Specifications
Contents
15
Cisco NAC Appliance - Clean Access Manager Configuration Guide
OL-28003-01
SNMP 13-13
Enable SNMP Polling/Alerts 13-14
Add New Trapsink 13-15
SNMP on Individual CAS 13-18
Add New Trapsink to CAS 13-19
Administering the CAM 14-1
Overview 14-1
Network 14-2
Failover 14-4
Set System Time 14-5
Manage CAM SSL Certificates 14-7
SSL Certificate Overview 14-7
Web Console Pages for SSL Certificate Management 14-8
Typical SSL Certificate Setup on the CAM 14-9
Phase 1: Prepare Your CAM and CAS for the Certificate Signing Request (CSR) 14-9
Phase 2: Prepare your CAM and CAS For CA-Signed Certs (Production Deployment) 14-9
Phase 3: Adding a New CAM or CAS to an Existing Production Deployment 14-10
Generate Temporary Certificate 14-11
Generate and Export a Certification Request (Non-FIPS CAM Only) 14-12
Manage Signed Certificate/Private Key 14-14
Import Signed Certificate/Private Key 14-14
Export Certificate and/or Private Key 14-16
Manage Trusted Certificate Authorities 14-16
Import/Export Trusted Certificate Authorities 14-18
View Current Private Key/Certificate and Certificate Authority Information 14-19
Troubleshooting Certificate Issues 14-21
HA Active-Active Situation Due to Expired SSL Certificates 14-21
No Web Login Redirect/CAS Cannot Establish Secure Connection to CAM 14-22
Private Key in Clean Access Server Does Not Match the CA-Signed Certificate 14-23
Regenerating Certificates for DNS Name Instead of IP 14-23
Disabling Administrator Prompt for Certificate on IE 8 and 9 14-23
Certificate-Related Files 14-24
System Upgrade 14-24
Licensing 14-25
Policy Import/Export 14-28
Policy Sync Policies 14-28
Policies Excluded from Policy Sync 14-29
Example Scenarios 14-29