16.07.2013 04:21, Dale Shaw wrote:
The desktop/end-user folks are looking at using Microsoft's MED-V
platform to support legacy apps on a new Windows 7-based SOE. From
what I can tell, MED-V is basically an instance of Windows XP running
in Virtual PC.
The desktop guys are telling me that dot1q-tagging the traffic from
the VM isn't supported, nor can they cope operationally with NAT
between the guest and host, so I'm looking at other options for
separating this traffic, if for no other reason than to avoid the need
to re-design the IP addressing plan to support larger subnets.
Looks like you rather need MAC-based VLAN, not filter-based.
http://www.juniper.net/techpubs/en_US/junos12.2/topics/task/configuration/authentication-static-mac-bypass-ex-series-cli.html
(Despite the config stanza, it has virtually nothing to do with the 802.1X.)
Note, you can set a mask length for MACs, that will match all VMs with a
single config line. Or you can make EX to ask RADIUS for a VLAN-ID of a
given MAC.
_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
