Integration CISCO Switches into Enterasys NAC
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎01-02-2015 11:20 AM
We have a customer who has a small network with 20 Cisco Switches, 2960 & 3560 and the customer want to switchover to Enterasys / Extrem.
We have as a first step a new SSA150 System and the whole software Suite with NMS and NAC on the customer site.
Now my Job is to integrate the Cisco Switches into the Enterasys NAC Solution.
Is there any kind of Material or how to´s .. how to integrate a Cisco Switch into a NAC manager ? I know that I have to configure the ports on the Cisco´s to Mac Authentification and the NAC Solution ist the Server... but it would be great to see an example from the real world.
I have already integrated all the ciscos into the Netsight with SNMP V2 and actually i can monitor traffic and port actions on the Cisco´s
On the first step I want to configure the NAC Solution that it´s only listen to MAC Auth requests without doing any action on the ports of the Switch ... to build up a NAC Database.
Later I want to change the NAC Solution to allow the traffic for all mac addresses on a white list and to block all new addresses.
Some Questions for the Future :
- is it possible that Enterasys NAC with Netsight also can switch VLAN on a ciso switch to bring a device with a new mac into a Isolation VLAN ??
- i have a SSA 150 as a core device .. can i configure all the ciscos to act as dumb forwarding NAC Requests to this SSA and make there on the port also multiple Request with MAC Auth and 802.3 Auth and WEB Auth ? because the SSA 150 can have multiple Kind of authenthification on one port.
i could connect every cisco Switch on one port of the ssa 150 and acctivate the multile Auth on this Port ... to use the Ciscos only as dumb forwarders... ( i this right ? )
As I understood this feature of multiple policys on one port is only valid for Enterasys B-Series and above but would it work if a Cisco switch with 24 Ports will connect to one port of a SSA150 ?
Regards
Christian
We have as a first step a new SSA150 System and the whole software Suite with NMS and NAC on the customer site.
Now my Job is to integrate the Cisco Switches into the Enterasys NAC Solution.
Is there any kind of Material or how to´s .. how to integrate a Cisco Switch into a NAC manager ? I know that I have to configure the ports on the Cisco´s to Mac Authentification and the NAC Solution ist the Server... but it would be great to see an example from the real world.
I have already integrated all the ciscos into the Netsight with SNMP V2 and actually i can monitor traffic and port actions on the Cisco´s
On the first step I want to configure the NAC Solution that it´s only listen to MAC Auth requests without doing any action on the ports of the Switch ... to build up a NAC Database.
Later I want to change the NAC Solution to allow the traffic for all mac addresses on a white list and to block all new addresses.
Some Questions for the Future :
- is it possible that Enterasys NAC with Netsight also can switch VLAN on a ciso switch to bring a device with a new mac into a Isolation VLAN ??
- i have a SSA 150 as a core device .. can i configure all the ciscos to act as dumb forwarding NAC Requests to this SSA and make there on the port also multiple Request with MAC Auth and 802.3 Auth and WEB Auth ? because the SSA 150 can have multiple Kind of authenthification on one port.
i could connect every cisco Switch on one port of the ssa 150 and acctivate the multile Auth on this Port ... to use the Ciscos only as dumb forwarders... ( i this right ? )
As I understood this feature of multiple policys on one port is only valid for Enterasys B-Series and above but would it work if a Cisco switch with 24 Ports will connect to one port of a SSA150 ?
Regards
Christian
5 REPLIES 5
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎03-20-2019 03:28 PM
Maybe this will help others who are reading this thread here in the Community:
https://gtacknowledge.extremenetworks.com/articles/Q_A/Where-can-I-find-a-Cisco-switch-and-Extreme-Management-Center-Integration-Guide
https://gtacknowledge.extremenetworks.com/articles/Q_A/Where-can-I-find-a-Cisco-switch-and-Extreme-Management-Center-Integration-Guide
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎01-22-2015 07:57 PM
Hi Christoph,
your welcome 🙂
your welcome 🙂
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎01-22-2015 07:57 PM
i am trying to integrate 189 cisco devices into Device Manager and NAC. We have been pushing out 802.1x through wireless but now are about to start the wired network. I have successfully tested 802.1x with a test switch. We have all the cisco devices in Device Manager but with limited info available. We can see the ports and doing weekly firmware backups on all devices but are unable to monitor anything outside of ports and are not showing Vlans configured on ports. We have also tried many times to use the Firmware Upgrade with no luck. Any help you can provide would be great.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎01-22-2015 06:17 PM
Many THX .. after 3 Weeks one awnser .. but this one ist perfect ..
until now i have only integrated the enterasys devices .. and next month the cisco´s are on the roadmap.. you awnser will help me
until now i have only integrated the enterasys devices .. and next month the cisco´s are on the roadmap.. you awnser will help me
