sachinraja Wed, 01/07/2009 - 11:40
User Badges:
  • Red, 2250 points or more

Hello pritam

Depending on where the CAS is going to be used, you can configure it as IB or OOB ! There are no specific rules for configuring these, but in some situations, one of these setups would work well.. some kinda best practices types.. So, if you see the placement of CAS in a network, they are as given below:

1) LAN CAS - Good to configure this Out of Band, with dummy vlan concept and VLAN mapping done. after authentication, the client bypasses the CAS. Can be used in situations where there are many L2 VLANs aggregating on the core switch

2) VPN CAS - normally be configured as IB, but depending on the VPN device and how it is positioned, this can vary.. Since it is on Layer 3, you might need to enable L3 forwarding in such CAS boxes.. normally use real ip gateways..

3) WAN CAS - CAS connecting to say external MPLS network.. This is similar to VPN CAS.. can be IB or OOB, but most of them do IB.. real ip gateways..

4) Wirelss CAS - normally exists on the way between the WLC and the switch.. Can be Layer 2/3 OOB, like the LAN CAS. There are documents in CCO, which can explain this..

CAM is a dedicated hardware which is normally placed in the management VLAN.. this should just have IP reachability to the CAS E0 interface, where IP addresses are defined.. Once IP is reachable, the CAS is shown as "connected" on the CAM.. In the CAM, you define the CAS, as IB, real ip/VIP gateway, etc..

Hope this helps.. all the best..



This Discussion