Cisco Cisco Clean Access 3.5

4-5

Cisco Clean Access Server Installation and Administration Guide

OL-7045-01

Chapter 4 Clean Access Server Managed Domain

Add the CAS to the CAM

Do not connect eth1(untrusted interface) of the CAS until after you have configured and enabled
VLAN Mapping entries in the CAS (under Device Management > CCA Servers > Manage
[CAS_IP] > Advanced > VLAN Mapping). See

Configure VLAN Mapping for Out-of-Band, page

4-21

for detailed steps.

Caution

To avoid switch errors, make sure to correctly set VLAN Mapping in the CAS before connecting the eth1
interface of the CAS. Failure to do so could cause spanning tree loops and shut down the switch.

List of Clean Access Servers

Once you add the CAS to the Clean Access Manager, the CAS appears in the List of Servers tab.

Figure 4-2

List of Servers

Each Clean Access Server entry lists the IP address, server type, location, and connection status of the
CAS. In addition, four management control icons are displayed: Manage (

), Disconnect (

), Reboot

(

), and Delete (

). You access the management pages of a Clean Access Server by clicking the

Manage icon next to the CAS.

Troubleshooting

If the Clean Access Manager cannot add the Clean Access Server to its managed List of Servers:

•

Make sure the CAS is pingable. If not, the network settings may be incorrect. Reset them using the
service perfigo config CLI command. See

Using the Command Line Interface, page 3-12

•

If the CAS is pingable but cannot be added to the CAM:

•

Go to the command line of the CAS and enter:

ifconfig eth1 down

•

Wait 2 minutes, then add the CAS again from the CAM web console.

•

When the CAS is successfully added, go to the command line of the CAS and enter:

ifconfig eth1 up

•

The CAM and CAS must have the same shared secret. If this is the problem, reset the shared secret
with service perfigo config.

•

In Virtual Gateway mode, ensure that the CAM and CAS are on different subnets.