Specifications

ManualsBrandsHP ManualsComputer equipment3350 - Cisco NAC Appliance

141

142

143

144

145

146

147

148

149

150

3-54

Cisco NAC Appliance - Clean Access Manager Configuration Guide

OL-28003-01

Chapter 3 Switch Management: Configuring Out-of-Band Deployment

Configure OOB Switch Management on the CAM

–

Access VLAN—Access VLAN of the client.

A value of “N/A” in this column indicates the Access VLAN ID is unavailable for the client.

For example, if the user is switched to the Auth VLAN but has never successfully logged into

Cisco NAC Appliance (due to wrong user credentials), this machine will never have been to the

Access VLAN.

–

Last Update—The last time the CAM updated the information of the entry.

See Out-of-Band Users, page 3-68 for additional details on monitoring Out-of-Band users.

Manage Switch Ports

Once a switch is added, the Ports and Config tabs/pages only appear after a switch is added to the OOB

Management > Devices > Devices > List.

The Ports page is the central point of management for the ports on a switch. You can apply Port profiles

to individual or multiple ports, change VLAN settings, bounce ports, and apply all changes to the switch

configuration.

Switch ports that are not connected to clients typically use the unmanaged port profile. Switch ports

connected to clients use managed port profiles. After switch ports are configured and the settings are

saved by clicking the Update button, the switch ports need to be initialized by clicking the Setup button

when the switch supports MAC notification.

Cisco NAC Appliance provides OOB support for Cisco IP Phone deployments where the port is a trunk

port and the native VLAN is the data VLAN. The CAM can manage switch trunk ports in addition to

switch access ports.

Note Because Cisco NAC Appliance can control switch trunk ports for OOB (starting from release 3.6(1)+),

make sure the uplink ports for managed switches are configured as “uncontrolled” ports after upgrade.

This can be done in one of two ways:

• Before upgrading, change the Default Port Profile for the entire switch to “uncontrolled” under

OOB Management > Devices > Devices > List > Config[Switch_IP] > Default Port Profile |

uncontrolled

• After upgrading, change the Profile to “uncontrolled” for the applicable uplink ports of the switch

under OOB Management > Devices > Devices > List > Ports [Switch_IP] | Profile

This prevents unnecessary issues when the Default Port Profile for the switch has been configured as a

managed/controlled port profile.

Ports Management Page

The Ports management page populates information for all Ethernet ports on a switch (see Figure 3-34

and Figure 3-35) according to the information the Clean Access Manager receives from direct SNMP

queries. For example, if a switch added to the CAM has 24 Fast Ethernet ports and 2 Gigabit Ethernet

uplinks, the Ports tab will display 26 rows, with one entry per port. Trunk ports configured on the switch

are distinguished by blue background on the Ports page, and VLAN values for these ports refer to the

trunk port native VLAN.