I am planning OOB L3 real IP deployment and have few questions:
1. After CAM decides to which vlan user will be redirected what protocol does it use to tell switch to set this vlan ? For this deployment i found only: http://www.cisco.com/en/US/docs/security/nac/appliance/configuration_guide/413/cas/s_L3oob.html but it's incomplete. There is not detailed explenation how it works. Could you suggest any other link ?
2. What types of rules are available for setting destination vlan ? I want to have many untrusted vlans and each of them should be mapped to specified trusted vlan (if user authenticates and validates)