Guys, My Cisco profile doesn't allow me to download Cisco Trust Agent. Is there any way to download it from any alternative source? I only now got down to NAC framework studies it looks totally confusing in terms of what exactly will be tested on the real lab. As far as I understand we should be prepared to build L3 NAC and L2/802.1x NAC scenarios ?
Secondly, I'm doing L3 NAC with ASA for remote VPN and stumbled upon an interesting situation. Under the group-policy I say "nac enable", the command is accepted and I assumed that it was a short way to say "nac-settings and so on…" but "nac-settings" expects the continuation of the value for nac-policy which I didn't configure yet. When I check the group-policy settings I see the following: group-policy EZVPN-GP attributes split-tunnel-policy tunnelspecified split-tunnel-network-list value SPLIT-ACL nac-settings value EZVPN-GP-nac-framework-create address-pools value EZVPN-POOL And there's no EZVPN-GP-nac-framework-create framework policy in the running config. What's the logic of the ASA software while configuring NAC framework the way I did? Eugene
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
