CLEANACCESS Archives

July 2007

CLEANACCESS@LISTSERV.MIAMIOH.EDU
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
DHCP responds faster than CAS
From:
Shane Miles <[log in to unmask]>
Reply To:
Cisco Clean Access Users and Administrators <[log in to unmask]>
Date:
Tue, 31 Jul 2007 10:51:07 -0400
Content-Type:
text/plain
Parts/Attachments:
text/plain (14 lines) 
Scenario is Layer-3 OOB and the agent is multiple hops away from the CAS.  
The CAS is discovered via DNS.  Initial VLAN == 100, Auth VLAN == 200, 
Access VLAN == Initial VLAN.  The problem is when the host boots it gets a 
DHCP address faster than the CAS changes the switchport VLAN to 200.  The 
result is the host has an IP address from VLAN 100 but the switch port is 
now in VLAN 200.  So I have no connectivity and have to release/renew the 
IP after which everything works great.  SSO works, posture assessment and 
refreshing of the IP all work great.  Then I'll clear the certified device 
list and "Keep Online User" and reboot.  When the host comes up the same 
thing happens.  I tried setting the initial VLAN to the Auth VLAN but that 
only fixes it on the first boot.  The problem re-occurs on all subsequent 
reboots (after clearing CDL) because the switch port remains in VLAN 100 
even after the switchport loses link.  What am I doing wrong?

ATOM RSS1 RSS2