05-15-2014 06:04 AM
I've setup VIA with a customer and we have the following infrastructure:
2 x 3400s in a Master / Standby pair in one data center
2 x 3400s as local running VRRP in the direction of their firewall running in a different geographic data center
We've set it up so one VIA profile authenticates against the first pair of 3400s and the second pair authenticates against the other data center. I'm able to pass VIA roles based on where they connect with Clearpass - that's all working out really well.
The thing I'd like to do is to put in the IP address of one data center and not have the web authentication piece come up offering all of the VIA profiles. I'm configuring this under the VIA web-auth in the GUI. It doesn't look like I can configure additional web-auth profiles, at least in the GUI - I haven't tried in the CLI.
The goal, if possible, would be to have a profile tied to the IP of each data center and avoid presenting the option for the other VIA profile.
Thanks for any help that you can offer!