WLC and AP on different subnets

Similar Questions

• Target subnet mask and the gateway in different subnets and clock error

  Hi all:

  Need help. I have a standalone PC operating a direct VI on a CFP with a crossover ethernet cable (developed on my laptop, compiled and installed as a standalone on the PC). When the VI runs on standalone PC version, everything works (click the button, analyzers are read), but the time being pulled from the CFP is wrong, and infact resets to December 1969, a default value. I am error checking, and no error is marked with the CFP, slaughter programmes. When I go to the MAX function, the time playing of the CFP is the funky time. Looking at the IP addresses, I generally use a very standard protocol (192.168.000.001 for the PC, 192.168.000.002 for the CFP currently running on the subnet for the pc and the PSC 255.255.255.000). However, when I apply this Protocol on the CFP through max, it gives the error "the subnet mask you entered puts the target and the entry door to different subnets." I am not versed enough well understand this, and what I read in 2 postings here, I tried to harmonize the IP numbers and the subnet, and they do not seem to help. When I put intentionally in false numbers IP or subnet default time synchronization time correct (pc), but functions block (as expected). It is certainly not an issue of PC zone.

  Anyone can offer any guidance?

  Currently runnig LV 8.2 with drivers of 2009. PSC 1804 with MAX 4.6.

  I appreciate all help.

  Best regards;

  GIS.

  OK, I solved it. FYI: for those who are not aware of the IP: IP of the host and default gateway server to the same value. My work for the host computer are 192.168.000.001 and subnet masks can stay 255.255.255.000. The CFP has been set to 198.162.000.002 with a 90.00.00.03 DNS. Time server has been blocked by the Norton 2009 Firewall (even with an exception) and thus the cruxt of this issue together. I had to uninstall completely from this "software". I hope this helps.

• Mobility groups, failover on different subnets

  I have read up on 5.1 and wonder how and if real failover on subnets is an option.

  I understand controllers mg even customers roaming on different subnets.

  How it works if your main "anchor" isn't alive to replicate the DB entry on the controller off-subnet? Say if die of my local WISN and the backup is in the next State, how the HA will maintain connectivity?

  Thank you!

  Yes, but tha ap will be the new configuration of the WLC. Also, users will get tunnelees to the wlc and be thrown out of this subnet. Then make sure you understand the ssid and ip clients will get when they associate to of different wlc. That should do it.

• WLAN clients in different subnet

  Hi all

  I was using the setting of the current with WLC2106 and 2 rounds.  So far, the management and the ap-Manager interface where on the same subnet (192.168.0.x).  I was using a static IP address for wireless clients, also on the 192.168.0.x.  If far so good and everything was up and running.  Now, I wanted wireless clients to get an IP address from the DHCP server in the 192.168.0.x subnet.  Leased IP addresses will be on another network - 192.168.7.x.  I tried to change the ap - manager for and IP address on the reseau.7.x and set DHCP server on both interfaces.  However, I can't customers aren't being associated with it, and when I try and give a static IP address on the reseau.7.x, I can't ping anything customers.  The routing is not the problem as I have confirmed that it works well.

  Should I change the management interface (as the WIFI network is associated with this interface, and I can't choose the ap - manager)?  Or do I have to use a dynamic interface?

  Thank you

  Tiziana

  Hello Tiziana,

  In order to remove the clients on a different subnet / VLAN other than on your AP-Manager interfaces and management, you will need to deploy a new dynamic interface on the WLC.  Also make sure that the trunk on the vlan again at the WLC.  Here is an excellent guide that explains how to accomplish this.

  VLANs on the example of Configuration of wireless LAN controllers
  http://www.Cisco.com/en/us/Tech/tk722/tk809/technologies_configuration_example09186a00805e7a24.shtml

  I hope this helps.

  See you soon,.

  Drew

• Not able to deploy images on different subnets

  Hi guys,.

