Re: [Netpass-users] Cisco Support
Brought to you by:
jeffmurphy
Menu
▾
▴
Re: [Netpass-users] Cisco Support
|
From: jeff m. <jcm...@os...> - 2005-06-10 13:53:10
|
On Fri, 2005-06-10 at 09:31 -0400, Don Rugh wrote: > I would be interested in any comments on Cisco switch support. Looking > the the Cisco.pm module it would appear that: > > > - add_vlan_membership sets ONLY VLAN assigned to port (hence > del_vlan...not needed) > - get_vlan_membership returns present assignment > - other, "generic" OID information calls are implemented > > > - set_default_vlan_id not used > - del_vlan_membership not used > - get_default_vlan_id can't work (used Nortel OID) > > > So, can I assume that: > - this Cisco implementation does work? the cisco module works. ideally, the above routines would be fully implemented per the comments at the top of each routine. obviously they are not for the cisco module. the reasoning behind these routines is that, in the future, we expect that there will be a time when you have a port with VOIP phone plugged into it and a PC plugged into the phone. many voip architectures have phones are on a separate vlan from the PC. if your voip architecture has the phones on the same vlan as the PC, then this feature is moot. we'd like to be able to quarantine the PC without affecting the phone (this feature implies that you are trusting that the PC will not emit tagged packets). the phone is emitting tagged packets. so we change the default vlan that untagged packets are placed in and remove membership in the unquarantined data vlan, but leave membership in other vlans (the voip one) alone. as it stands now, the cisco module will need some revising, but in the most basic configuration where each port is a member of only one vlan at a time, it works. > - the Cisco switches are setup for only 1 VLAN per port, and only the > uplinks are tagged to pass VLAN info? yes > - the first three items are the "core" functions required for NetPass > to work? so if we can get these to work, we're OK? > yes |
