HP ProCurve NAC 800 User Manual page 454
Hide thumbs
Also See for ProCurve NAC 800:
- User manual (560 pages) ,
- User manual (586 pages) ,
- User manual (474 pages)
Table of Contents
Advertisement
System Administration
Working with Ranges
NOTE:
15-26
Home window>>System configuration>>Enforcement clusters &
servers>>Select an Enforcement Cluster>>Advanced menu option
In the Endpoint detection area, enter the range of addresses to ignore in the IP
addresses to ignore text field. Separate ranges with a hyphen or use CIDR
notation.
To specify ranges to enforce:
Home window>>System configuration>>Quarantining menu option
1.
Select the DHCP radio button in the Quarantine method area.
Select the Restrict enforcement of DHCP requests to quarantined or non-
2.
quarantined subnets radio button.
Enter IP addresses in the DHCP relay IP addresses to enforce text box. Enter
3.
individual DHCP relay agent IP addresses, separated by carriage returns.
These addresses are monitored in addition to the quarantined or non-
quarantined subnets.
When using Extreme switches running ExtremeWare or ExtremeXOS prior
to release 11.6, DHCP relay IP addresses to enforce will NOT work when the
quarantine subnet is a subset of the production network. This is because
Extreme switches forward the packets from the IP address closest to NAC
800 and not the IP address of the interface closest to the endpoint, so all the
DHCPRelay packets will appear to come from a production network IP
address.
For example, the following scenario will not work:
NAC 800 IP: 10.241.88.20
Production Network: 10.241.90.0/24
Quarantine Network: 10.241.90.160/27 (161-189 for range)
Gateway IP: 10.241.90.190
Non-Quarantine Networks: 10.241.90.0/25, 10.241.90.128/27, 10.241.90.192/26
Advertisement
Table of Contents