  I'm having a problem of image deployment of T5565 for thin clients on a different subnet.

  The first message that I got, was "the subnet of the device (s) in red color is not the same thing with its device management gateway. You want to send the task anyway".

  I selected Yes, and finally the deployment will timeout with the following error: "job failed. Task become invalid before being sent".

  I am able to update the agents on these thin clients with success, however, and these devices are discoverable.

  Any help will be much appreciated.

  Kind regards

  Remo

  This has been sorted guys. I had tried to deploy the image by using PXE.

  Image without PXE deployment now works fine.

  Kind regards

  Remo

• Unable to connect to storage as "different subnet."

  Have just updated my LenovoEMC device to the latest version of the software (4.1.114.33421) and now get the message

  "Unable to connect to the storage because it is in a different subnet.

  but I can go to the Admin in the usual way, through devices and can change anything, as all the mapped drives as if it worked and all the data is visible?

  Reset the system and all users etc., verified that DHCP is select rather than fixed, tried fixed without result.

  Someone has an answer that works or is a reset?

  Got it finally - works had to install a new version of Storage Manager - Version 1.4.8.33485

  After installation, restart the PC only and ran it Storage Manager - it took forever, but she finally found my nas and created links to explore.

  Can't believe that they a D A M N blip! in my previous post - AR even if you ask me.

• Install MX922 on 2 different subnet?

  I have a LAN into 2 separate LAN or subnets. 1 LAN is 192.168.1.x and LAN 2 is 192.168.2.x. I installed a MX922 installation method using the network on all computers on the LAN 1 without problem. The MX922 is located on LAN 1.

  I tried to install the printer on a PC on the LAN 2 but install fails, claiming that he cannot find any printer on the network. My guess is that he is only looking on the scheme even the installation of PC is on AND the installation of the software does not allow you to set the IP address to make it look like the printer.

  I know that all firewalls are disabled and 1 LAN 2 LAN communication is very good because this printer is replacing another printer set up exactly the same way and this printer set up is still workng fine.

  I was thinking about putting the PC in question 'temporarily' on LAN 1 to install the printer and then back to LAN 2 and then manually reconfigure the port to address different IP, but when I try to configure the printer port on a PC on the LAN 1 where the printer is already installed it gives the error that there are no configurable parameters for the port. So I don't think I'd be able to configure the port once it was back on LAN 2.

  I can't be the first person to try to install one of these printers in an office environment where there are several subnets that all need to print to a central printer so I think there must be a solution, but we don't find where in the documentation or on this site that I can see. If anyone can help me please?

  Thank you.

  Solved!

  It can be done even if I emailed Canon support and their response stated that Canon printers are not able to work on multiple subnets.

  The solution is:

  1. change the PC concerned to the same LAN as the printer so they are both on the same subnet. At the time of installation, the printer and the PC must be on the same subnet.

  2. then install the printer normally.

  3. after the printer is in place and works very well on the given PC, then return to the original subnet that it is supposed to be on.

  That's all!

  There is a workaround solution. For a computer that has many PC on several different subnets, it would be a huge task. For an additional House with 1 or 2 subnets and a few PCs, it is a pain.

• Mac, WRT 54 G, can I access a MFC9320 brother on two different subnets?

  (domestic use) I have a USB Server that I can access my USB printer on two different subnets and I was wondering if I can do the same thing on the WRT54G. I use 192.xxx.xxx.x for internet use and 198.xxx.xxx.x for each thing, like file sharing of multiplayer games, etc. Only, I named the 'locations' to 'Internet' or 'Games' (with games being used for everything else). With the USB Server set to "ZerocConfig" I could access USB printers on both.  I could set up the printer with a static IP printer 'Place' and then change location every time we wanted to print to it, but I would like to save a step. It's not that big a deal for me, but have to "Remind" everybody whenever they wanted to print something on it, would get old. Don't want to hang the brother to the USB Server if I have the wireless. It is not the smallest thing in the world to find a place for it in any case.

