9.Select Device Management CCA Servers Network. Check that your screen resembles Figure 7-81.

Figure 7-81 Network IP screen

10.Select Device Management CCA Servers Advanced Managed Subnet.

11.Enter IP addresses from the trusted and non-trusted networks (access and authentication VLANs) in the IP Address field. These IP addresses should be static, outside of the DHCP scope, and be neither the network number nor broadcast address of the managed VLAN (for example, 192.168.120.0 or 192.168.120.255). The arbitrary values, VLAN 120 — 192.168.120.50 and VLAN 20 — 192.168.20.50, for each managed subnet are used for our example. Include the appropriate subnet masks and VLAN IDs of the trusted

Chapter 7. Network enforcement subsystem implementation

313

Page 331
Image 331
IBM Tivoli and Cisco manual 313, Network IP screen