Cisco Cisco IOS Software Release 12.4(11)T
Corporate Headquarters
Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA
Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA
© 2006 Cisco Systems, Inc. All rights reserved.
NAC—Auth Fail Open
First Published: November 17, 2006
Last Updated: November 17, 2006
Last Updated: November 17, 2006
In network admission control (NAC) deployments, authentication, authorization, and accounting (AAA)
servers validate the antivirus status of clients before granting network access. This process is called
posture validation. If the AAA server is unreachable, clients will not have access to the network. The
NAC—Auth Fail Open feature enables the administrator to apply a policy that allows users to have
network access when the AAA server is unreachable. The administrator can configure a global policy
that applies to a device, or a rule-based policy that applies to a specific interface.
servers validate the antivirus status of clients before granting network access. This process is called
posture validation. If the AAA server is unreachable, clients will not have access to the network. The
NAC—Auth Fail Open feature enables the administrator to apply a policy that allows users to have
network access when the AAA server is unreachable. The administrator can configure a global policy
that applies to a device, or a rule-based policy that applies to a specific interface.
When the AAA server returns to a reachable status, the posture validation process resumes for clients
that are using the NAC—Auth Fail Open policy.
that are using the NAC—Auth Fail Open policy.
Finding Feature Information in This Module
Your Cisco IOS software release may not support all of the features documented in this module. To reach
links to specific feature documentation in this module and to see a list of the releases in which each feature is
supported, use the
links to specific feature documentation in this module and to see a list of the releases in which each feature is
supported, use the
Finding Support Information for Platforms and Cisco IOS and Catalyst OS Software Images
Use Cisco Feature Navigator to find information about platform support and Cisco IOS and Catalyst OS
software image support. To access Cisco Feature Navigator, go to
software image support. To access Cisco Feature Navigator, go to
. An
account on Cisco.com is not required.
Contents
•
•
•
•
•
•
•