70-7
Cisco ASA 5500 Series Configuration Guide using the CLI
Chapter70 Configuring Network Admission Control
Adding, Accessing, or Removing a NAC Policy
Refer to the following sections to create a NAC policy or modify one that is already present.
Adding, Accessing, or Removing a NAC Policy
Enter the following command to add or modify a NAC policy:
Step3 show nac-policy
Example:
asa2(config)# show nac-policy
nac-policy framework1 nac-framework
applied session count = 0
applied group-policy count = 2
group-policy list: GroupPolicy2 GroupPolicy1
nac-policy framework2 nac-framework is not in use.
asa2(config)#
Displays the assignment of NAC policies to group
policies.
Shows which NAC policies are unassigned and the
usage count for each NAC policy.
Step4 applied session count—Cumulative number of VPN
sessions to which this ASA applied the NAC policy.
applied group-policy count—Cumulative number of
group polices to which this ASA applied the NAC policy.
group-policy list—List of group policies to which this
NAC policy is assigned. In this case, the usage of a group
policy does not determine whether it appears in this list;
if the NAC policy is assigned to a group policy in the
running configuration, then the group policy appears in
this list.
Explains the fields in the show nac-policy command.
Note When a policy is not assigned to any group
policies, “is not in use” displays next to the
policy type.
Command Purpose