Hi to All,
I would like to ask some help for my nac appliance. Currently im setting up the nac appliance. I just having trouble what ip address should I use for the managed subnet. I have setup trusted vlan as it is existing in our network but what about the untrusted vlan? Should i make new ip addresses for it and put it in the untrusted? I dont know if made it correct but I cannot get an ip address everytime i change the switchport to port profile I made. Please can you guys help me i just need to know it for my project. thanks.
For DHCP to work you need the managed subnets (which you have), VLAN mapping (which you have) and absolutely no L3 SVIs for your unauthenticated VLANs, so make sure that on all your L3 devices there are no VLAN interfaces for VLAN 100 or 200. Then make sure that the VLAN 100/200 are trunked to the untrusted interface, and VLAN 10/20 are trunked to the trusted interface of the CAS.
If you haven't rebooted your CAS after making these managed subnet and/or VLAN mapping changes, suggest you reboot it too, and then test.
This looks correct - assuming that 10.1.10 and 10.1.20 are the IP subnets associated with VLAN 10 and 20.
Do you have VLANs 100 and 200 trunked to your untrusted interface of your CAS?