NAC question for In-band mode

Hi All,
I want to implement a NAC appliance for a small network of users that connect directly to non-Cisco switches.
As I understand, my only option is to deply NAC in in-band mode, in this way it does not matter which switch I use because the traffic will just pass through and get to the NAC appliance, is this correct?
Thank you!

Correct. In in band mode (Real IP or Virtual Gateway) All traffic passes through the CAS (There is a good webcast on CCO detailing exactly how to setup both options)see link below.
Regards
Colin
http://www.cisco.com/en/US/prod/collateral/vpndevc/ps5707/ps8418/ps6128/prod_presentation0900aecd80549168.html

Similar Messages

  • Facts and Figures - A Question for the Forum Mods

    A bit of a daft question for which I am sure the Forum Mods can provide an answer.
    How many folks were registered on the old forum and how many on the new one?
    I just want to put something BT Chairman Sir Michael Rake wrote to BT shareholders this month into context.
    "To forbid us anything is to make us have a mind for it."
    -- Michel de Montaigne, Essays, 1559

    Naughty naughty General - they dont do "daft" on this forum, you should know that.  
    "You may well think that, I'm afraid I could'nt possibly comment"
    Francis Urqhuart, who was never known by his initials to his friends. 
    AQ.
    "Welcome to Royston Vasey - You'll never leave."

  • Ridiculously simple audio editing question for Garage Band

    Ok, so this is really a fundamental
    question. It concerns editing technique.
    In analog mixing, the editor put
    the sounds to be saved in the right
    places on each of several tracks --
    narration, sound effects, lip sync,
    music, etc. The tracks were then
    all locked together and the mixer
    adjusted the volumes to either save
    or reject audio information.
    A blank master received the information
    and that was your final product,
    in sync, sprocket by sprocket, with
    the video.
    My question, then, is, how do you
    do it in digital multitrack such as
    Garage Band? Are you aiming to have
    4 or 5 tracks all level controlled
    or do you simple erase unwanted
    sound, or what exactly do you do,
    in post production? If you are going
    to do a voice over, then you have to
    do a mix at some point, not just a
    cut and paste. What's the philosophy,
    if you don't mind my asking?
    Thanks,
    Ed

    Wow... you gave me flashbacks to a movie soundtrack I scored, with separate reels of tape all synced up and whirling away for final mixdown!
    To answer your question as best I can in a paragraph or two, digital mixing is unlimited compared to analog. Whereas tape has a physical limit, you can always add another digital track (there are limitations to digital, but they are becoming harder to reach as systems become increasingly powerful). So no need to erase. Editing is also a breeze. Digital tracks are endlessly malleable, with virtually every parameter available for automation.
    Sometimes you might mix down to stems or mix everything down to a stereo master (or alternative mixes) for post production. Similarly, in post, they can deal with huge numbers of digital tracks from different sources.
    In terms of a professional workflow, Logic is the more typical choice over Garageband, and includes a number of features designed for scoring to picture: variable sample rates, frame rates, etc.
    Gain staging in digital recording is different than in analog, and it requires a different approach to achieve excellent sounding results. But the digital workflow is so much more flexible, forgiving, and economical, that it has been the death-knell for the analog workflow. Infinite bussing, routing, mixing, comping, storing, stemming... infinite possibilities, really!

  • Recording questions for garage band

    Hi I thank you in advance for your help, advice or direction in assisting me correct my lack of knowledge.
    I recently purchased a macbook and it came with garageband and frankly I love this program!!
    I am having a little trouble though with my vocals, I am using a behringer eurorack (the small one) to phantom power my condenser mic and it's plugged directly into my macbook using the typical rca jack. I seem to be getting sort of some distorted really deep vocals out of this. Like instead of recording my energy it's more drowned out kinda layered below the beat. I am not sure what setting I should use for my mixer and the computer. I keep my lows, mids, and hi's kinda half way up on the mixer, my gain is all the way down and my mic output level is a few notches up maybe four bars or so. On garage band I have the mic volume set up almost as high as it can go. Any idea on how I can try to get my mic to sound as normal as possible? Levels you can recommend perhaps..
    Man I owe you guys alot... i'm very appreciative of the help thus far.. Thank you all.

    Then we've ruled out the chance that you were still recording with your internal mic (it happens more often than you'd think!)
    I would suggest turning up the mids and highs if the tone is too deep. Also you should have your gain as high as you can get it without clipping (i.e. before the signal goes into your computer)

  • NAC Appliance for Wirelles In-Band Virtual Gateway

    Hi, People.
    Does anybody know as configuring NAC Appliance for Wirelles In-Band Virtual Gateway.
    Tks.

