Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions

Controlled Ports: Cisco Clean Access

Posted on 2011-03-16
Last Modified: 2012-06-21

1) Most of the ports in a company are controlled ports
2) All Desktops and Laptops which are connected to the company's network ports, should install a client which are called "the Cisco Clean Access"
3) There are problems with some ports:
-The workstation or laptop there are STILL getting the IP address, but they can not get to the network or internet at all
4) I saw the consultant "popped up" the management console of the Cisco Clean Access"
- Where they can go to the switches where the network ports are connected
- She click "update" in the management console, and the ports are functioning well again
5) My questions:
How to get the Management Console of the Cisco Clean Access? What software to be installed? Is there any certain configuration to be made for it? Please also explain any other related issues related to it
6) Thank you

Question by:tjie
LVL 17

Accepted Solution

surbabu140977 earned 255 total points
ID: 35156266
Cisco NAC Appliance is a network-centric integrated solution administered from the Clean Access Manager web console and enforced through the Clean Access Server and (optionally) the Agent.

So what you are seeing is the web console of your NAC deployment and it's negative that any other person would be allowed to access apart from your network administrator.

The NAC(Network access control) is the heart of your organization's security and you can well forget about operating the console if you are not authorized.



Author Comment

ID: 35161409

1) Yeep, it seems your answers are in the right direction ....
2) Let me ask more tp clarify it ...
3) ++++++ .... enforced through the Clean Access Server and (optionally) the Agent.++++++
      @ Is there ANY clean access server?
      @ If Yes, This Clean Access Serve will be installed in What Operating System? (The Linux box or Windows Operating System?) (Is like the BigBrother or Xymon that should be installed in the Linux Box?)

4) ++++++ So what you are seeing is the web console of your NAC deployment ....++++++
      @Would you explain a little bit of this?
      @ Is it something like "Web Server"?
      @ Or a part of IIS (Internet Information Server)?
5) Thank you

LVL 18

Assisted Solution

decoleur earned 245 total points
ID: 35162405
to answer your questions:

Yes, it sounds like there is a clean access server on your network that enforces policy on switch ports. It is a linux solution that is managed by the administrators responsible for admin. IT is highly customizable and can require an agent to be installed or a machine to be authenticated before allowing network access.

NAC is typically used to secure network access and require that all users that connect to the network meet predefined requirements before being allowed to access resources.

The reason that some ports allow access and others do not has to do with how the clean access solution is configured and that the hosts trying to access resources haven't gone through the appropriate verification process.

There are a couple uses for web interfaces in a NAC deployment without more information I can describe specifically what you are seeing.

most likely you are being prompted to present your credentials to gain access to the network, not the NAC admin interface. If you are not an authorized user NAC doesn't let you out of the gates.

what are you trying to find out. It seems like you are looking for answers to specific questions that have not really been asked, yet.

hope this helps,


Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In the world of WAN, QoS is a pretty important topic for most, if not all, networks. Some WAN technologies have QoS mechanisms built in, but others, such as some L2 WAN's, don't have QoS control in the provider cloud.
Quality of Service (QoS) options are nearly endless when it comes to networks today. This article is merely one example of how it can be handled in a hub-n-spoke design using a 3-tier configuration.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…

838 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question