Reset Search
 

 

Article

Do Route-Maps Need to be Configured on All Routers in the Datapath to Redirect Traffic to a Content Filter or the Default Portal in NAC

« Go Back

Information

 
TitleDo Route-Maps Need to be Configured on All Routers in the Datapath to Redirect Traffic to a Content Filter or the Default Portal in NAC
Question
Does PBR need to be configured on all routers in a NAC network design?

 
Environment
  • NAC 
  • ExtremeControl
  • Content Filter
  • PBR
  • Layer three redirect
  • WebSense (Network Filter Server)

 
Answer
  • All routers handling traffic from clients needing to be registered before accessing network resources - (client internet access for example) will need to be configured with PBR.   
  • PBR configuration changes the router's logic used in the choice of a next-hop, not the IP address in the packet.  PBR operation for NAC redirect is normally limited to preempting a routing table based ('normal') next hop decision.
  • Specifically:  To which next hop mac address should this router forward client traffic as it forwards toward the registration portal or content filter.
  • The next hop router will need to make the same evaluation upon receipt of the client traffic to forward  the packet another hop closer toward the portal or content filter.
Additional notes

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255