    Hi Wemerson,
    Basic Wireless or Wired InBand is basically the same thing regarding the NAC configuration.
    Please follow the chalk-talks available online: http://www.cisco.com/en/US/prod/collateral/vpndevc/ps5707/ps8418/ps6128/prod_presentation0900aecd80549168.html.
    Notes:
    - In Inband all traffic MUST flow through the CAS, which means that al the traffic on the VLAN of the wireless client MUST flow through the CAS. This can be done via L2 mechanisms (VLAN restrictions) or L3 (routing).
    - For the CAS, it is transparent if the client traffic comes from a wireless client or wired client.
    - If you want to use wireless sso, you can configure the WLC the same way as a VPN concentrator. the Wlc will then send RADIUS Accounting information to the CAS and the CAS can allow clients to access resouces if they have already been authenticated by the WLC.
    HTH,
    Tiago
    If  this helps you and/or answers your question please mark the question as  "answered" and/or rate it, so other users can easily find it.

  • NAC in Inband L2 Virtual mode

    Dear Experts,
    I m planning to implement NAC INBand virtual mode,as if i have HP and cisco switches in my network,I have read the installation guide and cisco press book for NAC,as if now i want confirmation from you'll experts the step by step procedure to setup NAC,
    As  i thought to post because many of you'll have implemented NAC for several times so the general steps to start,as i m going to do antivirus update and windows update for the host posture assessment,
    NAC in Inband L2 Virtual mode
    About my thinking for Implementation is :
    create authentication vlan on access switches,(no SVI for authentication vlan)
    Do authentication mapping and actual user vlan mapping in NAC,
    create a rule such as windows update and antivirus update and then requirement is to access the antivirus server and windows update server,
    allow Access-list for all the user vlan to go these antivirus and windows update server BUT these ip's will be the actual vlan IP subnet because we will not have any authentication subnet in DHCP ???????   Correct me if i m wrong.
    Shift the users from actual vlan to authentication vlan,
    Configure managed subnet for the reply of DHCP request
    Enable L3 and setup static routes
    Manually go on each and every PC to open a browser so that it will be redirected to install NAC agent, IS THERE any other way TO INSTALL NAC AGENT IN 1000 WINDOWS MACHINE, MINE SYSTEM ADMINISTRATOR ARE NOT VERY SMART,SO PLEASE ANY SOLUTION WITHOUT ANY HELP OF SYSTEM ADMINISTRATOR?????? IT WILL BE HIGHLY APPRECIABLE.
    The point above i have worte,, that is what i think NAC is  any other point's if i m missing please plese please advice me.or give proper guidance.

    Hi,
    1. This is correct. Auth VLANs shouldn't have SVIs anywhere on the network
    2. Okay
    3. Okay. For posture assessment, look at chalktalk 5 from this link: http://bit.ly/chalktalks
    4. For a L2 VGW setup (assuming In-Band), you will only have one set of IP addresses to work with, and those would be the Access VLAN IP addresses. You don't get a different IP address in your Auth VLAN. You can limit the resources you want your clients to have access to by tweaking the Traffic Policies
    5. You would map the users, and you do that by defining the VLAN mappings
    6. For L2 deployments, you will need managed subnets for all the IP subnets that you work with.
    7. You don't need static routes for L2 deployments
    8. If your clients are using any managed software system, like GPOs using AD, or SMS, or Altiris, you can push out the agent to them using those mechanims.
    HTH,
    Faisal

  • NACE Configuration for Purchase order output "Title Text"

    Hello Gurus,
    I have a small question, Is it possible to make dynamic Document title when sending purchase order email to vendor.
    I have checked configuration in NACE where for each output type where you can maintain "Mail title and Texts". For example if your output type is Email then you can maintain document title text as "Purchase order Email".
    Our requirement is to put purchase order name in document title i.e. when vendor receive email in their inbox it says purchase order number.
    Please advise.
    Thank you
    Ritesh

    Thanks Jurgen. This note helped us.
    Best Regards
    Ritesh

  • I have created a .png logo to use on my video. It has it's own storyline so the logo is shown overthe whole video. Do I need to composite the logo storyline to the main storyline before exporting? Same question for the audio storyline.

    Final Cut Pro 10.0.8
    I have created a .png logo to use on my video. It has it's own storyline so the logo is shown over the whole video. Do I need to composite the logo storyline to the main storyline before exporting? Same question for the audio storyline.

