Manualshelf

Specifications

ManualsBrandsHP ManualsComputer equipment3350 - Cisco NAC Appliance
151152153154155156157158159160
3-64
Cisco NAC Appliance - Clean Access Manager Configuration Guide
OL-28003-01
Chapter 3 Switch Management: Configuring Out-of-Band Deployment
Configure OOB Switch Management on the CAM
Note Because Cisco NAC Appliance OOB can control switch trunk ports, when upgrading, make sure
uplink ports for managed switches are configured as “uncontrolled” ports. You can do this before
upgrade by making sure the Default Port Profile for the entire switch is “uncontrolled” here, or,
after upgrade you can change the Profile to “uncontrolled” for the applicable uplink ports of the
switch under OOB Management > Devices > Devices > List > Ports [Switch_IP] | Profile (see
Ports Management Page, page 3-54). This will prevent unnecessary issues when the Default Port
Profile for the switch has been configured as a managed/controlled port profile
Description—Optional description of the switch. To change this field, type a new description and
click Update.
Advanced
Use the Advanced Config page (Figure 3-38) to view or configure which SNMP trap notification type
the CAM SNMP Receiver will use for a particular switch.
MAC Notification—If a switch supports MAC Notification, the CAM automatically enables this
option.
Note To support a variety of switch configurations, Cisco NAC Appliance supports switches using
both MAC Change Notification and MAC Move Notification traps.
Linkup Notification—If a switch does not support MAC Notification, the CAM enables the Linkup
Notification option instead. In this case the administrator can optionally enable Port Security on
the switch if the switch supports this feature. See Port Security, page 3-65 for additional details.
If a switch supports both MAC Notification and Linkup Notification, the administrator can
optionally disable MAC notification by selecting Linkup Notification instead and clicking Update.
Figure 3-38 Advanced Config
Linkup/linkdown is a global system setting on the switch that tracks whether a connection has
non-operating or operating status. With the linkup/linkdown trap method, the Clean Access Manager
must poll each port to determine the number of MAC addresses on the port.
Linkdown Traps
A client machine shutdown or reboot triggers a linkdown trap sent from the switch to the CAM (if
linkdown traps are set up on the switch and configured on the CAM via the Port profile). Thereafter, the
client port behavior depends on the Port profile settings for that specific port.
Whether the SNMP receiver is configured for MAC notification or linkup, the CAM uses the linkdown
trap to remove users. For example, the linkdown trap is used if: