Iam in the middle of design of NAC OOB Virtual Gateway.
I have the following doubts regading the placement of NAC Server to my existing Network
I have two Core ( redundancy -HSRP ) running VTP & 25 Edge Switches ( VTP Client )
According to CISCO , we can place NAC Server either in the Core or distribution Switches only , not on the edge switches, in OOB Virtual Gateway deployment.
But currently my existing core switches is not having copper connectivity, customer don't want to invest on core switches.
so I have to forcefully move the NAC server to one of the EDge Switches with both interfaces ( trusted & untrusted ) connected to same Edge switch, but CISCO is not recommending to do so in NAC OOB VG Deployment.
I need to know why we cannot place NAC server at one of the Edge Switches. ( NAC OOB VG Deployment ) , what are the issues behind that ?
One more thing is that , as my Network is running VTP , what are the things to be consider during the design of NAC OOB VG Deplyment.
Iam attaching the Network Diagram, Please go through that.
Expecting your valuable suggestions.