Yup it's the VLAN Change Detection kicking in. You can stop that by
adding "VlanDetectInterval value 0" to the settings.plist file and
restarting the agent, but disabling that feature may have an impact
with on-campus stuff depending on your setup.

For the OP, check out caveat CSCsl75403 under the 4.7.2 release notes
(http://www.cisco.com/en/US/docs/security/nac/appliance/release_notes/47/47rn.html)
, might be what you are running into.

--Jeremy

On Fri, Mar 12, 2010 at 22:26, Helvetiella Longoria <[log in to unmask]> wrote:
> We ran into a similar problem with the MAC clean access agent when
> connecting to the VPN.  We called  TAC and it was bug on the MAC Clean
> Access agent which has not been fixed.  It appears that the VLAN detection
> module on the MAC Clean Access Agent clears the ARP table which was causing
> the VPN client to disconnect and reconnect.
> On Mar 12, 2010, at 9:59 PM, Don Click wrote:
>
> we dont see that, but something related - after our mac users login, NAC
> launched, logged them in, then "cycled" - keeps disconnecting and
> reconnecting them to the vlan.. very strange.
>
>
> From: Cisco Clean Access Users and Administrators
> [mailto:[log in to unmask]] On Behalf Of Lane Clark
> Sent: Friday, March 12, 2010 2:39 PM
> To: [log in to unmask]
> Subject: Cellular Wireless Cards
>
> Hello All,
>
> We have come across a problem with cellular cards and NAC.  Cards from AT&T
> and T-Mobile running especially on MAC OS 10.6 do not work.  The MAC is able
> to login into the VPN fine but then the NAC agent does not launch and run
> the posture assessment.  Have any of you had any experience with this?  We
> have opened a case with Cisco but the tech seems stumped.
>
> Thanks.
>
> Lane
>
> Helvetiella Longoria
> Lead Network Security & Systems Engineer
> Division of Information Technology
> Network Engineering & Telecommunications PC530
> Florida International University
> Miami, FL 33199
> Tel. 305-348-3591 Fax. 305-348-4057
>
>
>