  I guess my other question would be, taking the other subnet is it safer (from the internet) using this way he or she is just in my mind. I did the on a third location of 'White', the family put their computers (no IP #) when they are just playing games, homework, etc..

  Thank you

  I don't think it's possible to run the USB printer on two different subnet. There is no such feature on the router.

• RV180W ping hostname between VLAN & different subnets

  Hello

  I had a RV180w with 1.0.3.10 closes. According to the name of position, I'm not able to resolve host names between different VLANS which affected to different subnets, for example, allows said I have the following hosts:

  CASA:

  192.168.241.100/25 (wired - VLAN 1)

  Router: 192.168.241.1

  DNS: 192.168.241.1

  XBMC: 192.168.242.100/25 (Wi - FI - VLAN 2)

  Router: 192.168.242.1

  DNS: 192.168.242.1

  If I try to ping from two sources to one of the two destinations, the only one I get is a message 'impossible '.

  Authorized additional information routing between vlans & proxy DNS and if I try to look at the hostname under the 'nslookup' command, I could not resolve the host name, but if I do a "ping - a 192.168.241.100 ' it is said ' response from CASA (192.168.241.100) blah blah blah."

  So what I'm missing here?

  Hi Bruno, you can usually solve different subnet host name because the host does not know the subnet that treats it as a security measure.

  Disable the firewall feature on your computers and which must fix, otherwise you will probably have to change the lmhost files.

  -Tom
  Please mark replied messages useful

• Cisco WLC and Apple TV Hello

  Hello

  I followed the guide on http://www.cisco.com/en/US/docs/wireless/technology/bonjour/7.5/Bonjour_Gateway_Phase-2_WLC_software_release_7.5.html on activation of Cisco WLC 7.5 with Apple TV good morning however I have a weird problem. I have some clients unable to see the apple TV connected to a different wireless access point while some may see the Apple connected TVs. I have attached my setup for reference. I would like to inquire about the use of LSS and so perhaps someone has encountered similar problems? The apple TV is discovered by the wlc on mdns-domain names.

  According to the document, multicast has been activated not however the discovery of the apple tv is intermittent of apple customers. Customer can discover apple tv 1 and 3 but not apple tv 2 and sometimes it can discover all 3 apple TV while client B is able to perceive all apple TV devices 3. All 3 apple TV devices are discovered by WLC and only apple TV service has been activated on WLC.  I was wondering if anyone has seen a similar question? Not too sure what can be the cause of it?

  Any suggestion is appreciated.

  Some of the docs didn't do it, but it is required as all my installation requiring Hello, set multicast implementation.

  Thank you

  Scott

  Help others using the system of rating and marking answers questions like "answered."

• With the help of several NIC in Win 7 - different subnet

  Can someone tell me the best way or the right way to configure two 2 Gigabit NIC in Windows 7 Ultimate?

  Map NETWORK 1 is currently used to access the INET and my FreeNAS server via a 192.168.0.x subnet. I would like to set up a 2nd NETWORK card to maintain a "static route" between this box (Win 7) and box of FreeNAS (OPT 1 is configured as a secondary NIC on the side of FreeNAS already).

  The static route will use the subnet 192.168.x.x with FreeNAS is 192.168.1.100 on the secondary card. The Win 7 box, I'm going to say... 192.168.1.3 for the static route NIC w / the same thing for GW and DNS.

  Is it possible that way, as mentioned above, or what I need to dig a little deeper. The static route will allow me to exploit the full potential (at least I hope) between 2 machines with regard to flow by a X-Over cable. This way I can put both sides higher than regular LAN depending on the parameters.

  I don't need to work, but rather a bit more than the flow of 20 MB/s when xfering large files recording studio. Yes... I know that FTP is not the best for xfering... I'm looking into SSH w/patch, SMB/CIFS or NFS

  Tim

  Your plan should work fine.  Specify a subnet mask of 255.255.255.0 on both network adapters to 192.168.0.x and 192.168.1.x different subnets.

