Hey Cal, Most likely Managed Subnets on the CAS has not been configured. Am assuming you have multiple vlans trunked to the CAS. There will be a default Managed subnet entry in there. But you need to configure a separate Managed Subnet for each of the vlans trunked upto the CAS.
Hope this helps. Regards -alok -----Original Message----- From: Cisco Clean Access Users and Administrators [mailto:[EMAIL PROTECTED] On Behalf Of Cal Frye Sent: Sunday, August 17, 2008 7:45 PM To: [email protected] Subject: 3.5.11 virtual IP mode and ARP Think back a moment, please. We're still on ver. 3.5.11, operating strictly in-band. Lately we've been switching from Real-IP mode to Virtual mode, and we seem to have encountered a problem with our Cisco 4400 Wireless controllers. After some time, clients lose connectivity. They obtain valid IP addresses, but no communications pass. There is a lot of client ARPing for the untrusted interface on the CAS, which should be known to the client network. Not all clients are affected at the same time, either, but I'm not yet in a position to say whether it's all clients on a single controller or whether it's more random than that. I'm proposing we revert to Real-IP mode again for the immediate future, but does anyone have a suggestion on making this work as virtual? I've already tinkered with routes and set up an arp entry for the interface, to no avail. -- Regards, -- Cal Frye, Network Administrator, Oberlin College www.calfrye.com, www.pitalabs.com "An aim in life is the only fortune worth finding." -- Robert Louis Stevenson.
