1. Enable the End-System Distributed Cache on both NetSight server and NAC
1. Click Tools> Options> NAC Manager>
2. Click Advanced Setting
3. Check “Enable distributed end-system cache”.
4. Restart the server.
1. Click NAC appliance on the tree
2. Click view
in NAC Manager
3. Click the Configuration tab in the right pane .
4. Click on Advanced Configuration
5. Check “Enable distributed end-system cache”.
6. Enforce the NAC appliance
II. Configure the DHCP server to return 2 DNS server IP’s to clients
Primary DNS=real DNS Server IP address,
secondary DNS=NAC Gateway’s IP address.
III. enable DNS Proxy on appliance by editing the “/opt/nac/server/config/config.properties” file and un-commenting the “DNS_PROXY_ENABLE=true” line.
4. Restart dnsProxy process on NAC appliance (
5. Configure the unregistered policy or ACL to “deny” DNS access to the Primary (real) DNS
server. This is so the client will try the Secondary IP, which is the NAC gateway.