Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

VLAN for CAS

Hi all

here is the scenario for cisco NAC if anyone have good solution please let me know.

we have plan to implement NAC in L2 in-band virtual gateway (for wireless) and L2 Out-of-band virtual gateway (for wired). for in-band there are 4 different different vlans for untrusted and trusted vlan, and for OOB one untrusted vlan and 4 trusted vlan. since this design is virtual gateway mode, both trusted and untrusted interface has same ip address. So in which vlan should we put the CAS?

Thank you

1 ACCEPTED SOLUTION

Accepted Solutions

Re: VLAN for CAS

Hi,

CAS management VLAN should be separate from any of the user VLANs that you're mapping through it, so if you don't have one created for the management of the CAS, create one, and use that.

HTH,

Faisal

4 REPLIES

Re: VLAN for CAS

Hi,

Your question doesn't signify whether you have one or two CASs. If one, then you can't do IB and OOB on the same CAS. If two, then you would put the CAS's trusted interface on the trusted VLAN, and the untrusted interface as a trunk to which you will allow all the untrusted VLANs. This is valid for both the IB and OOB CASs.

HTH,

Faisal

New Member

Re: VLAN for CAS

Hi Faisal,

Thank you very much for response.

yes we have 2 CAS one for in-band mode and another is for oob mode. As you told me that we have to put trusted port (etho) into trusted vlan but we have 4 vlans, so among them which vlan will me appropriate for cas trusted port ?

thank you

Re: VLAN for CAS

Hi,

CAS management VLAN should be separate from any of the user VLANs that you're mapping through it, so if you don't have one created for the management of the CAS, create one, and use that.

HTH,

Faisal

New Member

Re: VLAN for CAS

hi Faisal,

Thank you for your answer.

305
Views
0
Helpful
4
Replies
CreatePlease login to create content