I got 14 Secondary switches C2960 configured with a dot1x and aaa Radius, all authentication happend trought the radius.
My core switch C3750G is connected to all C2960 switches, to the Router and to My ISA/Proxy server.
I have a Guest_VLAN on all Secondary Switches C2960 . i want my Guest to be able only to internet.
I have only one subnet LAN 192.168.210/24.
My idee to create a new subnet 192.168.220/24 (only for routing purpose) with as gateway the isa server ip address.
Do i have to routing the new subnet to the isa server on the layer 3 switch?
Do i have to create alle guest vlan on all switches with the new subnet + gateway?
I want the authentication to radius with Domain computers since the user account reside on another domain.
What are the vendor attribute on the radius?