Alex,

It sounds like the client (agent or otherwise) is not able to do https
to the CAS.  Can you check the CAS cert?  Also, make sure that the
client can reach the CAS (i.e. IP connectivity - can it ping? ARP? Etc.)

-Rajesh. 

-----Original Message-----
From: Perfigo SecureSmart and CleanMachines Discussion List
[mailto:[log in to unmask]] On Behalf Of Lanstein, Alex C
Sent: Thursday, August 24, 2006 8:43 AM
To: [log in to unmask]
Subject: client/server communication

Yup, "that guy" again.

OK, in the course of the last few hours we've got it so that a computer
get an IP when the port is on the auth vlan (OOB setup) and that the
agent will pop up automagically.  When we try to login we get the "timed
out" message 12002.  If I connect with an old client, it tells me that
the client is out of date and that I should update to the new version.
When I try to do that i get that same "timed out" issue.  I'd assume its
related to incorrect routes.

My question is this:

What, via a layer 3 connection, do the clients need to be able to
connect to?  Should I be able to ssh to the cas (ignoring firewall
rules) on the trusted, untrusted, or both interfaces?  I am under the
understanding that never in any way shape or form do the clients need to
be able to talk to the cam.

While we're on the topic, the cas should be able to, through the default
route, ssh/ping to a client?  It should also be able to telnet to any of
the switches?

Just trying to get the communication credentials/routes right so that we
know its a configuration issue.

Alex