Cisco Cisco Clean Access 3.5
4-34
Cisco Clean Access Manager Installation and Administration Guide
OL-7044-01
Chapter 4 Switch Management and Cisco Clean Access Out-of-Band (OOB)
Configure OOB Switch Management in the CAM
–
IP— IP address of the client
–
Switch— IP of the originating managed switch. Clicking the IP address brings up the Switch
Management > Devices > Switch [IP] > Config > Basic page for the switch.
Management > Devices > Switch [IP] > Config > Basic page for the switch.
–
Switch Port—Switch port of the client. Clicking the port number brings up the Switch
Management > Devices > Switch [IP] > Ports configuration page for the switch.
Management > Devices > Switch [IP] > Ports configuration page for the switch.
–
Auth VLAN—Authentication (quarantine) VLAN
A value of “N/A” in this column indicates that either the port is uncontrolled or the VLAN ID
for this MAC address is unavailable from the switch.
for this MAC address is unavailable from the switch.
–
Access VLAN—Access VLAN of the client.
A value of “N/A” in this column indicates the Access VLAN ID is unavailable for the client.
For example, if the user is switched to the Auth VLAN but has never successfully logged into
Cisco Clean Access (due to wrong user credentials), this machine will never have been to the
Access VLAN.
For example, if the user is switched to the Auth VLAN but has never successfully logged into
Cisco Clean Access (due to wrong user credentials), this machine will never have been to the
Access VLAN.
–
Last Update—The last time the CAM updated the information of the entry.
See
for additional details on monitoring out-of-band users.
Manage Switch Ports
Switch ports that are not connected to clients typically use the uncontrolled port profile. Switch ports
connected to clients use controlled port profiles. After switch ports are configured and the settings are
saved by clicking the “Update” button, the switch ports need to be initialized by clicking the “Setup”
button when the switch supports mac-notification.
connected to clients use controlled port profiles. After switch ports are configured and the settings are
saved by clicking the “Update” button, the switch ports need to be initialized by clicking the “Setup”
button when the switch supports mac-notification.
Note
For releases prior to 3.5(4), the “Update Switch Running Configuration” button only modifies the
switch running configuration. To save the running configuration on the switch, you must use CONSOLE,
TELNET or other methods to access the switch and run the save command.
switch running configuration. To save the running configuration on the switch, you must use CONSOLE,
TELNET or other methods to access the switch and run the save command.
Ports Tab
The Ports and Config tabs only appear after a switch is added to the Switch Management > Devices >
Switches > List. When the Ports tab first appears (
Switches > List. When the Ports tab first appears (
), one entry per Ethernet port
displays and corresponding fields for the entry are populated according to the information the Clean
Access Manager receives from direct SNMP queries. For example, if a switch added to the CAM has 24
Fast Ethernet ports and 2 Gigabit Ethernet uplinks, the Ports tab will display 26 rows, with one entry
per port.
Access Manager receives from direct SNMP queries. For example, if a switch added to the CAM has 24
Fast Ethernet ports and 2 Gigabit Ethernet uplinks, the Ports tab will display 26 rows, with one entry
per port.
Additionally, if the switch does not support mac-notification traps, the Setup button (Set up
mac-notification on managed switch ports) and MAC Not. column are not displayed on the page. In
this case, Linkup/Linkdown traps must be supported and configured on the switch and Clean Access
Manager. See
mac-notification on managed switch ports) and MAC Not. column are not displayed on the page. In
this case, Linkup/Linkdown traps must be supported and configured on the switch and Clean Access
Manager. See
for how the Ports page displays in this case.