Specifications
2-35
Cisco NAC Appliance - Clean Access Manager Configuration Guide
OL-28003-01
Chapter 2 Device Management: Adding Clean Access Servers, Adding Filters
Integrating Cisco ISE Profiler
• CHECK
IB - bypass login, apply posture assessment (bypass L2 posture assessment if certified), assign role
OOB (Switch) - bypass login, apply posture assessment if not certified, assign User Role VLAN
OOB (WLC) - bypass login, apply posture assessment if not certified, assign WLC Access VLAN
• IGNORE
OOB (Switch) - ignore SNMP traps from managed switches (IP Phones)
Step 4 Bounce this port if endpoint profile changes – Check this option if you want to bounce the port when
there is a change in an endpoint profile. This is applicable only to OOB deployments.
Step 5 Enable Rule – Check this option to enable the rule.
Step 6 Click Add to save the Rule.
CAM pulls all the endpoints available in the ISE Profiler and applies the Access Type selected in the
matching rules. If an endpoint is not matching with any of the rules, the Access Type “DENY” is applied
to it.
View Rules
Click the List tab under Rules to view the existing rules as shown in Figure 2-18.
Figure 2-18 List of Rules
The List tab displays the Rule Names, whether the rules are enabled or not, description, profiles, access
types, and priority. You can edit or delete a rule as described in the following sections.
Edit Rules
Step 1 Go to Device Management > Filters > Configuration > Rules > List.
Step 2 Click the Edit icon corresponding to the Rule Name in the Rules list. An Edit window similar to
Figure 2-16 is displayed.
Step 3 You can edit the Rule Name, Rule Description, Matching Profile, Access Type and the User Role used.
Step 4 Click Update to apply the changes.