Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
304
Views
0
Helpful
2
Replies

NAC In-Band Configuration

refram
Level 3
Level 3

‎11-19-2006 12:59 PM

Now, I have one other issue. I can get an Out-Of-Band configuration working, but I can't get an In-Band configuration working.

My current setup is with a workstation connecting to a switch. The workstation is in vlan 3. The switch also connects to the public interface of the NAS which is also in vlan 3. The private interface of the NAS is using the same IP as the public interface. The private interface is in vlan 2. I have mapped vlan 3 to vlan 2 in the administration console. The NAM is in a different subnet from the NAS. There is a multilayer switch connecting the vlan with the NAS and the vlan with the NAM to a vlan with a firewall out of our building. I have configured the NAS as a virtual gateway. I have made sure that the role that I'm using allows me to pass any type of traffic.

If I am at the workstation pinging the NAS, my NAA window pops up and I have to log in. I can ping the NAS successfully. When I look at the administration console, I see that my user has authenticated. From the NAS I can ping the multilayer switch and my outside workstation. However, when I'm at the outside station, I can't get past the NAS into the private part of the network.

Like I say, it's working with Out-of-Band, it's just not working with In-Band, and I want to use In-Band, darnit! What the heck could I be missing?

Labels:
0 Helpful
2 Replies 2

refram
Level 3
Level 3

‎11-19-2006 02:30 PM

OK, I just tried making the NAS a Real-IP Gateway. I gave it two different IPs. I enabled L3 Support. I logged in from my outside workstation. From that workstation, I can ping the public interface of the NAS and the private interface of the NAS, but I can't ping the interface on the multilayer switch connected to the private interface of the NAS. I can ping the interface of the switch from the NAS itself. I can ping my outside workstation from the NAS itself. If I go to the multilayer switch I can ping the private interface of the NAS, but not the public one. I checked on the administrator console, and I really am logged in. Does this cause any bells to go off in anyone's head?

0 Helpful

benneeb0y
Level 1
Level 1
In response to refram

‎12-04-2007 06:27 PM

I know this is an old post but I have a 4.1 install with the same problem. Does any one have a solution?

Thanks

0 Helpful
Customers Also Viewed These Support Documents