Cisco NAC Agent, a component of Cisco NAC, is a piece of software that is run on your computer and checks whether or not your computer meets all the criteria set by administrators for network access. If your computer passes assessment, the NAC agent will refresh your IP address and thereby granting you network access. Keep in mind, there is A LOT more going on behind the scenes. Without going into extreme detail, I wanted to share an interesting experience I had while working with this technology lately.

So, here was the situation. I had some laptops connecting to docking stations (port replicators) running the NAC agent. The weird thing was that every time a laptop would dock and then power up, it would retain the IP address it had while docked the last time. This was problematic because the NAC agent wasn’t communicating with the Clean Access Server (L3 OOB mode). After some thinking, I ended up concluding that hardware profiles had something to do with it. To make a long story short, modifying the hardware profiles didn’t fix the problem. I had finally reached the bottom of the idea barrel when I thought the DHCP lease might be the answer. So I lessened the lease time for DHCP clients and the laptops got the appropriate DHCP addresses at start up. Although, I still think that docking station had something to do with it…

-Tim