Manualshelf

Specifications

ManualsBrandsHP ManualsComputer equipment3350 - Cisco NAC Appliance
919293949596979899100
3-4
Cisco NAC Appliance - Clean Access Manager Configuration Guide
OL-28003-01
Chapter 3 Switch Management: Configuring Out-of-Band Deployment
Overview
SNMP Control
With Out-of-Band deployment, you can add switches to the Clean Access Manager’s domain and control
particular switch ports using the Simple Network Management Protocol (SNMP). SNMP is an
application layer protocol used by network management tools to exchange management information
between network devices. Cisco NAC Appliance supports the following SNMP versions:
You first need to configure the switch to send and receive SNMP traffic to/from the Clean Access
Manager, then configure matching settings on the Clean Access Manager to send and receive traffic
to/from the switch. This will enable the Clean Access Manager to get VLAN and port information from
the switch and set VLANs for managed switch ports.
Cisco NAC Appliance also provides support for SHA-1 and 3DES encryption, which is required when
configuring SNMP management on a CAM operating in a FIPS 140-2 compliant network.
Network Recovery for “Off Line” Out-of-Band Switches
Cisco NAC Appliance features configurable SNMP polling behavior for Out-of-Band managed switches
to ensure that the CAM is able to communicate with switches experiencing network issues when they
return to normal operation. Without this function, Cisco NAC Appliance might lose communication with
managed switches altogether and remain undetected for some time, requiring the Cisco NAC Appliance
administrator to manually step in and clear up the switch behavior and re-establish CAM-to-switch
communication.
You can configure this feature using the following settings in the smartmanager_conf table of the CAM
CLI:
OobSnmpErrorLimit—This is maximum number of consecutive SNMP timeout failures. If the
number of consecutive failures reaches this value, the switch is disabled. If the administrator
specifies the limit so that it is equal to or is less than 0, this feature is disabled. The default value is
10.
OobSnmpRecoverInterval—This is the internal time period (in minutes) that the recovery process
waits to check disabled switches to see if they have come back online. The default value is 10.
CAM to OOB Switch OOB Switch to CAM (Traps)
Read:
SNMP V1
SNMP V2c (V2 with community string)
SNMP V3
Write:
SNMP V1
SNMP V2c
SNMP V3
SNMP V1
SNMP V2c
SNMP V3