CAS Network Setup

Unanswered Question
Dec 7th, 2007

Hi,

I am trying to setup a test network for 2 cas's, 1 failover bundle and 1 cam. In Band - VG I have a 3550 and 2960. Right now I have 3550 L3 trunked through fiber to the 2960. I have all the cas's, cam and dns server on the 2960. I have client on 3550. I can get dhcp on the 3550 and the http traffic is intercepted by the cas and I am made to login. I can not get any dns to work. I have the dns on vlan2. I have an untrussted vlan 22. I have trusted vlan 122. Plugging directly to vlan 122 I can route to vlan 2. But once cas takes over as managed, routing no longer works. I have added full access to the dns server in the un auth policy. Still nada. No access lists. I have setup span to try to debug but thought there might be a quick no way you can't do that. I have a feeling this is being caught up by some caveat. Maybe these

http://www.cisco.com/en/US/docs/security/nac/appliance/support_guide/switch_spt.html#wp40555

http://www.cisco.com/en/US/docs/security/nac/appliance/support_guide/switch_spt.html#wp40432

I was under the impression I could not connect the cas to the 3550 but is that truly the case? If I can then sounds like problem solved maybe. The production setup will have cas's and cam on core 4500.

Thanks

Ben

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.

Actions

This Discussion