How to set up Lab Machines for use with MetaAccess NAC?

When using MetaAccess NAC in a lab environment, an individual user’s identity can be easily captured. MetaAccess NAC is versatile enough to work in most every situation for both AD/LDAP users and guest users. When using MetaAccess NAC in a lab environment, the following best practices should be observed.

Step-by-step guide

Windows and Mac Domain Machines

A policy group that includes the Domain attribute should be created for these machines.
1. SafeConnect authentication should be set to every login.
2. The Policy Key must be pre-deployed to distinguish these machines from non-domain machines, -OR- the ADConnector must be installed on all domain controllers.
3. Users must log out of the desktop when they finish.
4. For guest users (optional), a local machine account should be created for guests to get to the desktop. Once logged in, the guest user will need to go through the self-registration process, log in to MetaAccess NAC using a sponsored guest account, or use the one-click anonymous access method to gain network access. A startup script can easily be added to the local machine account to open a web browser to the appropriate MetaAccess NAC page.

All other devices

If these devices are in a dedicated VLAN, the IP range for that VLAN should be configured as the qualifiers. If these devices are not in a dedicated VLAN, a policy group that includes MAC addresses for the lab machines should be created.
1. MetaAccess NAC authentication should be set to every login. * A link to the logout page (https://portal.myweblogon.com:8443/html/logout.htm) will need to be placed on the desktop/home screen.
2. Users will need to use the log out link to log out of SafeConnect when they are done.
3. Guest users (optional) will need to go through the self-registration process, log in to MetaAccess NAC using a sponsored guest account, or use the one-click anonymous access method to gain network access.

Last updated on

Was this page helpful?