On Thu, 12 Jul 2007, Michael Grinnell wrote:

> On Jul 12, 2007, at 4:13 PM, Mike Diggins wrote:
>
>> I'm just about to change my Inband VG Clean Access (4.0.4) setup to use the 
>> VLAN mapping feature. In the new setup, I will need to pass traffic from 
>> both CAS network interfaces, through the same switch which necessitates the 
>> need to map the untrusted VLAN to a new trusted VLAN.
>> 
>> Couple questions. On the MANAGED SUBNET tab there is a checkbox to "Enable 
>> subnet-based VLAN retag" which at first I thought was needed. Based on the 
>> documentation, this appears to serve a different purpose. Correct?
>
> Correct.  You need the managed subnets there for each VLAN, but you do not 
> need to enable the subnet based retagging.
>
>> 
>> Are the only changes required on the CCA itself contained in the VLAN 
>> MAPPING tab (i.e. specify an untrusted and trusted VLAN tag), and check the 
>> 'Enable VLAN Mapping' box? Is there anything else required aside from a 
>> correct switch configuration?
>
> Yes.  I'm assuming that you already set up the user pages too?

Thanks for the reply. I have just a single Login page defined for all 
VLAN's, so the vlan and subnet are just a wildcard (*) match.


-Mike