  You do not need to specify GW and DNS on the secondary NETWORK, and you don't need to create a static route.

  To access the box of FreeNAS on secondary NETWORK map, use his IP (192.168.1.100), and not its NetBIOS name.
  Owner, Boulder computer Maven
  Most Microsoft Valuable Professional

• ASA 5505: VPN access to different subnets

  Hi All-

  I'm trying to understand how to configure our ASA so that remote users can have VPN access to two different subnets (Office LAN and LAN phone).  Currently I have 3 VLAN configuration - VLAN 1 (inside), VLAN 2 (outside), VLAN 13 (phone LAN).  Essentially, remote users must be able to access their PC (192.168.1.0/24) and also have access to the office phone system (192.168.254.0/24).  Is it still possible?  Here are the configurations on our ASA,

  Thanks in advance:

  ASA Version 8.2 (5)

  !

  names of

  name 10.0.1.0 Net-10

  name 20.0.1.0 Net-20

  name phone 192.168.254.0

  name 192.168.254.250 PBX

  !

  interface Ethernet0/0

  switchport access vlan 2

  !

  interface Ethernet0/1

  !

  interface Ethernet0/2

  !

  interface Ethernet0/3

  !

  interface Ethernet0/4

  !

  interface Ethernet0/5

  switchport access vlan 3

  !

  interface Ethernet0/6

  !

  interface Ethernet0/7

  switchport access vlan 13

  !

  interface Vlan1

  nameif inside

  security-level 100

  192.168.1.98 IP address 255.255.255.0

  !

  interface Vlan2

  nameif outside

  security-level 0

  address IP X.X.139.79 255.255.255.224

  !

  interface Vlan3

  No nameif

  security-level 50

  192.168.5.1 IP address 255.255.255.0

  !

  interface Vlan13

  nameif phones

  security-level 100

  192.168.254.200 IP address 255.255.255.0

  !

  passive FTP mode

  object-group service RDP - tcp

  EQ port 3389 object

  object-group service DM_INLINE_SERVICE_1

  the purpose of the ip service

  EQ-ssh tcp service object

  vpn_nat_inside of access list extensive ip Net-10 255.255.255.224 allow 192.168.1.0 255.255.255.0

  access-list extended vpn_nat_inside allowed ip Net-10 255.255.255.224 phones 255.255.255.0

  inside_nat0_outbound list extended access permits all ip Net-10 255.255.255.224

  inside_access_in of access allowed any ip an extended list

  Split_Tunnel_List list standard access allowed Net-10 255.255.255.224

  phones_nat0_outbound list extended access permits all ip Net-10 255.255.255.224

  outside_access_in list extended access allowed object-group DM_INLINE_SERVICE_1 Mac host everything

  pager lines 24

  Enable logging

  timestamp of the record

  record monitor errors

  record of the mistakes of history

  asdm of logging of information

  Within 1500 MTU

  Outside 1500 MTU

  MTU 1500 phones

  mask IP local pool SSLClientPool-10 10.0.1.1 - 10.0.1.20 255.255.255.128

  no failover

  ICMP unreachable rate-limit 1 burst-size 1

  don't allow no asdm history

  ARP timeout 14400

  Global interface (10 Interior)

  Global 1 interface (outside)

  global interface (phones) 20

  NAT (inside) 0-list of access inside_nat0_outbound

  NAT (inside) 1 0.0.0.0 0.0.0.0

  NAT (10 vpn_nat_inside list of outdoor outdoor access)

  NAT (phones) 0-list of access phones_nat0_outbound

  NAT (phones) 1 0.0.0.0 0.0.0.0

  inside_access_in access to the interface inside group

  Access-group outside_access_in in interface outside

  Route outside 0.0.0.0 0.0.0.0 X.X.139.65 1

  Timeout xlate 03:00

  Timeout conn 01:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02

  Sunrpc timeout 0:10:00 h323 0:05:00 h225 mgcp from 01:00 0:05:00 mgcp-pat 0:05:00

