Specifications

ManualsBrandsHP ManualsComputer equipment3350 - Cisco NAC Appliance

121

122

123

124

125

126

127

128

129

130

3-38

Cisco NAC Appliance - Clean Access Manager Configuration Guide

OL-28003-01

Chapter 3 Switch Management: Configuring Out-of-Band Deployment

Configure OOB Switch Management on the CAM

Step 14 You can enable the Do not bounce port to generate Linkup trap if MAC address query failed

checkbox to wake up LAN devices or when you are using MAC-NOTIFICATION trap to discover

connected devices.

Port Profile Options when Device is Disconnected from Port

A device is considered disconnected after one of the following events occurs:

• User disconnects from network and CAM receives SNMP linkdown trap

• Administrator removes user from OOB users list

Figure 3-19 Options: Device Disconnected from Port

Step 15

To remove OOB users from the Out-of-Band Online Users list and determine VLAN assignments for

switch ports where client machines have disconnected from the network, you can configure the following

options:

• Remove Out-of-Band online user when SNMP linkdown trap is received, and then [do nothing

| change to Auth VLAN | change to Restricted VLAN]

Click this option to specify which VLAN the CAM assigns to a switch port after receiving a

linkdown trap from the switch when a client disconnects from the Cisco NAC Appliance network.

(See Advanced, page 3-64 for details on linkdown traps.)

–

If this option is checked and specifies to do nothing, when the client disconnects (causing a

linkdown trap to be sent), the switch port remains on the last VLAN assigned, or re-assigned to

the VLAN specified in the Change to [Auth VLAN | Access VLAN] if the device is certified,

but not in the Out-of-Band user list option.

Note If the client is not on the Certified Devices List, the client is put on the Authentication

VLAN.

–

If this option is checked and specifies to change to Auth VLAN, the CAM puts the switch port

on the Authentication VLAN after receiving a linkdown SNMP trap regardless of whether or

not the client is on the Certified Devices List.

–

If this option is checked and specifies to change to Restricted VLAN, the CAM either assigns

the switch port to a previously-configured VLAN Name (see Configure VLAN Profiles,

page 3-40 for more details), or to a specific VLAN ID number you enter in the text field that

appears under this setting. As with the change to Auth VLAN option, this VLAN assignment

takes place when the CAM receives a linkdown trap regardless of whether or not the client is on

the Certified Devices List.

• Remove other Out-of-Band online users on the switch port when a new user is detected on the

same port