We have been using Cisco NAC since 2009 in conjunction with our Cisco Wireless LAN Controllers for Wi-Fi access. Our NAC is running in the in-band Layer 3 virtual gateway mode.
We also have been experiencing the NAC Agent pop-up issue starting this month--which was right after we upgraded from NAC 4.8 to NAC 4.9; during my tests, some of my laptops will have the NAC Agent pop-up but most of the time it doesn't. I opened a Cisco TAC case three days ago and he had me run Wireshark on my test laptops to see if the NAC Agent was sending UDP and TCP packets to my Clean Access Manager (CAS)--the laptops are sending the packets. After hours of troubleshooting, I have found out a way to always make the NAC Agent login pop up--by opening a command prompt and then entering ipconfig/release and then ipconfig/renew; this was actually a procedure suggested by my TAC support engineer. This workaround always works, but it is a hassle to have to announce and teach our students to do that procedure as a workaround. My TAC support engineer wants us to do some packet captures from our CAS and Wirless LAN Controller to find out the root cause of the problem, but we are hesitant to do this. We are thinking this problem might be a software bug in NAC 4.9 because it started happening after we upgraded to 4.9. Has anyone had this problem with NAC version 4.8 or lower? Or are the only sites having the NAC Agent pop up problem running 4.9? Wayne Lai Network Engineer University of La Verne [email protected]
