GRE tunnel endpoint on NAC gateways?

  • 6 November 2014
  • 4 replies

Userlevel 3

short question - is it possible to setup a GRE tunnel endpoint within an NAC gateway like in purview appliances?
Goal: achieve user account information from kerberos packets in NAC, virtualized gateways, policy mirror for kerberos

4 replies

Userlevel 3
That is not possible at the moment.
But: if you happen to have XOS-based switches, you can use their Identity Manager (IDM) to forward XML notifications containing Kerberos data to Netsight/NAC.
Userlevel 3
Also you could just mirror your Kerberos traffic from the S/K series switch to a free port of Tour NAC Appliance. But without GRE. Regards Michael
Userlevel 3
i only use virtualized nac gateways - so i dont want to mirror traffic to any esx host, using dedicated NICs in the servers isnt an option.
Userlevel 3
I see - in this case this would be a pretty good feature request.

a) GRE Tunnel support for NAC Appliance
b) Sharing of Kerberos information from Purview to NAC

By the way, if you use 802.1X the kerberos Info is not used anyway because the same Field in the NAC info tupel is used. I requested to introduce a new field for this.