Table of Contents
Advertisement
Chapter 30
Network Admission Control
Exception Policies Window
Add, Edit, and Delete Buttons
NAC Timeouts
OL-4015-12
NAC exception policies control the network access of hosts in the exception list.
A NAC exception policy consists of a name, an access rule, and/or a redirect URL.
The access rule specifies the destinations to which hosts governed by the policy
have access. If a redirect URL is specified in the policy, the policy can point web
clients to sites that contain information on how to obtain the latest available virus
protection.
An example of a NAC policy entry is shown in the following table:
Name
NACLess
Access rules associated with NAC policies must be extended ACLs, and must be
named. An example of an access rule that might be used in a NAC policy is shown
in the following table:
Action
Source
permit
any
This rule permits any host governed by the policy to send IP traffic to the IP
address 172.30.2.10.
Click the Add button to create a new exception policy. Use the Edit button to
modify existing exception policies, and the Delete button to remove exception
policies. The Edit and Delete buttons are disabled when there are no exception
policies in the list.
Configure the timeout values the router is to use for
with network hosts. The default, minimum, and maximum values for all settings
are shown in the following table.
Cisco Router and Security Device Manager 2.5 User's Guide
Access Rule
nac-rule
Destination Service
172.30.2.10 ip
Edit NAC Tab
Redirect URL
http://172.30.10/update
Log
Attributes
EAPoUDP
communication
30-15
Advertisement
Table of Contents
Troubleshooting
