Community
Aruba & ProVision-based
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Purgatory VLAN assistance

 
n3tm1n
n3tm1n
Valued Contributor

‎10-10-2016 08:21 AM

‎10-10-2016 08:21 AM

Purgatory VLAN assistance

Hello,

I've been give the tasked to create a purgatory VLAN on the company's network so if an unauthorized device (non domain system) is detected on the network, the NAC will instruct the switch to place the device on a particular VLAN that has access to the following:

- Internet only

- Domain controller (only, no other servers accessable) This way, if a machine needs to join the domain, it can.

   - not sure if I need to create ACL to deny all traffic from VLAN with the exception of the IPs of the Domain controller (if that is possible).

Once joined to the domain, the NAC will install the agent on the device that will notify the switch to move to a corporate VLAN.

Need some guidance on best way to configure if possible.

Equipment

- Core Switch Procurve 6600 -4XG FW 15.10

- Access/Edge Switches Procurve 3500yl

- Network Access Controller : Forescout Counter Act.

 Thanks in advance.

 

 

 

 

 

0 Kudos
Reply
1 REPLY
n3tm1n
n3tm1n
Valued Contributor

‎10-10-2016 08:22 AM

‎10-10-2016 08:22 AM

Re: Purgatory VLAN assistance

Forgot to mention that communication between NAC and Switch is via SNMPv3

0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.