08-07-2011 08:51 PM - edited 03-10-2019 06:17 PM
Hello all,
I'm in the middle configuring NAc layer 2 OOB deployment. The client machine have got the IP in access VLAN ( VLAN Mapping ) but nothing happens after that. Suppose that when I open a web browser the authentication login page appear.
Can somebody point out what is wrong or guide me. Many thanks in advance.
Rgds,
Fauzan
Solved! Go to Solution.
08-08-2011 02:41 AM
Fauzan,
Hi, Can you try checking the manage subnet settings? Make sure that there is a unused ip address in the clients subnet space that is sending requests to the corresponding untrusted vlan that you setup in your vlan mapping. If mapping from 100 -> 10 that the ip address from the vlan 10 space is unused but the vlan assigned to this managed subnet is on vlan 100.
Next, I would suggest checking dns. Is the desitnation traffic (www.google.com as an example) resolvable by dns? If not, try http://1.1.1.1. Also on the same token what you using for certs? Are they ip based or fqdn? Also check and see if the client can resolve the fqdn of the CAS cert. If using ip based, see what happens when trying to navigate to the CAS ip address.
Thanks,
Tarik
08-08-2011 02:41 AM
Fauzan,
Hi, Can you try checking the manage subnet settings? Make sure that there is a unused ip address in the clients subnet space that is sending requests to the corresponding untrusted vlan that you setup in your vlan mapping. If mapping from 100 -> 10 that the ip address from the vlan 10 space is unused but the vlan assigned to this managed subnet is on vlan 100.
Next, I would suggest checking dns. Is the desitnation traffic (www.google.com as an example) resolvable by dns? If not, try http://1.1.1.1. Also on the same token what you using for certs? Are they ip based or fqdn? Also check and see if the client can resolve the fqdn of the CAS cert. If using ip based, see what happens when trying to navigate to the CAS ip address.
Thanks,
Tarik
08-08-2011 06:46 PM
Thanks Tarik,
I change the ip for managed subnets, the login page pop up but another error shows due to expired certs. I regenerate the certs and solve the problem.
Again, many thanks for your help.
Rgds,
Fauzan
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: