You know, they say that you can't mix them, but at least in my case I  
was able to (by accident).  3.5.4, relatively new install, Perfigo  
style key + 1 FlexLM key.  I wouldn't recommend trying it though.   
Your experiences may vary.

On the subject of the original topic, we had some problems like you  
described with some users not getting the login page when they  
should, while other, logged in users, were blocked (page cannot be  
found) for no apparent reason.  Rebooting seemed to help for a  
while.  After a week or two of that, for some reason they seem to  
have "fixed" themselves.   This was a 3.4.3 install, immediately  
upgraded to 3.5.2, and then to 3.5.4

Michael Grinnell
Network Security Administrator
The American University
e-mail: [log in to unmask]

On Sep 7, 2005, at 5:04 PM, Ryan Dorman wrote:

> Yes, when we originally moved from Perfigo to Cisco releases we had  
> all sorts of issues.  Try backing up your database and reinstalling  
> from ISO's that's what i eventually did.  Bear in mind if you have  
> more then one CAS you cant' mix Perfigo-style license keys and  
> FlexLM keys, you will have to open a TAC case to get a new Perfigo  
> style key allowing more then one server.
>
> Ryan Dorman, CCNP
> Network Communications Specialist
> Millersville University
> 717.871.5883
> [log in to unmask]
>
>
> On Sep 7, 2005, at 4:40 PM, Lanstein, Alex C wrote:
>
>
>> Has anyone out there upgraded to CCA 3.5.4 that ORIGINALLY started  
>> with the first product from Perfigo? (back when the client was  
>> called 'cleanmachines', and not 'smartenforcer')  We upgraded to  
>> 3.5.4 and since then it's been very flaky.  Filters dont work,  
>> either by mac or subnet, and about 10% (and growing) of the  
>> computer are not redirected to the login page.  They can go to the  
>> site manually, but nothing else.  If they have the client manually  
>> installed they can login fine and be scanned, but they still wont  
>> be able to get to any site.  We're running it in virtual-ip mode.
>>
>> Anyone else seeing a similar issue?
>>
>> -----Original Message-----
>> From: Perfigo SecureSmart and CleanMachines Discussion List on  
>> behalf of Simon Bell
>> Sent: Wed 9/7/2005 4:38 PM
>> To: [log in to unmask]
>> Subject: Re: Multiple gateways?
>>
>> If you're running just one CAS I don't know a way, however if you  
>> have more than one CAS I'd do it like this:
>>
>> Group the VLANs based on desired gateway on each CAS. Place the  
>> trusted interface for each CAS in a VLAN built with the desired  
>> gateway. But it sounds like you want to route the VLANs on the  
>> actual CAS. I wonder if you set "pass through VLAN ID to managed  
>> network" if you could then route the data based on the VLAN tagging.
>>
>> Simon
>>
>>
>>>>> [log in to unmask] 9/7/2005 4:11:26 PM >>>
>>>>>
>>>>>
>> How about Option C?
>>
>> VLAN 1,3, and 5 goto router 192.1.1.1 routes out over one ISP
>> VLAN 2,4, and 6 goto router 192.2.2.2  (example IP's) routes out over
>> another ISP
>>
>>
>>
>>> -----Original Message-----
>>> From: Perfigo SecureSmart and CleanMachines Discussion List
>>> [mailto:[log in to unmask]] On Behalf Of Simon Bell
>>> Sent: Wednesday, September 07, 2005 4:07 PM
>>> To: [log in to unmask]
>>> Subject: Re: Mulitple gateways?
>>>
>>> Just to clarify:
>>>
>>> Do you want to add another Managed Subnet? Or do are you
>>> looking to have VLAN 1 2 and 3 go to port FA0/1 and VLAN 3 4
>>> and 5 goto FA0/2?
>>>
>>> simon
>>>
>>>
>>>
>>>>>> [log in to unmask] 9/7/2005 2:28:01 PM >>>
>>>>>>
>>>>>>
>>> We're running our CAS in Real-IP Gateway.
>>>
>>> We have a few VLAN's terminating on the CAS. Currently, they
>>> all goto one default gateway.
>>>
>>> Is it possible to have a single VLAN (or two or three) go to
>>> a different gateway?  We need to alternate route "Some" but
>>> not ALL of the traffic over a different link.
>>>
>>>
>>
>