user manual

Chapter 30 Network Admission Control

Create NAC Tab

30-10

Cisco Router and Security Device Manager 2.5 User’s Guide

OL-4015-12

Agentless Host Policy

If a policy for agentless hosts exists on the Cisco Secure ACS server, the router

can use that policy to handle hosts without installed posture agents. This method

of handling agentless hosts can be used as an alternative or as a complement to a

NAC exception list. If you are using the NAC wizard and you do not need to

configure an agentless host policy, you can click Next without entering

information in this window.

Authenticate Agentless Hosts Check Box

Check this box to indicate that you want to use the agentless hosts policy on the

Cisco Secure ACS server.

Username and Password Fields

Some Cisco IOS software images require that a username and password be

supplied along with the request to the Cisco Secure ACS server. If this is required,

enter the username and password configured on the Cisco Secure ACS server for

this purpose. If the Cisco IOS software image does not require this information,

these fields do not appear.

Configuring NAC for Remote Access

Configuring NAC for remote access allows you to modify the ACLs that NAC

configuration creates so that they will permit Cisco SDM traffic. Specify the hosts

that must be able to use Cisco SDM to access the router.

Enable Cisco SDM Remote Management

Check this box to enable Cisco SDM remote management on the named interface.

Host/Network Address Fields

If you want Cisco SDM to modify the ACL to allow Cisco SDM traffic from a

single host, choose Host Address and enter the IP address of a host. Choose

Network Address and enter the address of a network and a subnet mask to allow