Subject: | |
From: | |
Reply To: | |
Date: | Thu, 12 Jul 2007 16:20:23 -0400 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
On Jul 12, 2007, at 4:13 PM, Mike Diggins wrote:
> I'm just about to change my Inband VG Clean Access (4.0.4) setup to
> use the VLAN mapping feature. In the new setup, I will need to pass
> traffic from both CAS network interfaces, through the same switch
> which necessitates the need to map the untrusted VLAN to a new
> trusted VLAN.
>
> Couple questions. On the MANAGED SUBNET tab there is a checkbox to
> "Enable subnet-based VLAN retag" which at first I thought was
> needed. Based on the documentation, this appears to serve a
> different purpose. Correct?
Correct. You need the managed subnets there for each VLAN, but you
do not need to enable the subnet based retagging.
>
> Are the only changes required on the CCA itself contained in the
> VLAN MAPPING tab (i.e. specify an untrusted and trusted VLAN tag),
> and check the 'Enable VLAN Mapping' box? Is there anything else
> required aside from a correct switch configuration?
Yes. I'm assuming that you already set up the user pages too?
>
> -Mike
Michael Grinnell
Network Security Administrator
The American University
|
|
|