  Sip timeout 0:30:00 sip_media 0:02:00 prompt Protocol sip-0: 03:00 sip - disconnect 0:02:00

  Timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute

  timeout tcp-proxy-reassembly 0:01:00

  Floating conn timeout 0:00:00

  dynamic-access-policy-registration DfltAccessPolicy

  AAA authentication enable LOCAL console

  the ssh LOCAL console AAA authentication

  LOCAL AAA authorization command

  Enable http server

  http 192.168.1.0 255.255.255.0 inside

  No snmp server location

  No snmp Server contact

  Server enable SNMP traps snmp authentication linkup, linkdown cold start

  Crypto ipsec transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac

  Crypto ipsec transform-set ESP-DES-SHA esp - esp-sha-hmac

  Crypto ipsec transform-set ESP-DES-MD5 esp - esp-md5-hmac

  Crypto ipsec transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac

  Crypto ipsec transform-set ESP-3DES-MD5-esp-3des esp-md5-hmac

  Crypto ipsec transform-set ESP-AES-256-SHA 256 - aes - esp esp-sha-hmac

  Crypto ipsec transform-set ESP-AES-128-SHA aes - esp esp-sha-hmac

  Crypto ipsec transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac

  Crypto ipsec transform-set ESP-AES-128-MD5-esp - aes esp-md5-hmac

  Crypto ipsec transform-set esp-SHA-ESP-3DES-3des esp-sha-hmac

  life crypto ipsec security association seconds 28800

  Crypto ipsec kilobytes of life - safety 4608000 association

  Crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 value transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA MD5-ESP-3DES ESP-DES-SHA ESP-DES-MD5

  outside_map card crypto 65535-isakmp dynamic ipsec SYSTEM_DEFAULT_CRYPTO_MAP

  outside_map interface card crypto outside

  Crypto ca trustpoint ASDM_TrustPoint0

  registration auto

  name of the object CN = not - asa .null

  pasvpnkey key pair

  Configure CRL

  crypto ISAKMP allow outside

  crypto ISAKMP policy 10

  preshared authentication

  3des encryption

  sha hash

  Group 2

  lifetime 28800

  VPN-sessiondb max-session-limit 10

  Telnet timeout 5

  SSH 192.168.1.100 255.255.255.255 inside

  SSH 192.168.1.0 255.255.255.0 inside

  SSH Mac 255.255.255.255 outside

  SSH timeout 60

  Console timeout 0

  dhcpd auto_config inside

  !

  dhcpd address 192.168.1.222 - 192.168.1.223 inside

  dhcpd dns 64.238.96.12 66.180.96.12 interface inside

  !

  a basic threat threat detection

  host of statistical threat detection

  Statistics-list of access threat detection

  a statistical threat detection tcp-interception rate-interval 30 burst-400-rate average rate 200

  SSL-trust outside ASDM_TrustPoint0 point

  WebVPN

  allow outside

  AnyConnect essentials

  SVC disk0:/anyconnect-win-2.5.2014-k9.pkg 1 image

  SVC disk0:/anyconnect-macosx-i386-2.5.2014-k9.pkg 2 image

  enable SVC

  tunnel-group-list activate

  internal SSLClientPolicy group strategy

  attributes of Group Policy SSLClientPolicy

  WINS server no

  value of 64.238.96.12 DNS server 66.180.96.12

  VPN-access-hour no

  VPN - connections 3

  VPN-idle-timeout no

  VPN-session-timeout no

  IPv6-vpn-filter no

  VPN-tunnel-Protocol svc

  group-lock value NO-SSL-VPN

  by default no

  VLAN no

  NAC settings no

  WebVPN

  SVC mtu 1200

  SVC keepalive 60

  client of dpd-interval SVC no

  dpd-interval SVC bridge no

  SVC compression no

  attributes of Group Policy DfltGrpPolicy

  value of 64.238.96.12 DNS server 66.180.96.12

  Protocol-tunnel-VPN IPSec svc webvpn

  attributes global-tunnel-group DefaultRAGroup

  address-pool SSLClientPool-10

  IPSec-attributes tunnel-group DefaultRAGroup

  pre-shared key *.

