Support User Manuals

Enterasys Networks 2S4082-25-SYS Switch User Manual

Open as PDF

of 108

General Management Considerations

6-4 Initializing the NAC Controller

–TheNACControllerEnginemanagementIPaddressisusedformanagementtraffic

generatedfromtheNACControllerEngine,andtheNACControllerEngineremediation

IPaddressusedtoruntheremediationwebserver.

–TheNACControllerEngineremediationIPaddress,mask,anddefaultgatewaymust

belongtothesubnetthatspans

thedownstreamandupstreamrouters.

–TheNACControllerEnginemanagementIPaddressalongwithamaskisassignedtothe

10/100Ethernetport.Therefore,the10/100Ethernetportmustbeconnectedintothe

topologywithaseparatephysicallinkontothemanagementVLAN.Nodefaultgateway

isassignedtothemanagement

IPaddress.

–TheNACControllerEnginemanagementIPaddressandNACControllerPEPIP

addresses,masks,andgatewaymustbepartofthesamesubnet,andnotonthesubnet

thatspanstheupstreamanddownstreamrouterswhichcarriesdatatraffic.

–AmanagementVLANIDmustbespecified.Allmanagementtraffic

sourcedfromthe

NACControllerPEPegressestheupstreamanddownstreamportsoftheNACController

taggedtothemanagementVLAN.Therefore,theupstreamanddownstreamrouters

mustbeconfiguredto802.1QVLANtrunkthemanagementVLANtotheNAC

Controller.

–TheNetSightmanagementserverIPaddressshouldbeconfiguredon

thesamesubnetas

theNACControllerEngineandNACControllerPEPIPaddresses.Otherwise,

managementtrafficsourcedfromtheNACControllerEngineandNACControllerPEP

willtraversethedataVLANonthewaytotheNetSightmanagementserver.

SeeFigure 6‐4onpage 6‐5foradiagramoflayer

2Out‐Of‐BandmanagementandFigure 6‐6on

page 6‐6foradiagramoflayer3Out‐Of‐Bandmanagement

Figure 6-3 Layer 2 In-Band Management Topology

previous next