I should deploy a NAC solution consisting in a CAS, a CAM and a Guest Mgr to provide wi-fi guest access to an organization. Every server is a NAC3310 appliance.
All components of the solution are going to be deployed entirely in an extranet area, isolated from the corporate intranet. The network administrator, located in the intranet, should access the CAM console for management purposes. Therefore, one possibility could be to deploy a firewall between the intranet and the extranet trusted side where the CAM and CAS are located to allow him to access the web consoles.
According with the documentation, the eth0 interface for both the CAS and the CAM should be wired to the trusted network.
My question is: Provided that the NAC appliance 3310 is equipped with four RJ-45 eth interfaces, can I take advantage of another currently unused CAM or CAS appliance eth interface for management purposes only?
Therefore, by using an additional eth interface of the CAS and CAM directly connected in the intranet side would be the easier way to gain access to them from the intranet side for management purposes.