Redundant NAC

Hi Experts,

I am a newbie at the NAC. Documents, I found the measures for high availability of installation for the NAC CAM & CASE components. But I have the following queries:

1. What is the usefulness of the two separate components CAM/AR in the suite of the NAC and how are they related by feature/dependency to each other.

2. If you choose with force units active or reserve, how that is possible. in other words, both cam/must be separately derived from high availability?

3. after the forceful removal of manufacturing unit active, how we check if one active is processing all the data from the network.

Appreciate any help with answers or useful links to understand the above.

Thanks to you all.

Hey,.

I will try to answer your questions to the best of my knowledge.

1 CAM is the manager who is used to handle the CASE. So the CASE contacted all customers trying to connect and manage routing inband, mapping VLANs etc. CAM is used to set a ton of things such as user roles, audits are required for the assessment of posture, setting up authentication servers, configure the properties of the agent of the NAC, etc, etc...

2. There is an Administration > Manager of CCA > failover TAB that allows you to choose if the device is primary or secondary.

Similarly, there is a failover TAB in AR that allows to do the same.

3. you can check the logs of the CAS for whether or not it is processing data.

You can see real-time newspapers via the CLI by using the following commands:

/ * Style definitions * / table. MsoNormalTable {mso-style-name : « Table Normal » ; mso-tstyle-rowband-taille : 0 ; mso-tstyle-colband-taille : 0 ; mso-style-noshow:yes ; mso-style-priorité : 99 ; mso-style-qformat:yes ; mso-style-parent : » « ;" mso-rembourrage-alt : 0 à 5.4pt 0 à 5.4pt ; mso-para-margin : 0 ; mso-para-marge-bottom : .0001pt ; mso-pagination : widow-orphelin ; police-taille : 11.0pt ; famille de police : « Calibri », « sans-serif » ; mso-ascii-font-family : Calibri ; mso-ascii-theme-font : minor-latin ; mso-fareast-font-family : « Times New Roman » ; mso-fareast-theme-font : minor-fareast ; mso-hansi-font-family : Calibri ; mso-hansi-theme-font : minor-latin ; mso-bidi-font-family : « Times New Roman » ; mso-bidi-theme-font : minor-bidi ;}

CAM: tail f /perfigo/control/tomcat/logs/nac_manager.log

CASE: tail f /perfigo/access/tomcat/logs/nac_server.log

I hope this helps.

-Shrikant

P.S.: Please check the question resolved, if it has been answered. Note the useful messages. Thank you.

Tags: Cisco Security

Similar Questions

  • NAC Appliance and LDAP Lookup

    Hello

    I have two CAM HA and two CASES in HA.

    I set up LDAP search to create role assignment rule.

    In this configuration is only a windows server to find the properties of the user.

    There is a problem when this servers Windows is out of service. There are configurations of attenuation when the server isn't here.

    Thanks to you all.

    The search server configs State LDAP use LDAP authentication provider. LDAP authentication provider says that you can have multiple entries in the unique field

    LDAP

    http://www.Cisco.com/en/us/docs/security/NAC/appliance/configuration_guide/413/cam/m_auth.html#wp1158614

    You can add LDAP authentication servers redundancy by recording several LDAP URL in the URL field of the server, separated by a space, for example:

    LDAP://ldap1. ABC.com ldap://ldap2.abc.com ldap://ldap3.abc.com

  • NAC Manager high availability peer CAM DEAD

    Hello

    I have two managers of the NAC with high availability and I used both interface eth1 of sides as a link Heartbit.

    I did following steps for high availability.

    (1) synchronize the time between two cams.

    (2) generate a temporary SSL certificate in CAMs and import-export procedure made in the other.

    (3) make a CAM as a primary and the other as secondary.

    But after all this made configuration I can see the State in surveillance > reports-primary CAM is in place in both servers and redundant CAM is down.

    Also on the failover tab, I can see - Local CAM - OK [Active] and counterpart CAM:-DEAD.

    I have attached some screenshots so that you can find the same.

    Your help will be very appreciated.

