We're currently testing the use of CCA over VPN. One of the things we rely on in our normal non-VPN CCA deployment is the ability to create device filters by MAC address. However, when I set up a filter to allow one of my VPN test machines to bypass CCA the filter has no effect.
I create a filter to ALLOW my test machine's MAC, but that machine is still forced to use the agent when I connect to the VPN. (I've tried both the physical NIC's MAC and the MAC of the virtual NIC created by Cisco's VPN client.) Interestingly, when I set the filter to DENY it seems to work. All traffic times out on my test machine until I remove the filter. Does anyone have any insight into this problem? Or are MAC filters simply not supported with VPN SSO? Thanks, -Ryan Ryan Richter ResNet and Lab Services Student Computing California State University, Chico