  NO-SSL-VPN Tunnel-group type remote access

  General-attributes of the NO-SSL-VPN Tunnel-group

  address-pool SSLClientPool-10

  Group Policy - by default-SSLClientPolicy

  NO-SSL-VPN Tunnel - webvpn-attributes group

  enable PAS_VPN group-alias

  allow group-url https://X.X.139.79/PAS_VPN

  !

  class-map inspection_default

  match default-inspection-traffic

  !

  !

  type of policy-card inspect dns preset_dns_map

  parameters

  maximum message length automatic of customer

  message-length maximum 512

  Policy-map global_policy

  class inspection_default

  inspect the preset_dns_map dns

  inspect the ftp

  inspect h323 h225

  inspect the h323 ras

  inspect the rsh

  inspect the rtsp

  inspect esmtp

  inspect sqlnet

  inspect the skinny

  inspect sunrpc

  inspect xdmcp

  inspect the sip

  inspect the netbios

  inspect the tftp

  Review the ip options

  !

  global service-policy global_policy

  privilege level 3 mode exec cmd command perfmon

  privilege level 3 mode exec cmd ping command

  mode privileged exec command cmd level 3

  logging of the privilege level 3 mode exec cmd commands

  privilege level 3 exec command failover mode cmd

  privilege level 3 mode exec command packet cmd - draw

  privilege show import at the level 5 exec mode command

  privilege level 5 see fashion exec running-config command

  order of privilege show level 3 exec mode reload

  privilege level 3 exec mode control fashion show

  privilege see the level 3 exec firewall command mode

  privilege see the level 3 exec mode command ASP.

