Filter
Top Products
9-49
Configuration Guide for Cisco Secure ACS 4.2
OL-14390-02
Chapter 9 NAC Configuration Scenario
Step 8: Set Up Templates to Create NAPs
c. From the If Agentless request was not assigned a user-group drop-down list, choose a user group
to which ACS assigns a host that is not matched to a user group.
Sample Posture Validation Rule
Figure 9-35 shows the sample posture validation policy provided with the NAC Layer 3 template.
Figure 9-35 Sample Posture Validation Policy for NAC Layer 3 Template
Sample NAC Layer 2 Template
This template creates a profile for Layer 2 NAC requests.
Before you use the Layer 2 NAC profile template:
1. Select EAP-FAST Configuration in Global Authentication Settings.
2. Check (enable) the Allow authenticated in-band PAC provisioning.
3. Check (enable) EAP-GTC and EAP-MSCHAPv2.
To create a Layer 2 NAC profile template:
Step 1 In the navigation bar, click Network Access Profiles.
The Network Access Profiles page opens.
Step 2 Click Add Template Profile.
Step 3 Enter a Name and Description (optional).
Step 4 From the Template drop-down list, choose NAC L2 IP.
Step 5 Check the Active check box.