Chapter30 Network Admission Con trol
Create NAC Tab
30-10
Cisco Router and Security Device Manager 2.5 User’s Guide
OL-4015-12
Agentless Host Policy
If a policy for agentless hosts exists on the Cisco Secure ACS server, the router
can use that policy to handle hosts without installed posture agents. This met hod
of handling agentless hosts can be used as an alternative or as a complement to a
NAC exception list. If you are using the NAC wizard and you do not need to
configure an agentless host policy, you can click Next without entering
information in this window.

Authenticate Agentless Hosts Check Box

Check this box to indicate that you want to use the agentless h osts policy on the
Cisco Secure ACS server.

Username and Password Fields

Some Cisco IOS software images require that a username and password be
supplied along with the request to the Cisco Secure ACS server. If this is required,
enter the username and password configured on the Cisco Secure ACS server for
this purpose. If the Cisco IOS software image does not require this information,
these fields do not appear.
Configuring NAC for Remote Access
Configuring NAC for remote access allows you to modify the ACLs that NAC
configuration creates so that they will permit Cisco SDM traffic. Specify the hosts
that must be able to use Cisco SDM to access the router.

Enable Cisco SDM Remote Management

Check this box to enable Cisco SDM remote management on the named interface.

Host/Network Address Fields

If you want Cisco SDM to modify the ACL to allow Cisco SDM traffic from a
single host, choose Host Address and enter the IP address of a host. Choose
Network Address and enter the address of a network and a subnet mask to allow