Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win


Controlled Ports: Cisco Clean Access

Posted on 2011-03-16
Medium Priority
Last Modified: 2012-06-21

1) Most of the ports in a company are controlled ports
2) All Desktops and Laptops which are connected to the company's network ports, should install a client which are called "the Cisco Clean Access"
3) There are problems with some ports:
-The workstation or laptop there are STILL getting the IP address, but they can not get to the network or internet at all
4) I saw the consultant "popped up" the management console of the Cisco Clean Access"
- Where they can go to the switches where the network ports are connected
- She click "update" in the management console, and the ports are functioning well again
5) My questions:
How to get the Management Console of the Cisco Clean Access? What software to be installed? Is there any certain configuration to be made for it? Please also explain any other related issues related to it
6) Thank you

Question by:tjie
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
LVL 17

Accepted Solution

surbabu140977 earned 1020 total points
ID: 35156266
Cisco NAC Appliance is a network-centric integrated solution administered from the Clean Access Manager web console and enforced through the Clean Access Server and (optionally) the Agent.

So what you are seeing is the web console of your NAC deployment and it's negative that any other person would be allowed to access apart from your network administrator.

The NAC(Network access control) is the heart of your organization's security and you can well forget about operating the console if you are not authorized.



Author Comment

ID: 35161409

1) Yeep, it seems your answers are in the right direction ....
2) Let me ask more tp clarify it ...
3) ++++++ .... enforced through the Clean Access Server and (optionally) the Agent.++++++
      @ Is there ANY clean access server?
      @ If Yes, This Clean Access Serve will be installed in What Operating System? (The Linux box or Windows Operating System?) (Is like the BigBrother or Xymon that should be installed in the Linux Box?)

4) ++++++ So what you are seeing is the web console of your NAC deployment ....++++++
      @Would you explain a little bit of this?
      @ Is it something like "Web Server"?
      @ Or a part of IIS (Internet Information Server)?
5) Thank you

LVL 18

Assisted Solution

decoleur earned 980 total points
ID: 35162405
to answer your questions:

Yes, it sounds like there is a clean access server on your network that enforces policy on switch ports. It is a linux solution that is managed by the administrators responsible for admin. IT is highly customizable and can require an agent to be installed or a machine to be authenticated before allowing network access.

NAC is typically used to secure network access and require that all users that connect to the network meet predefined requirements before being allowed to access resources.

The reason that some ports allow access and others do not has to do with how the clean access solution is configured and that the hosts trying to access resources haven't gone through the appropriate verification process.

There are a couple uses for web interfaces in a NAC deployment without more information I can describe specifically what you are seeing.

most likely you are being prompted to present your credentials to gain access to the network, not the NAC admin interface. If you are not an authorized user NAC doesn't let you out of the gates.

what are you trying to find out. It seems like you are looking for answers to specific questions that have not really been asked, yet.

hope this helps,


Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Concerto Cloud Services, a provider of fully managed private, public and hybrid cloud solutions, announced today it was named to the 20 Coolest Cloud Infrastructure Vendors Of The 2017 Cloud  (http://www.concertocloud.com/about/in-the-news/2017/02/0…
Many of the companies I’ve worked with have embraced cloud solutions due to their desire to “get out of the datacenter business.” The ability to achieve better security and availability, and the speed with which they are able to deploy, is far grea…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…

604 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question