Hello I am involved in mulitple branch deployment connected via Internet to Head office where ClearPass will be located. Two issues I am dealing with for 802.1X designing EAP-PEAP for Corporate users. 200 Branches.
1. Branches have IAP's. I want to use EAP for Corporate users. I have been told that I cannot simply run EAP in scenario below. I must do some kind of tunnel from branch IAP to head office.
Branches have IAP with (Private IP address)> .....<Internet Public IP>.........<(Private IP) Head office ClearPass location.
If this is true. It means, I must add a controller at the head office to do site to site VPN.
2. Above scenario (tunnelled) creates problem for us. Currtly multiple branches have same IP addresses assinged.
Can I deploy without tunne? if not, how do I resolved the multi - branch same private IP address issue.
Thanks