    Try:                                               
    - iOS: Not responding or does not turn on           
    - Also try DFU mode after try recovery mode
    How to put iPod touch / iPhone into DFU mode « Karthik's scribblings
    - If not successful and you can't fully turn the iOS device fully off, let the battery fully drain. After charging for an least an hour try the above again.
    - Try another cable                     
    - Try on another computer                                                       
    - If still not successful that usually indicates a hardware problem and an appointment at the Genius Bar of an Apple store is in order.
    Apple Retail Store - Genius Bar
    The missing apps could have been done by setting the Restrictions that can hid those apps. If the backup was made with those retrictions set the the Restrictions are also restored.
    Thus, if you get it to work restore to factory settings/new iPod, not from backup                               
    You can redownload most iTunes purchases by:        
      Downloading past purchases from the App Store, iBookstore, and iTunes Store

  • Question about using blending modes when cloning

    Hi I want to clone on a blank layer above the background layer. I have the tool set to curent and below and the blank layer is set to normal blending mode.  I want the cloning to be in darken blending mode. I change the blending mode of the clone stamp tool to darken. Will that work on a blank layer that is set to normal or is it necessary to also change the blending mode for the blank layer to darken as well? Thanks for your help.

    Well thanks. It's not just a portion of the image that I want to clone on using different blend modes, but the entire image. I didn't want to duplicate the background to clone on as it adds a lot in size to the image and its harder to edit out incase I make a mistake. Guess I will have to have two layers, one set to lighten and one to darken. I wish that Adobe would make photoshop work in the next version so that you could just change the blending mode of the clone stamp tool in the tool bar. Wasn't it like this in versions before CS5?
    So I have another question for you. Can I use the healing brush on lighten and darken blending modes on a blank layer set to normal with sample current and below selected? Or do I have to switch between two separate layers, one set to lighten, one set to darken?
    Thanks again.

  • 64 bits question for mac pro users

    Hi,
    I am actually in the process of buying a new Mac Pro and I would like to know if someone here could help me to understand what's going on with the 64 bits mode thing on the mac pro.
    I have a mac pro 1,1. Now I am using SL, but ML is out for a while. I use Logic 9 and most of my plugins supports the 64 bits mode, but I am sticked to the 32 bits mode.
    First question: Is it right to think that going for 64 bits mode computer now will greatly improve the performances and internal memory management on Logic in 64 bits mode with plugins in 64 bits mode?
    Second question: Looking at the wiki page for the mac pro (http://en.wikipedia.org/wiki/Mac_Pro#Specifications), I understand that the 5,1 model is fully 64 bits compatible, but what about the 3,1 and 4,1 models? Are they fully 64 bits compatible if they are upgraded to ML? Why is the kernel not 64 bits?
    I would like to buy a used mac pro, which would fit better in my budget right now. But, I am looking for better performances and a 64 bits mode of operation, and these are my priorities right now.
    Thanks for your time to help me.
    Martin

    Yes. And no.
    Use all 8 DIMM slots. Result = 17% boost over not.
    Use 667MHz 2GB DIMMs = 4% slower (not noticed real world, Barefeats also).
    Yes you can't use 8GB DDR3 etc.
    I thnk that the issues wtih ML and Lion, the issue witrh some PCIe cards not working, not being bootable, and that it was the first to try to implement the new EFI and SMC in 3 yrs - are bigger issues.
    And the cost of system even now is too high without taking into account: RAM, will I need to upgrade the video card it came with? before I can use it.
    Yes. Penny wise and pound foolish over 4 yrs old model now (will turn 5 in February) and was first booted by Intel in November 2007.

  • TOP questions for Eseries devices - not so new!

