Cisco Cisco Clean Access 3.5

Cisco Catalyst 4500 

Cisco Catalyst 6500

Controlled switches must use at least the minimum supported version of IOS or CatOS (supporting 
mac-notification or linkup/linkdown SNMP traps). 

Your Cisco Clean Access license must enable Switch Management, and your Clean Access Server(s) 
and Clean Access Manager must be version 3.5 or greater. 

Clients must be physically connected to the ports of managed switches. 

Cisco Clean Access OOB supports Cisco Catalyst 3750 stacks. However, when mac-notification is 
used and there are more than 252 ports on the stack, mac-notification cannot be set/unset for the 
252nd port using the CAM. There are two workarounds:

Use linkup/linkdown SNMP notifications only

If using mac-notification, do not use the 252nd port and ignore the error; other ports will work 
fine.

Clusters are not supported. 

With out-of-band deployment, you can add switches to the Clean Access Manager’s domain and control 
particular switch ports using the Simple Network Management Protocol (SNMP). SNMP is an 
application layer protocol used by network management tools to exchange management information 
between network devices. Cisco Clean Access supports the following SNMP versions: 

You first need to configure the switch to send and receive SNMP traffic to/from the Clean Access 
Manager, then configure matching settings on the Clean Access Manager to send and receive traffic 
to/from the switch. This will enable the Clean Access Manager to get VLAN and port information from 
the switch and set VLANs for managed switch ports. 

SNMP V1

SNMP V2c

 

(V2 with community string.) 

SNMP V1

SNMP V2c 

 

(V2 with community string.)

SNMP V3