 
| Subject: | |
| From: | |
| Reply To: | |
| Date: | Wed, 15 Nov 2006 06:56:54 -0700 |
| Content-Type: | text/plain |
| Parts/Attachments: |
|
|
We could not get it to hand out DHCP addresses with the iphelpers
without a managed subnet.
And we have checked and unchecked the active control but don't see any
difference in the login page to logging and no error
L3 is checked in the CAS
Dave P
-----Original Message-----
From: Cisco Clean Access Users and Administrators
[mailto:[log in to unmask]] On Behalf Of Rajesh Nair
(rajnair)
Sent: Tuesday, November 14, 2006 7:09 PM
To: [log in to unmask]
Subject: Re: MultiHop L3 CCA Deployments
Dave,
- For L3, you should only have static routes (managed subnets are only
for L2 deployments).
- What happens when you enable the ActiveX/Applet on the login page?
Does the user see an error?
-Rajesh.
-----Original Message-----
From: Cisco Clean Access Users and Administrators
[mailto:[log in to unmask]] On Behalf Of Dave Packham
Sent: Tuesday, November 14, 2006 1:21 PM
To: [log in to unmask]
Subject: Re: MultiHop L3 CCA Deployments
we are doing the L3 jig here at Utah and there are some gotchas.
This might all be different when using the heavy client which we don't
use...
For Example
No mac address in the logs or web UI about the user from when he
authenticated (at least that we can find) I wish cisco could lookup that
mac info from the DHCP lease file they just gave that user/ip
You have to add the managed subnets and the static routes in a certain
order and cannot modify them without removing them in the proper reverse
order.
You can use the CAS as a DHCP server with iphelper config on the client
side switches.
MPLS is a headache getting vlans/VRF's to the CAS trust side for egress
vlan retagging.
I can't seem to get the active/java sctipt mac address code to work with
the auth page.
Call me sometime and we can talk if you want to
801-587-0907
Dave Packham
U of Utah
-----Original Message-----
From: Cisco Clean Access Users and Administrators
[mailto:[log in to unmask]] On Behalf Of Sidney Eaton
Sent: Tuesday, November 14, 2006 1:33 PM
To: [log in to unmask]
Subject: MultiHop L3 CCA Deployments
Is anyone doing multihop L3 deployments and would be willing to share
their experiences in implementing. Also want to know if anyone is only
redirecting student outbound traffic through CCA and inbound (return
traffic) doesn't go through CCA. Oh and this is and inline
implementation. Also for those that don't do you guys run a seperate
line out to the edge for clean access in a mixed clean access/non clean
access enviroment. Drawings are greatly appreciated.
Sincerely,
Sidney Eaton
Network Technician/Programmer
Ferris State University
205 West Building
Big Rapids, Mi 49307
(231) 591-5388
For Support Call (231) 591-4822 or www.ferris.edu/tac
|
|
|
