I'm configuring PUTN on a 2930F and it is working fine. However, I have some questions on how to handle the other ports.
The user is role is defined as such:
aaa authorization user-role name "EMPLOYEE"
policy "PERMIT-ALL"
reauth-period 5
vlan-id 2
tunneled-node-server-redirect secondary-role "authenticated"
exit
This role works fine. The user is assigned to role authenticated on the controller, and in the correct VLAN. However, since I can't tag the uplink of this switch with this same VLAN, how do I handle any static configurations for this same VLAN.
ie. What if I want one port to always be VLAN 2 in this instance? The traffic will not traverse the uplink due to it not being tagged.
I thought I would create a dummy VLAN on the switch just for tunneled users, but that is what's being assigned on the Controller too. This is regardless of role.