    Just noticed that the thread titled:
    TOP questions for Eseries devices - start here [new]
    Really isn't so new dated 30-Cot-2007 11:48 AM - last edited on 30-Oct-2007 11:48 AM
    The post suggests that the first thing to do is update to the latest version of software.
    Alas the last update for E72 was 27 October 2010 which is flawed!  I know as my phone has misbehaved since installing it and I see other users reporting similar if not the same issues here.
    *#0000# reports version 052.005.217.11
    Question - How does one down grade to previous version?
    The post then suggests "If you still experience problems, you can try if formatting your Eseries device helps. Format the device by dialling *#7370#. The device will request a security code, the default code is 12345 unless you have changed it."
    Well actually on the E72 this does nothing!  I Type in *#7370# and its displayed to me and nothing else happens.  If I enter *#0000# I get the version number so it seems the software/firmware does not understand the code above!
    I did try 'factory settings' option from one of the control panel menu's instead at some point of my misery but was surprised by just how little effect that had - many things were not reset.
    If your still reading, I thought I would share some steps I have found to sometimes help on E72 when it appears to hang / stall:
    1. Try holding down the home button and if the running applications bar is shown try closing the applications by pressing the delete (backspace) key.
    2.- If that fails try pressing the off button and selecting 'offline' mode - This sometimes works - if it does then try previous point before going back to an online mode such as 'general'.
    3. If that fails - try holding down the power button to turn device off - that sometimes works! But sometimes the keyboard lights simply stay on until the battery goes dead...
    4. Remove the battery wait a moment and then re-insert battery.  You may then have to enter the time and date. Do check your alarms - during GMT I noticed all my alarms would have incremented by an hour!  Not seen this since BST started.

    Very strange - or perhaps not that strange but just another issue....  I tried the Hard Reset code again at this time it worked!!!  I'm now re-entering my details and remembering what I didn't back up   But if it fixes my issues it will be worth it.
    FYI from another fine post I found:
    FOR SOFT-RESET:
    - at Standby Screen type-in => *#7780#
    It will ask for “Restore all phone settings-phone’ll restart….”
    Then it asks for security code enter factory default => 12345
    FOR HARD-RESET:
    - at Standby Screen type-in => *#7370#
    It will ask for “Restore all phone settings-phone’ll restart….”
    Then it asks for security code enter factory default => 12345
    FOR FLASHING- TOTAL RESTORE: (Do this if your phone does not boot up)
    1) Remove the battery, and then wait for about 20 min or so before putting it back
    2) Press and hold these three keys together -Green dial key, Star key[*], Three key [3]
    3) switch ON the phone.
    4) Do not let go the three keys until you see the WELCOME screen displayed and just let it complete the boot process
    if this doesnt help contact Nokia Care Point-> http://europe.nokia.com/A4388379

  • Exchange 2013 Site Resilience - Basic questions for setup in two seperate AD Sites, same domain

    I am just getting ramped up with Exchange 2013 and have a friend that I am assisting with planning an exchange 2013 deployment for.  I am not asking for step by step directions for setup, just asking for a basic overview so I can dig in to this and
    assist.
    Goal is to have an exchange server, one in NC and one in Switzerland in an active/passive mode for site resilience.  Both servers will be multi role servers. 
    This is a small organization, less than 50 users and on a budget for equipment.  HQ is in NC and the server will have all roles installed on a single server. Switzerland will have only one Exchange server for fail over.  There is only
    one domain total with two AD Sites. 
    My questions for clarity -
    1. Can I create a Site resilient deployment with two Exchange Multi Role servers in these locations?
    2. Currently, the organization does not have a Load Balancer.  Will this be required? 
    3. They do not have a third location for a Witness Server, what issues could potentially happen if the witness sits in one of the two sites?
    4. Any other basics for this design are much appreciated.  I am reading a lot, however a little confused as I read through the requirements.
    Thanks for your input and direction!
    Wall

    Hi
    Please find below answers to your questions.
    1. Can I create a Site resilient deployment with two Exchange Multi Role servers in these locations?
    Yes
    2. Currently, the organization does not have a Load Balancer.  Will this be required? 
    No you don't need to have a load balancer. As you are setting up the infrastructure in Active / Passive mode you don't need a dedicated LB for this.
    3. They do not have a third location for a Witness Server, what issues could potentially happen if the witness sits in one of the two sites?
    The issue with the witness server in primary or DR site is if your witness server is not responding your DAG won't work properly (failover). If you don't have a 3rd site then you can setup a witness server in your primary site and Alternate witness server
    to your DR site.
    4. Any other basics for this design are much appreciated.  I am reading a lot, however a little confused as I read through the requirements.
    I would recommend to use Exchange sizing calculator and technet is the best resource for you :)
    Kindly mark this as answer if it fulfill your requirements. :)
    Regards, Riaz Javed Butt Consultant Microsoft Professional Services MCITP, MCITP (Exchange), MCSE: Messaging, MCITP Office 365

  • Can someone delete my post/question for me?

