Controlled Ports: Cisco Clean Access

Posted on 2011-03-16
Last Modified: 2012-06-21

1) Most of the ports in a company are controlled ports
2) All Desktops and Laptops which are connected to the company's network ports, should install a client which are called "the Cisco Clean Access"
3) There are problems with some ports:
-The workstation or laptop there are STILL getting the IP address, but they can not get to the network or internet at all
4) I saw the consultant "popped up" the management console of the Cisco Clean Access"
- Where they can go to the switches where the network ports are connected
- She click "update" in the management console, and the ports are functioning well again
5) My questions:
How to get the Management Console of the Cisco Clean Access? What software to be installed? Is there any certain configuration to be made for it? Please also explain any other related issues related to it
6) Thank you

Question by:tjie
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
LVL 17

Accepted Solution

surbabu140977 earned 255 total points
ID: 35156266
Cisco NAC Appliance is a network-centric integrated solution administered from the Clean Access Manager web console and enforced through the Clean Access Server and (optionally) the Agent.

So what you are seeing is the web console of your NAC deployment and it's negative that any other person would be allowed to access apart from your network administrator.

The NAC(Network access control) is the heart of your organization's security and you can well forget about operating the console if you are not authorized.



Author Comment

ID: 35161409

1) Yeep, it seems your answers are in the right direction ....
2) Let me ask more tp clarify it ...
3) ++++++ .... enforced through the Clean Access Server and (optionally) the Agent.++++++
      @ Is there ANY clean access server?
      @ If Yes, This Clean Access Serve will be installed in What Operating System? (The Linux box or Windows Operating System?) (Is like the BigBrother or Xymon that should be installed in the Linux Box?)

4) ++++++ So what you are seeing is the web console of your NAC deployment ....++++++
      @Would you explain a little bit of this?
      @ Is it something like "Web Server"?
      @ Or a part of IIS (Internet Information Server)?
5) Thank you

LVL 18

Assisted Solution

decoleur earned 245 total points
ID: 35162405
to answer your questions:

Yes, it sounds like there is a clean access server on your network that enforces policy on switch ports. It is a linux solution that is managed by the administrators responsible for admin. IT is highly customizable and can require an agent to be installed or a machine to be authenticated before allowing network access.

NAC is typically used to secure network access and require that all users that connect to the network meet predefined requirements before being allowed to access resources.

The reason that some ports allow access and others do not has to do with how the clean access solution is configured and that the hosts trying to access resources haven't gone through the appropriate verification process.

There are a couple uses for web interfaces in a NAC deployment without more information I can describe specifically what you are seeing.

most likely you are being prompted to present your credentials to gain access to the network, not the NAC admin interface. If you are not an authorized user NAC doesn't let you out of the gates.

what are you trying to find out. It seems like you are looking for answers to specific questions that have not really been asked, yet.

hope this helps,


Featured Post

Forrester Webinar: xMatters Delivers 261% ROI

Guest speaker Dean Davison, Forrester Principal Consultant, explains how a Fortune 500 communication company using xMatters found these results: Achieved a 261% ROI, Experienced $753,280 in net present value benefits over 3 years and Reduced MTTR by 91% for tier 1 incidents.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
VTP Setup 4 22
pptp through Cisco ASA5505 V7 5 34
Why isn't my network passing a certain vlan. 24 48
VLAN 1 Line Protocol Down 9 42
The Cisco RV042 router is a popular small network interfacing device that is often used as an internet gateway. Network administrators need to get at the management interface to make settings, change passwords, etc. This access is generally done usi…
Use of TCL script on Cisco devices:  - create file and merge it with running configuration to apply configuration changes
After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question