Cisco NAC3350-PROF-K9 Hardware Installation Guide - Page 55

Chapter 2 Preparing for Installation Preparing Your Site for Installation Table 2-3 CAS Configuration Utility Worksheet c. Default gateway IP address for eth0 interface: d. IP address for eth1 interface (untrusted): e. Subnet mask (IP netmask) for eth1 interface: f. Default gateway IP address for eth1 interface 1: g. Host name for your CAS: h. IP address of Domain Name Server on your network: i. Master secret: Note The master secret must be the same for CAMs/CASs deployed as HA peers. j. Date, time and timezone: k. To generate the required temporary SSL certificate (you can change this at a later time): FQDN or eth0 IP address of CAS: Organization unit (e.g. Sales) Organization name (e.g. Cisco) Organization location (e.g. San Jose, CA, US) Note If using FQDN, make sure your DNS server is set up for the domain name. l. Root user password: m. Web console password 2: 1. eth0 and eth1 generally correlate to the first two network cards-NIC 1 and NIC 2-on the server hardware. 2. Cisco highly recommends replacing default password(s) with "strong" passwords (at least 8 characters long, comprised of a combination of two characters from each of the upper- and lower-case letters, numbers, and special characters categories) CAS Mode IP Addressing Considerations Table 2-4 CAS Mode Real-IP CAS Modes- IP addressing Considerations Comments • The trusted (eth0) and untrusted (eth1) interfaces of the CAS must be on different subnets. • Add static routes on the L3 switch or router to route traffic for the managed subnets to the trusted interface of the respective CASs. • If using DHCP relay, make sure the DHCP server has a route back to the managed subnets. OL-20326-01 Cisco NAC Appliance Hardware Installation Guide 2-13