    Thank you

    Try these steps and check that all steps were followed:

    http://www.Cisco.com/c/en/us/support/docs/security/NAC-appliance-clean-access/99945-NAC-cam-HA.html

  • The upgrade to the will of the Sierra that software redundent

    Upgrade to Sierra will make it redundant software?

    Hello Robert,

    Thank you for using communities Support from Apple!

    I see Your ' e concerned about the software that you have installed on your Mac and its compatibility with macOS Sierra. You will need to check with the developers of the software that is installed to see if the version you have is compatible with macOS Sierra, or if there is an update available for her.  As a precaution, you can back up your Mac with Time Machine and then, if your software is not supported under macOS Sierra, just go back to your previous backup:

    Use Time Machine to back up or restore your Mac

    Take care.

  • Redundant notifications watch OS 3 Countdown Timer

    Watch 3 OS, the countdown now redundant notifications. When the timer counts down to 0, you get the normal "meter made" alert and then 15 seconds later, you also get a notification of alarm named 'COUNT_DOWN_TIME_REACHED '. It doesn't seem to be a sign of timer settings in the application settings of the watch, so I can't understand how to disable this alert redundant and boring.

    Hello

    This seems to be a bug. You can report (as others have fact) to Apple here:

    https://www.Apple.com/feedback/watch.html

  • Store steel 640GO - message data error (cyclic redundancy check)

    Hello

    I had the car store for a few months, so a lot of data on it.

    Today, windows detects it as a local disk and when I try to access it I get a message telling me that the disk must be formatted when I select number, I get a message saying * error (cyclic redundancy check *) data.

    Help.

    I tried two other laptops, both give the same answer.

    Thank you

    Guy

    Hello

    It seems that something go wrong with the HARD disk partition.
    Did you try running chkdsk and to check the external HARD disc ability?
    Do this!

    Startup command box (cmd)
    You can use the command: chkdsk c: /f r + +.
    But c: means that the HARD drive or partition, you need to change this with the same letter that is assigned to the external HARD drive

  • Adding redundancy backup with time Capsules

    Are there problems associated with adding a second time Capsule to my system in order to add additional redundancy and safety of my backup options? I have a MacBook Pro and a single Capsule of 3 TB. I am looking for a non-Cloud option add extra security while maintaining the automation of the OSX TimeMachine.

    Adding a second Time Capsule works perfectly.  After that Time Machine performs a full backup of your Mac (s) on the new Time Capsule, it automatically alternates between two time Capsules backups.

    If you have the possibility of adding a USB or FireWire drive directly to your Mac, which would be a bit better set up in terms of reliability of time Machine, but probably not very convenient if you have a laptop that is moving all the time.

  • redundant names of pxi resources

    Whenever I run a VI that accesses my digitizer PXI using the VI OR-SCOPE module I find myself with many redundant instances of the resource in PXI drop down menu resource. See the image attached to the binary "niScope Acquisition.vi EX" cover for an example of what I'm describing. Why does this happen?

    Thank you

    Eric

    It looks like niScope Close.vi is incorrectly called.  This is where the sessions are cleaned.

    Mark

  • Cyclic redundancy

    Hello world

    I am trying to build a vi on CRC-5 (cyclical redundancy check). I looked here but found nothing on CRC - 5, just found it on CRC - 16.

    Can someone help me? Thank you!

    Here is a document that deals with CRC - 5.  You will probably have to do the 'big' yourself.

    BS

  • Module Design triple redundancy

    Hello

    Someone has already tried to implement "Triple Module redundancy" on a map of FPGA? I have a PXI-7853R. I think I can support than a bit file. Yes, I could write three modules in a single bit file, but then, how do I control where on the FPGA would be built on each module.

    Any ideas?

    Thank you!

    I recently had a similar requirement. I just dropped 2 coppies double redundancy knowing they could be compiled twice but I had no control on where they have been compiled in. However, I found I could identify the IO pins and at least have the e/s of my redundant logic located in various locations through research in the file ucf for the fpga (who is with the labview fpga installation) and the xylinx fpga datasheet. I hope it's at least some use for you. Good luck.
    Michael

  • 2012 server redundancy

    Hmmm, I'm a little confused that I don't see any option for this post in forum windows server 2012.

