10-05-2020 02:48 AM
Deploying XMC, Analytics, EAC, all at same time, essentially. Place did have a radius server in place yet. I thought, maybe I’m wrong, or previous version, XMC/NAC can be set as radius server. Trying to keep things has simple as possible for staff to manage, and just get some detection going in NAC.
Firmware is 8.4.2.38 across all three virtual appliances. Is enable eth1 in NAC best practice? Thanks for any guidance on my first question.
(random, badges here don’t pull from Dojo?)
Solved! Go to Solution.
10-05-2020 03:21 AM
Hi,
You can use NAC as a Radius server. Please check out the following article:
Regards,
Ovais
10-07-2020 10:56 AM
Hello,
we are using VPEX but in a much smaller scale. But it works like a charm.
How did you connect 67 BPEs to one X590? This shouldn’t be possible.
10-07-2020 06:28 AM
Thanks! Issue is the VPEX/Cascade environment this company was sold. Honestly this vendor should not have sold all this, in the way it sounds. Roughly 67 v400’s at access, v400’s TOR servers, with 1 590x layer 2 only running extended bridge for two building. “Core”/Control Bridge pair of 670’s only one is VPEX. The other has all policies applied, rules, ACLs, authentication protocols. Slices filled up, database for identity-management was full. Nodealias. They were sold a solution that is already limited, and isn’t ideal at all. Everything was good to, was about to test in training area. One of campus buildings partially went offline, then online. A redirect.pol just went missing. Slice use was maxed out,
Now they’re about to rollout VOIP/and updated security with DVR, as well as HVAC controller.
Have you ever used VPEX or cascades? I’ll have to check the forums. These would be ideal for testing stuff. Ha
10-07-2020 03:25 AM
What have you done so far to configure LDAP on the NAC? please take some configuration snapshots including enforce failure error and post here so we know where you are at.
Regards,
Ovais
10-06-2020 04:59 AM
Thanks, really appreciate it! I know I’m missing something stupid. Cascade/VPex mode switches I’m not evening worrying about now, all end up traversing non-VPEX 670-g2. V400’s do nothing, very slow, but in a very nice purple box. Ha
Applying LDAP via NAC isn’t allowing me to save and write. Again, likely missing one check box. My Window of time to do this is limited and rushed. Without going into detail, no idea how a place such as this was allowed for lack of more obvious word or words like required audits. lol