    I just recently generated my first question and accidentally, I posted the question twice creating a duplicate. When I posted, the next page didn't load and I went back in my browser and posted again. I should have checked that it was posted, but I didn't, so it got posted twice.
    Here is the URL for my post:
    http://discussions.apple.com/message.jspa?messageID=7537115#7537115
    Please don't delete it if there are replies, though! Thank you!

    *Hi ...test, Welcome* to Apple's Users Help Users Forums.
    In particular it looks like you have changed alias name as ...test does not show up in those links. I doubt the mods are going to bother hunting down who you were etc.
    Yes, starting a *new thread* is frowned upon. In some forums, Macfixit for eg, the mod will quickly pick the best one and quit the other one—maybe transfer over any responses. Mods = Hosts are not so quick on that in these Apple Forums.
    Reposts in a *given thread* happen all the time. Sometimes it's Apple's fault through a server glitch. Sometimes it's the poster's ISP's fault. If Poster sees it within 15 minutes they can edit it to "Oops double post. " and let it go at that. I recall recently seeing 3 in a row. Reader just scrolls past and goes on w life. No big thang. Don't loose any sleep.
    Good Luck, JP

  • Questions for Winamp Users on organizing files..

    I have a few questions for those who use Winamp to manage their music files on their player. And this may relate to WMP and CMS users too.
    . Does anyone know what the "Auto Fill" feature does and it's purpose? I tried it a few times and it deletes and adds certain files that I don't know of, even when i have my player sync'ed perfect to my Music Folder.
    2. I thought Syncing means that it will match everthing exact to the player and computer....yet when i use the WinAmp Feature I get duplicate files. Now I have noticed that I have to clear out my library on Winamp and rescan the main folder where i have all my music on the external HD so it won't get confused with the copies I have on my PC. Yet Syncing won't tell the difference. However the CMS sync function I definately like but I don't want to jump to different software to do certain things.
    Other than that I like using Winamp just like I loved CMS pre 2. Firmware upgrade.
    What are everyone else's opinions?
    REACT TO ME!!!!!!!

    Well, I don't really know the answers to your questions, as I sync all my music manually via Winamp. I do have a question of my own on the topic though, if you don't terribly mind ... ^_^
    I know in WMP, when you set the property "Band/orchestra/accompaniment" WMP would find that if it was present in a media file and instead of using the artist's name to create the folder structure (e.g. device\Artist\Album\file), it would place it in device\Accompaniment\Album\file. Does this work in Winamp, and furthermore, is there a way to rearrange the folder structure of the player, or at least move songs around by adding this tag to songs already on the player?
    Thanks...Message Edited by lt3-Hitomi on 04-06-2006 2:40 AM

  • HELP! I have some songs/interludes on my Garageband app on my Iphone. I was planning on using some for my bands album. Now my Iphone won't turn on and I'm being told to restore the phone. Have I lost all my Garageband songs?

    I have some songs/interludes on my Garageband app on my Iphone. I was planning on using some for my bands album. Now my Iphone won't turn on and I'm being told to restore the phone. Have I lost all my Garageband songs?

    Hi NWL1,
    Thanks for the question. If I understand correctly, the iPhone won't update and is stuck. I would recommend that you read this article, it may be able to help you resolve or isolate the issue.
    If you can't update or restore your iPhone, iPad, or iPod touch - Apple Support
    Thanks for using Apple Support Communities.
    Have a great day,
    Mario

Maybe you are looking for

  • Emailing photos as attachments rather than embedded in email text

    Hi I have set my mail preferences to send emails as plain text rather than RTF. Here is what happens Route 1) I export a photo from iphoto to my desktop, then open the Mail program, create a new email to my friend who uses Outlook on WIndows, and ATT

  • Question on Time Machine error log

    I have a program (Time Machine Error Log) that keeps track of the message log entries that occurr after you do a Time Machine backup. I am getting two messages each time Time Machine completes a backup. Here are the two message from the last log: Jan

  • Why is this so difficult ?

    We've just installed Flash Media Server, and we're trying to get a Flash 8 movie to get a stream of it. Server Configuration Standard default installation, nothing here has been changed apart from the location of the applications onto another physica

  • Optional Parameter without a value

    Hi, I'm using Discoverer 10g. Somebody knows what is passed when an optional parameter (a parameter which doesn't require a user to enter a value) is left without a value ? I didn't understand actually if is passed NULL, 'NULL', '',' '... I need to k

  • Reverse process of sales order

    Hi there: Here is my scenario,I had created sales order with customer A,and had done goods issue and billing,so next step is finance turn to release billing to accounting via vf02,at this time finance found that this order should be placed with custo