  processor mode privileged exec command to see the level 3

  privilege command shell see the level 3 exec mode

  privilege show level 3 exec command clock mode

  privilege exec mode level 3 dns-hosts command show

  privilege see the level 3 exec command access-list mode

  logging of orders privilege see the level 3 exec mode

  privilege, level 3 see the exec command mode vlan

  privilege show level 3 exec command ip mode

  privilege, level 3 see fashion exec command ipv6

  privilege, level 3 see the exec command failover mode

  privilege, level 3 see fashion exec command asdm

  exec mode privilege see the level 3 command arp

  command routing privilege see the level 3 exec mode

  privilege, level 3 see fashion exec command ospf

  privilege, level 3 see the exec command in aaa-server mode

  AAA mode privileged exec command to see the level 3

  privilege, level 3 see fashion exec command eigrp

  privilege see the level 3 exec mode command crypto

  privilege, level 3 see fashion exec command vpn-sessiondb

  privilege level 3 exec mode command ssh show

  privilege, level 3 see fashion exec command dhcpd

  privilege, level 3 see the vpnclient command exec mode

  privilege, level 3 see fashion exec command vpn

  privilege level see the 3 blocks from exec mode command

  privilege, level 3 see fashion exec command wccp

  privilege see the level 3 exec command mode dynamic filters

  privilege, level 3 see the exec command in webvpn mode

  privilege control module see the level 3 exec mode

  privilege, level 3 see fashion exec command uauth

  privilege see the level 3 exec command compression mode

  level 3 for the show privilege mode configure the command interface

  level 3 for the show privilege mode set clock command

  level 3 for the show privilege mode configure the access-list command

  level 3 for the show privilege mode set up the registration of the order

  level 3 for the show privilege mode configure ip command

  level 3 for the show privilege mode configure command failover

  level 5 mode see the privilege set up command asdm

  level 3 for the show privilege mode configure arp command

  level 3 for the show privilege mode configure the command routing

  level 3 for the show privilege mode configure aaa-order server

  level mode 3 privilege see the command configure aaa

  level 3 for the show privilege mode configure command crypto

  level 3 for the show privilege mode configure ssh command

  level 3 for the show privilege mode configure command dhcpd

  level 5 mode see the privilege set privilege to command

  privilege level clear 3 mode exec command dns host

  logging of the privilege clear level 3 exec mode commands

  clear level 3 arp command mode privileged exec

  AAA-server of privilege clear level 3 exec mode command

  privilege clear level 3 exec mode command crypto

  privilege clear level 3 exec command mode dynamic filters

  level 3 for the privilege cmd mode configure command failover

  clear level 3 privilege mode set the logging of command

  privilege mode clear level 3 Configure arp command

  clear level 3 privilege mode configure command crypto

  clear level 3 privilege mode configure aaa-order server

  context of prompt hostname

  no remote anonymous reporting call

  Hello

  Loss of connectivity to the LAN is not really supposed all remove this command UNLESS your network is using another device as their gateway to the Internet. In this case configuration dynamic PAT or political dynamics PAT (as you) would make sense because the LAN hosts would see your VPN connection from the same directly connected network users and would be know to traffic before the ASA rather than their default gateway.

  So is this just for VPN usage and NOT the gateway on the LAN?

  If it is just the VPN device I'd adding this

  global interface (phones) 10

  He would do the same translation for 'phones' as he does on 'inside' (of course with different PAT IP)

  -Jouni

• HA AEC in two different subnets.

  Hello

  I have to configure two ACS 1113 ver 4.1 (4) high reliability in two places different and two different subnets.

  A device will be required to manage an office, the second the other office, but if one goes down the other is responsible for the entire network.

  Two subnets are accessible from all devices.

  Will set up the RADIUS server on all systems.

  The ACS are connected to Active Directory to authenticate users.

  My question is, can I create a profile ACS are replicated to the other, even if they are on two different subnets? Can I do a HA on two different subnets?

  Thank you.

  Sorry for my bad answer above. I corrected to provide you with the information you need

  Yes. Replication should work if two s ACS server on different subnets.

  See the example in config also, it will help you: http://tiny.cc/g04rkw

  HTH

  Amjad

  Rating of useful answers is more useful to say "thank you".

• Setting up a virtual computer on a different subnet?

  How to set up this configuration is all new to me.
  Current context:
  Internal subnet: 192.168.1.x
  2 - 5.5 ESXi hosts. Each with 4 physical NETWORK adapters
  Configuration is attached.
  I have a physical server I want to virtualize but is in a different subnet.
  Replacing the subnet: 192.168.10.x.

  I reason assuming that I'll need to add a physical NETWORK card to each host and assign this NETWORK adapter on the computer virtual requiring a different subnet? Or am I way off?

  Thanks in advance!

  If your physical switches supports VLAN's then I would say you think to reconfigure the ports for the ESXi host and tag/trunk ports to the VLAN necessary. And create groups of ports VM with the differnet VLAN-ID on the ESXi host. In this way, you can use different subnets on the ESXi host without the need for having dedicated physical rising for each subnet.

  André

• How to combine 2 VCenter with different subnet?

  Hello

  I had 2 x VCenter instance installed in two different subnet, internal production and one for the disaster recovery site, it is possible to make them connected to each other and then implement in the heart of vcenter beat builtin functionality?

  Thank you.

  OK, I'm a bit confused.  You asked previously on vmotion or vcenter or esx hosts?

  vCenter servers can be linked together without having to be in the same subnet.

  Grouping of vcenters will allow you to have a single pain of glass view for the two vcenters and allow you to search your inventory full, but models are managed by the individual vcenters.

  -KjB