Is possible to assign a tag to eth1 interface of NAC virtual applaince?

  • 0
  • 1
  • Question
  • Updated 2 years ago
  • Answered
Hi, is possible to configure the secondary interface eth1 of the virtual NAC gateway as a tagged interface?

Thanks
Photo of Antonio Opromolla

Antonio Opromolla

  • 2,126 Points 2k badge 2x thumb

Posted 2 years ago

  • 0
  • 1
Photo of Drew C.

Drew C., Community Manager

  • 38,536 Points 20k badge 2x thumb
Hi Antonio,
I believe you'll be better off configuring this on the vSwitch (assuming VMware) so that you can ensure the traffic leaves the host tagged.
Photo of Antonio Opromolla

Antonio Opromolla

  • 2,126 Points 2k badge 2x thumb
Hi Drew, in my lab the eth1 interface of the vNAC is attached to the same vSwitch of my etho interface and on this vSwitch I have more tagged VLANs, so I can't in my demo environment bind the VLAN ID to the vSwitch, that in my example is configured as follow:

Is possible to modify the Interface configuration of eth1 directly on the NAC VM, and how?
Thanks
Photo of Matthew Hum

Matthew Hum, Principal Engineer, APAC

  • 1,542 Points 1k badge 2x thumb
You can create another port group on the same virtual switch on a specific vlan (i.e. 10) and the NAC traffic on that port group that will leave the same physical port on vlan 10. everything on VMNET10 will also see that traffic tagged as vlan 10.


(Edited)
Photo of Matthew Hum

Matthew Hum, Principal Engineer, APAC

  • 1,542 Points 1k badge 2x thumb
oops. i just noticed that my first screenshot had promiscuous mode set to reject. this should be accept.
Photo of Antonio Opromolla

Antonio Opromolla

  • 2,126 Points 2k badge 2x thumb
Thanks Matthew for your suggest. I'll try to do this change and see how it works..