Manualshelf

Specifications

ManualsBrandsHP ManualsComputer equipment3350 - Cisco NAC Appliance
51525354555657585960
2-2
Cisco NAC Appliance - Clean Access Manager Configuration Guide
OL-28003-01
Chapter 2 Device Management: Adding Clean Access Servers, Adding Filters
Working with Clean Access Servers
Working with Clean Access Servers
The Clean Access Server gets its runtime parameters from the Clean Access Manager and cannot operate
until it is added to the CAM’s domain. Once the CAS is installed and added to the CAM, you can
configure local parameters in the CAS and monitor it through the web admin console.
This section describes the following:
Add Clean Access Servers to the Managed Domain
Manage the Clean Access Server
Configure Clean Access Manager-to-Clean Access Server Authorization
Check Clean Access Server Status
Disconnect a Clean Access Server
Reboot the Clean Access Server
Remove the Clean Access Server from the Managed Domain
Troubleshooting when Adding the Clean Access Server
Note In order to establish the initial secure communication channel between a CAM and CAS, you must
import the root certificate from each appliance into the other appliance’s trusted store so that the CAM
can trust the CAS’s certificate and vice-versa.
For details on configuring local CAS-specific settings, see the Cisco NAC Appliance - Clean Access
Server Configuration Guide, Release 4.9(x).
Add Clean Access Servers to the Managed Domain
The Clean Access Server must be running to be added to the Clean Access Manager.
Note If intending to configure the Clean Access Server in Virtual Gateway mode (IB or OOB), you must
disable or unplug the untrusted interface (eth1) of the CAS until after you have added the CAS to the
CAM from the web admin console. Keeping the eth1 interface connected while performing initial
installation and configuration of the CAS for Virtual Gateway mode can result in network connectivity
issues.
For Virtual Gateway with VLAN mapping (In-Band or OOB), the untrusted interface (eth1) of the CAS
should not be connected to the switch until VLAN mapping has been configured correctly under Device
Management > CCA Servers > Manage [CAS_IP] > Advanced > VLAN Mapping.
See the Cisco NAC Appliance - Clean Access Server Configuration Guide, Release 4.9(x) for details.
To add a Clean Access Server:
Step 1 From Device Management, click the CCA Servers link on the navigation menu.