Hello there! I'm stuck and need your help please.

I have installed NAC Server (ver 4.5(1). I'm deploying OOB VG. I've connected both CAS and CAM on a 6506 Cisco switch. My problem is that i can reach the CAM but cant reach the CAS.

Below are some configs:

CAS ETH0 IP:10.1.1.250/29

CAS ETH1 IP:10.1.1.251/29

Gateway :10.1.1.249/29

ON CAS:

[root@XX-CAS01 ~]# ifconfig

eth0 Link encap:Ethernet HWaddr 00:1C:C4:10:E8:06

inet addr:10.1.1.250 Bcast:10.1.1.255 Mask:255.255.255.248

UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1

RX packets:3064 errors:0 dropped:0 overruns:0 frame:0

TX packets:1459 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:1000

RX bytes:326115 (318.4 KiB) TX bytes:93376 (91.1 KiB)

Interrupt:11

[root@xx-CAS01 ~]# netstat -rn

Kernel IP routing table

Destination Gateway Genmask Flags MSS Window irtt Iface

10.1.1.248 0.0.0.0 255.255.255.248 U 0 0 0 fake0

10.1.1.248 0.0.0.0 255.255.255.248 U 0 0 0 fake1

0.0.0.0 10.1.1.249 0.0.0.0 UG 0 0 0 fake0

[root@xx-CAS01 ~]# ping 10.1.1.250

PING 10.1.1.250 (10.1.1.250) 56(84) bytes of data.

64 bytes from 10.1.1.250: icmp_seq=1 ttl=64 time=0.011 ms

64 bytes from 10.1.1.250: icmp_seq=2 ttl=64 time=0.010 ms

64 bytes from 10.1.1.250: icmp_seq=3 ttl=64 time=0.012 ms

But cant ping 10.1.1.249

[root@xx-CAS01 ~]# tracepath 10.1.1.249

1: xx-CAS01 (10.1.1.250) 0.089ms pmtu 1500

1: no reply

2: no reply

ON the Cisco switch

interface GigabitEthernet1/42

description NAC Server Eth0 - Trusted Interface

switchport

switchport trunk encapsulation dot1q

switchport trunk native vlan 998

switchport trunk allowed vlan 100,101

switchport mode trunk

GigabitEthernet1/42 is up, line protocol is up (connected)

Hardware is C6k 1000Mb 802.3, address is 0023.334e.c169 (bia 0023.334e.c169)

Description: NAC Server Eth0 - Trusted Interface

MTU 1500 bytes, BW 1000000 Kbit, DLY 10 usec,

reliability 255/255, txload 1/255, rxload 1/255

Encapsulation ARPA, loopback not set

Keepalive set (10 sec)

Full-duplex, 1000Mb/s, media type is 10/100/1000BaseT

input flow-control is off, output flow-control is off

Clock mode is auto

ARP type: ARPA, ARP Timeout 04:00:00

Last input never, output 00:00:50, output hang never

Last clearing of "show interface" counters never

Input queue: 0/2000/44/0 (size/max/drops/flushes); Total output drops: 0

Queueing strategy: fifo

Output queue: 0/40 (size/max)

5 minute input rate 1000 bits/sec, 3 packets/sec

5 minute output rate 13000 bits/sec, 20 packets/sec

720426 packets input, 46358725 bytes, 0 no buffer

Received 716545 broadcasts (0 multicasts)

0 runts, 0 giants, 0 throttles

4 input errors, 0 CRC, 0 frame, 40 overrun, 0 ignored

0 watchdog, 0 multicast, 0 pause input

0 input packets with dribble condition detected

5564875 packets output, 462967399 bytes, 0 underruns

0 output errors, 0 collisions, 3 interface resets

0 babbles, 0 late collision, 0 deferred

0 lost carrier, 0 no carrier, 0 PAUSE output

0 output buffer failures, 0 output buffers swapped out

6506-02#ping 10.1.1.249

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.1.1.249, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/4 ms

6506-02#ping 10.1.1.250

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.1.1.250, timeout is 2 seconds:

.....

Success rate is 0 percent (0/5)

interface Vlan101

description NAC SERVER

ip address 10.1.1.249 255.255.255.248

interface Vlan100

description NAC-MANAGER

ip address 10.1.1.241 255.255.255.248

Please assist.

regards,

Stanslaus.