Hi all,
Just wanted to check my logic as it’s the first time I’ve played with tunnelled node.
I will use a 5400 switch and 7008 controller.
On the 5400 switch; I will:
- Enabled tunnelled node at global level and point to management IP of the controller
- At interface level, set to tunnelled node port and assign a VLAN (2000)
On the 7008 controller; I will:
- Make VLAN 2000 And assign whatever security I need around this VLAN
Questions:
1. Do I need to tick an option on the controller to make this work? Feels like I should enable this feature on the controller like I’m doing on the switch?
2. Will telling the interface on the switch transpose into the controller? So users will just present on the same VLAN as the switch when they land in the controller?
3. I have a firewall between the switch and controller. Does tunnelled node use the management IP of the switch as it’s source? Is it just GRE traffic?
4. I feel like I’m missing some fundamentals above or is it this easy?
I’m manually configuring certain ports for tunnelled node; trying to avoid getting Clearpass involved etc
many thanks