CLEANACCESS Archives

September 2005

CLEANACCESS@LISTSERV.MIAMIOH.EDU
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Re: Edge switches disappear behind CleanAccess?
From:
ken whittaker <[log in to unmask]>
Reply To:
Perfigo SecureSmart and CleanMachines Discussion List <[log in to unmask]>
Date:
Thu, 1 Sep 2005 09:09:03 -0400
Content-Type:
text/plain
Parts/Attachments:
text/plain (74 lines) 
    We created a VLAN just for the switches .. It's not part of CCA so
    it does not take up any address space of the CCA vlan  ... Works well ..
    
Ken Whittaker
Network Manager
Information Technology Group

Keene State College
229 Main St
Keene NH, 03435

Voice:      603.358.2537
Fax:         603.358.2780

> From: Benjamin McDonald <[log in to unmask]>
> Reply-To: Perfigo SecureSmart and CleanMachines Discussion List
> <[log in to unmask]>
> Date: Thu, 1 Sep 2005 08:56:26 -0400
> To: <[log in to unmask]>
> Subject: Re: Edge switches disappear behind CleanAccess?
> 
> We've just been adding the switch's MAC address to the device filter.
> 
> Benjamin McDonald
> Information Systems Coordinator
> George Washington University
> W: 202.994.3934
> C: 202.207.4112
> 
> 
> 
> Kurt Huenemann wrote:
> 
>> Dear Perfigo/CCA users,
>> 
>> We've had a very successful rollout of CleanAccess 3.5.4 at Heidelberg
>> College this fall.  I hope one of you can help with an odd "side-effect"
>> that I hope to resolve....
>> 
>> We have Cisco 3550 switches in the Res Halls, and they each have an IP
>> address in the same VLAN as the student residents.  Once we turn over
>> control of that VLAN to the CleanAccess server, we can no longer
>> ping/telnet/browse to those edge switches from anywhere outside the
>> managed
>> VLAN.
>> 
>> Cisco TAC suggested that I add those switches' IP addresses to the CCA
>> Manager via CCA.Servers>>Filters>>Subnets with a /32 mask and "Allow"
>> which
>> I have done.  This sounds like it should work, but there is no change in
>> behavior.
>> 
>> How are you addressing your edge devices so they can still be
>> seen/managed
>> from the core or elsewhere on your network?
>> 
>> Thanks, in advance, for your suggestions.
>> 
>> Kurt
>> 
>> ____________________________________________________
>> Kurt E. Huenemann '83
>> Assoc. Director of Information Technology
>> Asst. Professor of Computer Science
>> Heidelberg College
>> 310 East Market Street
>> Tiffin, OH 44883
>> 
>> Internet: [log in to unmask]
>> Fax:      419-448-2176
>> Voice:    419-448-2351
>> ____________________________________________________
>>

ATOM RSS1 RSS2