GRE tunnel endpoint on NAC gateways?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎11-06-2014 02:33 PM
Hi,
short question - is it possible to setup a GRE tunnel endpoint within an NAC gateway like in purview appliances?
Goal: achieve user account information from kerberos packets in NAC, virtualized gateways, policy mirror for kerberos
short question - is it possible to setup a GRE tunnel endpoint within an NAC gateway like in purview appliances?
Goal: achieve user account information from kerberos packets in NAC, virtualized gateways, policy mirror for kerberos
4 REPLIES 4
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎01-22-2015 07:58 AM
I see - in this case this would be a pretty good feature request.
a) GRE Tunnel support for NAC Appliance
b) Sharing of Kerberos information from Purview to NAC
By the way, if you use 802.1X the kerberos Info is not used anyway because the same Field in the NAC info tupel is used. I requested to introduce a new field for this.
a) GRE Tunnel support for NAC Appliance
b) Sharing of Kerberos information from Purview to NAC
By the way, if you use 802.1X the kerberos Info is not used anyway because the same Field in the NAC info tupel is used. I requested to introduce a new field for this.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎01-22-2015 07:20 AM
i only use virtualized nac gateways - so i dont want to mirror traffic to any esx host, using dedicated NICs in the servers isnt an option.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎01-22-2015 05:30 AM
Also you could just mirror your Kerberos traffic from the S/K series switch to a free port of Tour NAC Appliance. But without GRE. Regards Michael
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎11-06-2014 02:40 PM
That is not possible at the moment.
But: if you happen to have XOS-based switches, you can use their Identity Manager (IDM) to forward XML notifications containing Kerberos data to Netsight/NAC.
But: if you happen to have XOS-based switches, you can use their Identity Manager (IDM) to forward XML notifications containing Kerberos data to Netsight/NAC.