If I put the interface on vlan access 999 and have connectivity in this VLAN (with access to DHCP server and to clearpass)
Wouldn't it be enough for the machine to get IP address in vlan 999 ?
I am doing authentication on that port.
But I want to have some default VLAN that gives access to DHCP, DC, and Clearpass.Can't I put VLAN 999 in access, and only after authentication to replace the Vlan according to the User's AD credentials?
So if I am doing machine authentication.I can Gives it specific VLAN when it is loggod of, and another VLAN if it login (VLAN assigning according to the user AD credentials)?
I am not sure what is the flow when I am using both machine authentication and user authentication according to AD.
Yes,I have just seen the first video you recommended.I will watch the older one as well, hoping to get it better.But I want to understand better the combination of a machine with user authentication.My plan was to switch VLANs according to the user credentials. So if it's an IT user he will get an IT VLAN. If it is a management user it will get mgmt VLAN. and so on.In the setup you suggested. I have to configure the VLAN on the port in advance, Don't I?
So it makes the plan of VLAN switching problematic.