enable
  logging size 200
  hidekeys
  notify syslog
  end
  wr mem
  Remember, syslog is clear text  :-)  log away from user traffic when possible.  Or use TLS based syslog when possible.
  I hope you find this answer useful, if it was satisfactory  for you, please mark the question as Answered.
  Please rate post you consider useful.
  -James

• CISCO 350 Wireless LAN Module on Solaris

  I am running Solaris 8 (6/00) for Intel platform with xFree86 version 4.0.3 on my laptop. My CISCO 350 PCMCIA Wireless LAN module work cannot be used nor detected in Solaris. Can anyone help me with that?

  Are you running any other Vm's on the host server?
  Are they working? Did you enable your BIOS to support VM?
  Then with regards to the install make sure you follow the guide as it can get tricky.
  I forgot to add Promiscuous personally. Make double check you Network Backing. I am not running a VM anymore - just recalling where I had issues.
  http://www.cisco.com/c/en/us/support/docs/wireless/virtual-wireless-controller/113677-virtual-wlan-dg-00.html

• Oracle9iAS WE  Support for Wireless LAN Architecture?

  Hi All,
  Here is one basic question. Does Oracle9iAS Wireless supports Wireless LAN Applications? if so how it could be. can some body provide references to this topic..waiting for the positive response
  thanks & regards
  krishna

  Hi
  I have goen through the FAQ which we refereed, but it has little information. stating that yes, there is a support but there is no prrof of concept or some additional information. and one more thing, can i use my cell phone with Wireless LAN to connect ASWE. if so what would be the Application type. which sort of applications would be preferable. it might be looking out of this domain, but if it includes in ASWE then it would be a intresting point to think of.
  hoping for the positive reponse and thanks in advance
  thanks and regards
  krishna

• Why does Satellite L300-10Q not recognise a wireless lan

  This new laptop computer is working ok on a wired LAN but does not recognise a Wireless Lan. Got message that no networks can be found. In the same room with another Toshiba Laptop the wireless LAN is found and has a good signal strength.
  The switch for wireless LAN is turned on and "antenna" pictogram led is burning red.
  Seems that it is not configurated for detection. Any Idea how to solve this?

  Thanks for your reaction. But on the other working laptop several wireless access points can be "seen" in the area and on this laptop none. When wanting to contact a LAN it constantly refers to not a network cable connected and no wireless LAN access points can be seen unfortunately.
  The system it works on for both laptops is Vista Home edition premium. Checked if the system was not set on "off line" working; what else can be checked to know that automatic detection is set and that the system is looking for the wireless points ?
  greetz Tim