Specifications

8-12

Cisco NAC Appliance - Clean Access Manager Configuration Guide

OL-28003-01

Chapter 8 User Management: Traffic Control, Bandwidth, Schedule

Add Global Layer 2 Ethernet Traffic Policies

Proxy Servers and Host Policies

You can allow users to access only the host sites enabled for a role (e.g. Temporary or Quarantine users

that need to meet requirements) when a proxy server specified on the CAS is used.

Note that proxy settings are local policies configured on the CAS using the CAS management pages, and

the following pages must be configured to enable this feature:

• Device Management > Clean Access Servers > Manage [CAS_IP] > Advanced > Proxy

• Device Management > CCA Servers > Manage [CAS_IP] > Filter > Roles > Allowed Hosts

(the Parse Proxy Traffic option must be enabled)

For complete details, see the Cisco NAC Appliance - Clean Access Server Configuration Guide, Release

4.9(x).

See also Proxy Settings, page 5-2 for related information.

Add Global Layer 2 Ethernet Traffic Policies

Note Layer 2 Ethernet traffic control only applies to Clean Access Servers operating in Virtual Gateway mode

where Layer 2 Ethernet Control has been enabled on the CAS configuration page.

You can configure traffic policies for all the default roles already present in the system (Unauthenticated,

Temporary, Quarantine). You will need to create normal login user roles first before you can configure

traffic policies for them (see Chapter 6, “User Management: Configuring User Roles and Local Users.”)

1. Go to User Management > User Roles > Traffic Control > Ethernet. The list of Layer 2 Ethernet

traffic control policies for all roles appears (Figure 8-2).

Figure 8-9 Layer 2 Ethernet Traffic Control Policies