Also check and make sure the CASs are able to reach/connect to the CAM. If CAS fallback feature is configured and the CAS is not able to reach the CAM, it will go into fail-open mode (if configured), which puts an Allow All on all roles.
Regards -alok -----Original Message----- From: Cisco Clean Access Users and Administrators [mailto:[email protected]] On Behalf Of Hennessey, Sean Sent: Friday, January 23, 2009 2:18 PM To: [email protected] Subject: Re: Allow ALL TRAFFIC Version 4.5 It sounds to me like someone hit "Add Policy to All Roles" instead of "Add Policy" as that's the behavior that method of policy deployment is supposed to do - applying it to all roles but "Unauth"... - S -----Original Message----- From: Cisco Clean Access Users and Administrators [mailto:[email protected]] On Behalf Of Jeremy Wood Sent: Friday, January 23, 2009 1:56 PM To: [email protected] Subject: Re: Allow ALL TRAFFIC Version 4.5 We're running 4.5 (upgraded about a month ago). I just double checked all of our Roles and I'm not seeing this. --Jeremy
