Network Access Control

Greetings. My question is a part of a Proof-of-Concept. Is it possible for a single test lab that a LAN Enforcer and a Gateway Enforcer be connected to a single SEPM? My idea is this: 5 PCs are connected to a network (with 802.1x enabled on the test switch). 1 of them has no agent. So by policy of SEPM-SNAC (in transparent mode), it will be redirected to a Quarantine VLAN (thru LAN Enforcer) Being in the Quarantine VLAN, if the user will open a browser, it must be redirected to the ODC page instead of the intended home page (or any other web request) so that ODC client will be used on that PC and further remediation will be done. (thru Gateway Enforcer) After being remediated, it will go back to the Protected Network / VLAN and perform normal network access. (thru LAN / Gateway Enforcer). Is the above set of statements possible? If it does, what should I do to perform it? Thanks for any suggestions / procedures.

Hello,

This one is a standart customer request before they purchasing NAC.

Sure you can connect both LAN and Gateway enforcer on a Single SEP Manager.

When client fails his VLAN changed to quarantine vlan. On quarantine vlan user just access to Gateway enforcer appliance to get remediate or get on demand agent if he hasn't nac agent,when it remediates it self lan enforcer get him back to other VLAN.

 

Regards,

Oykun