    In any case, I have a few questions about creating a backup for an all-in-one server. The server has active directory, DNS, file server, and everything on it. I am trying to create a configuration of redundancy in case of failure. While I was reading on the failover clusters and this seems to be what I need to do. I'm just a little confused.
    When I create a cluster and add servers to it, what happens exactly? For the simplest case instance, I have the main server with all the data. Now, I bring to another machine with nothing on it. I have install windows server 2012 on it and add, as well as the other computer in a cluster. The main server data automatically copied on all servers that are part of this group? At this point if a server goes down the other to take over?
    Any help is greatly appreciated.
    FlipFlop

    In the Windows Server forum:
    http://social.technet.Microsoft.com/forums/en-us/category/WindowsServer.

  • Can I use Hype-V in a Cluster to ensure our application redundancy?

    Our application is software that contains several objects DCOM, web service and database. We develop a solution of redundancy of the complete system to provide the functionality of failover.

    Now, it looks like the use of Hyper-V in a Cluster is a more simple and better than our own solution. The application can be installed in the Hyper-V and failover can be provided by the cluster.

    Is there a limitation on this?

    Using windows api cluster, detectable application a failover operation when installed in a virtual machine of Hype-V that is taken in a cluster?

    Hello

    This forum is only for consumer Windows support. You should repost on this forum on the Microsoft Technet Web site: http://social.technet.microsoft.com/Forums/en-US/categories

  • On Windows update kb2229593 cyclic redundancy error

    I am trying to install the update of security KB2229593 on a Win XP Home Edition PC.  I got an error that the update could not be installed, so I downloaded the update from the MSFT Download Center.  When I run it, I get an error saying "data error (cyclic redundancy check) I am assuming that it is a fairly major update.  Any ideas?

    Hey Pa Bear.

    I ran the disk check, and it seemed to solve all problems!  My security updates have been completed.  I really appreciate your help, but I think that chkdsk has been the answer.  Detective Conan for me.  Thank you again for taking the time to respond and offer to help.

  • Message error when you install a game 'Assistant instalation "_" a support of instalation file not would be installed data error (cyclic redundancy check)

    It's the exact message

    "A support of instalation file cannot be installed
    Data error (cyclic redundancy check)

    This simply means that your CD/DVD media for the installation of your game is corrupted or cannot be read, extract for all the cracks, scratches on your support.

    If it is in perfect condition, better clean the lens of your CD/DVD-Rom drive with a cleaning kit, as the lens of the drive could have been contaminated by dirt.

  • can I use a winxp installation code now redundant disk and product on another PC?

    I have a code disc and product installation WinXP of now redundant after upgrading my PC to WSindoes 7... I want to use the WinXP on another PC. Are there restrictions for me this way to use the facility?

    If you used a Windows 7 upgrade version to do the upgrade, XP Licensse is assimilated in it and cannot be used elsewhere.

    If your XP license is an OEM one (has a COA sticker on the case of the machine) may not be used in any other machine - never.

Maybe you are looking for

  • IOS 10 problems

    Hello I was wondering if someone has the same problem with 10 IOS I have experience - my email application maintains spontaneously quit smoking outside and close after reviewing several emails - every 5-10 minutes? If so, anyone know if Apple is awar

  • virus in a firefox addon

    stupidly, when I was tired last night I added an addon from ebay and it must have been a "click here or not thing" that I forgot.now I have a virus that I can't get rid of.There dj mixi and I am very upset and angry.

  • Is satellite C650-1CP - possible to upgrade the GPU?

    Hello I just wanted to ask a question about my graphics card with respect to the games. I discovered recently that the integrated graphics chips are not only good for gaming so I did a bit of reading on the subject and found something to say that the

  • Qosmio F10 - red color problems Speckelled

    Some colors and shadding, mainly in gray-scale, but puts in scale blue I get what looks like red pixels flashing randomly on the screen, including at - it a solution easy, or is - a manufacturing defect?

  • used to my asus dvd/cdr that auto run in Windows XP

    don't record charge or download to or from the DRC eror msge windows player will not play cos incompatible drivers