LISTSERV - CLEANACCESS Archives - LISTSERV.MIAMIOH.EDU

CLEANACCESS Archives

August 2006

CLEANACCESS@LISTSERV.MIAMIOH.EDU

	LISTSERV Archives
	CLEANACCESS Home
	CLEANACCESS August 2006

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	OOB VG problem
From:	"Nagle, Benjamin D" <[log in to unmask]>
Reply To:	Perfigo SecureSmart and CleanMachines Discussion List <[log in to unmask]>
Date:	Wed, 16 Aug 2006 09:29:27 -0400
Content-Type:	text/plain
Parts/Attachments:	text/plain (73 lines)

I'm trying to get an OOB VG CAS working properly.  It works sometimes
and then others it appears to not want to pass ANY traffic.  Even if I
give myself a static IP I can't get anywhere and all I get is "Page
Cannot Be Displayed" (no redirect to the CAM).  I can telnet to the CAS
and I can still manage it from the CAM, but it isn't passing traffic
from the clients (not even DHCP passthrough).  I've set the appliance's
NIC to "Side-Band NIC" (CSCse95221) and that solved the problem I was
having with loosing my connection to the CAS completely, but it still
doesn't want to pass traffic from the dirty to clean side.  My
configuration is as follows:
------------------
CAM:
206.180.208.86 (VLAN 32)

CAS: 172.16.246.127 (VLAN 246)
NETWORK TAB:
Out of Band Virtual Gateway
Trusted:
IP:  172.16.246.127
Sub: 255.255.254.0
Gate: 172.16.246.1
Set Management VLAN ID = 246
 
Untrusted:
ip: 172.16.246.127
Sub: 255.255.254.0
Gate: 172.16.246.1
 
DHCP Passthrough
 
ADVANCED TAB:
MANGAGED SUBNETS:
172.16.246.127/255.255.254.0 - Main Subnet (-1)
10.1.8.10/255.255.255.0 TEST 1 (Vlan 71)
10.1.10.10/255.255.255.0 TEST 2 (VLAN 83)
 
VLAN MAPPING:
171/71
183/83
 
6509 CONFIG:
CLEAN INTERFACE:
 description CCA-CAS-OoB-CLEAN
 switchport
 switchport trunk native vlan 998
 switchport trunk allowed vlan 71,83,246
 switchport mode trunk
 no ip address
 
DIRTY INTERFACE:
 description CCA-CAS-OoB-DIRTY
 switchport
 switchport trunk native vlan 999
 switchport trunk allowed vlan 171,183
 switchport mode trunk
 no ip address

The only place the DIRTY vlans show up is on the switch, CAS, and in the
VLAN list on the 6509:
171  VLAN0171                         active
183  VLAN0183                         active  
----------------------
Sorry if this doesn't make sense I'm at my wits end with this thing and
my 11lb sledge keeps calling my name.  I'd really appreaciate it if
anybody has any suggestions.
 
Ben
 
___________________________________________________________
Benjamin Nagle, Network Administrator 
Gannon University, Erie, PA 16541 http://www.gannon.edu/its
EMAIL: [log in to unmask], PHONE: 814-871-7440, FAX: 814-871-5560

ATOM RSS1 RSS2

LISTSERV.MIAMIOH.EDU