here is the scenario for cisco NAC if anyone have good solution please let me know.
we have plan to implement NAC in L2 in-band virtual gateway (for wireless) and L2 Out-of-band virtual gateway (for wired). for in-band there are 4 different different vlans for untrusted and trusted vlan, and for OOB one untrusted vlan and 4 trusted vlan. since this design is virtual gateway mode, both trusted and untrusted interface has same ip address. So in which vlan should we put the CAS?
CAS management VLAN should be separate from any of the user VLANs that you're mapping through it, so if you don't have one created for the management of the CAS, create one, and use that.