On Thu, May 7, 2009 at 10:39 AM, Diego Cossetta <[email protected]>wrote:
> Hi guys! Hi Diego > After reading the docs you suggested (thx a lot for the advices), we > almost implemented 90% of the new wireless IB-VG NAC infrastructure. > > And now the questions/doubts: > > - the Aironet 1232 access point is connected to Cisco 2960 switch by a > trunked link (required to pass all VLANs managed by AP): how have we to > configure the Cisco 2960 port under NAC? Has it to be an uncontrolled or > a controlled/profiled port? This last option seems to be problematic, > considering that NAC/CAS require a VLAN associated to the controlled > port, and if the port in trunk we'd got a trunked port associated to a > specific native VLAN > This sounds like you are mixing implementation types. You do NOT specify ports in IN-VG mode. You only do this in OOB mode. In-Band mode works by having the routing interface (the default gateway) be the CAS server. There is no VLAN switching on the port itself. > > - we need to managed different NAC controlled networks/VLAN: have we to > add all of them to CAS configuration (as managed networks/VLAN mapping) > as we've already done, That is correct. INBAND does not do any VLAN switching. Mike
