Multiple Compliant VLANs for 802.1x NAP Enforcement
<small class="single-by" style="font-family:Arial, Helvetica, sans-serif;font-size:0.9em;line-height:1.5em;color:#777777;text-transform:capitalize;"></small>
Hello Dear,
I am implementing NAP with 802.1x enforcement type. but it is an existing network where the organisation already has the network segmented into about 7 VLANs based on the departments in the organisation and the VLANs equally have IP interfaces on them (meaning
they are subnets).
By design NAP with 802.1x enforcement supports 2 VLANs: Compliant and Non-Compliant VLANs apart from the GuestVlan which the switch uses for 802.1x pre-authentication.
In my test lab, authenticated clients are pushed to Compliant VLAN if they meet SHV set. Also,if they don’t meet the SHV they are moved to Non-Compliant VLAN.
How do I apply this type of enforcement for multiple VLANs belonging to the organisation’s different Departments? Assuming I decide to create a single Non-Compliant VLAN this may cater for non-compliant clients but what VLAN among the 7 existing VLAN will compliant
clients be pushed into?
How will the switch know the VLAN a member of a particular department should be moved to since there are more than one Compliant VLAN assuming I configured ” NPS Network Policy” for more than one compliant VLAN?
Please your help is very important.
Thanks.
Alex.