AAA, NAC, Guest Access & BYOD

 View Only
last person joined: one year ago 

Solutions for legacy and existing products and solutions, including Clearpass, CPPM, OnBoard, OnGuard, Guest, QuickConnect, AirGroup, and Introspect
Back to Library

How do I model a device in the Topology view to gain NAC appliance network control access? 

Jun 30, 2014 09:01 PM

Product and Software: This article applies to all ECS product and software versions.

In order for the NAC appliance to control access to the network, the device must be added to the Topology view. This entails adding a device model to a domain in the Topology view and then completing the model configuration.

Requirements
  • Topology view domain to which the device should be added
  • IP address of the device
  • READ/WRITE SNMP community string passwords of the device
  • Communication protocol to be used when switching VLANs and reading Forwarding Tables, if applicable.
  • Communication passwords, if applicable
  • The device has the NAC Control Server set up as a trap receiver
  • VLANs already set up on the device
  • All ports are in their default VLANs
Procedure

1) Go to Admin GUI Main window > Administrator tab >Topology view.

2) Select the domain to which the device should be added and right-click. Select Add Device from the drop-down menu.

3) Enter the IP address of the device.

4) Select the appropriate SNMP protocol.

5) Enter the appropriate SNMP community strings using the following format:
<private>,<public>
6) Click Apply. The device icon should appear in the topology tree of the Topology view as member of that domain.
Note:  For a short period of time, the device icon will show a "?" in a blue box. This will change when the NAC appliance finishes the discovery process for that device.

Wait for the discovery to finish before proceeding.
7) Select the device, right click, and select Model Configuration from the device-specific sub-menu. This will open the Model Configuration window.

8) Fill in the General and VLAN ID information, and select the
communication protocol to be used from the pull-down menu.
Note: Not all model types will have all of the above listed options.
9) Click Apply.

The device is now ready to be used with the NAC Appliance.

Validation
To validate your modeled device, follow these procedures.

1) Read the VLANs.
a.  Access Topology view.

b. Select the switch, right-click, and select VLANs.

c.  Click the Read VLANs button.

If any VLAN is blank or -1, the read has failed, indicating that the device has not been modeled correctly. Also, verify that the defaults are correct.
2) Once you have successfully read the VLANs, any time you need to change the current or default value, come to this view and click the Edit Current or Edit Default button to change the corresponding values.

3) Run the configuration (not all devices will show this).
a. Access Topology view.

b. Select the switch,  right-click, and select <manufacturer> Switch > Running Configuration. If the device is modeled properly, a pop-up window will list the current configuration.

 

Statistics
0 Favorited
0 Views
0 Files
0 Shares
0 Downloads

Related Entries and Links

No Related Resource entered.