Filter
Top Products
9-72
Configuration Guide for Cisco Secure ACS 4.2
OL-14390-02
Chapter 9 NAC Configuration Scenario
Step 11 (Optional): Configure GAME Group Feedback
d. If you want to specify a user group to which to assign the supplicant if the audit fails, check the
Assign a User Group check box and then from the Assign a User Group drop-down list, choose a
user group.
Step 9 Click Submit.
Step 10 Click Done.
Step 11 Click Apply and Restart.
Step 11 (Optional): Configure GAME Group Feedback
If you are using ACS in a NAC environment with agentless hosts, then you must configure Generic
Authorization Message Exchange (GAME) group feedback.
To configure GAME group feedback:
Step 1 Import an audit vendor file by using CSUtil.
See Import an Audit Vendor File by Using CSUtil, page 9-73 for details.
Step 2 Import a device-type attribute file by using CSUtil.
See Import a Device-Type Attribute File by Using CSUtil, page 9-73 for details.
Step 3 Import NAC attribute-value pairs.
See Import NAC Attribute-Value Pairs, page 9-73 for details.
Step 4 Configure database support for agentless host processing.
The database that you use can be an external LDAP database (preferred) or the ACS internal database.
See
Configure Database Support for Agentless Host Processing, page 9-74 for details.
Step 5 Enable Posture Validation.
See Enable Posture Validation, page 9-74 for details.
Step 6 Configure an external audit server.
See Configure an External Audit Server, page 9-74 for details.
Step 7 Enable GAME group feedback.
To enable GAME group feedback, in the external audit server posture validation setup
section,
configure:
• Which hosts are audited
• GAME group feedback
• Device-type retrieval and mapping for vendors who have a device attribute in the
RADIUS
dictionary
See Enable GAME Group Feedback, page 9-79 for details.
Step 8 Set up a device group policy.
See Enable GAME Group Feedback, page 9-79 for details.