if you switch/change vlan, the only way to get all kinds of dhcp clients to work, is to configure a very low lease time (if possible 10-30 seconds, depending on dhcp server OS) for the default/guest vlan.
not all networking devices do a new dhcp request, if you switch vlan or better after link up/down. printers and mac's don't do a dhcp request at link up/link down for example. kind regards, markus ___________________________ On 18.09.2012, at 14:33, John Kaftan <[email protected]> wrote: Speaking of dynamic VLANs has anyone found a way to get the client to ask for a new IP after switching a VLAN? What we are finding is that the VLAN doesn’t switch fast enough and the client gets an IP from the default VLAN before the VLAN switches. Once the VLAN has been switched the client is dead in the water because they have an IP address for the wrong subnet. The only way I can think of to fix this is to have the default VLAN be a VLAN to nowhere, i.e no DHCP. If I do that then I have to map everyone to a VLAN and not just my special (xbox) group. I can do that but it will be a lot of work. I was going to try the RFC3580 method to see if that works differently. The last NAC we had would drop the port for 5 sec and then bring it back up to force the client to request a new IP. Thanks John *From:* [email protected] [mailto:[email protected]] *Sent:* Tuesday, September 18, 2012 7:02 AM *To:* Enterasys Customer Mailing List *Subject:* RE: [enterasys] question about "vlan dynamicegress" Thanks everyone. I will try this afternoon. *Geoffroy HUGUENIN* CEA VALDUC VA/DSTA/STLI/LSIS 21120 IS-SUR-TILLE Téléphone : 03 80 23 77 80 *De :* Sylvain Conti [mailto:[email protected]] *Envoyé :* mardi 18 septembre 2012 11:02 *À :* Enterasys Customer Mailing List *Objet :* RE:[enterasys] question about "vlan dynamicegress" Hi, As far as i can remember you can try to use the Vlan Egress tab under the Role to defined the egress rule (for a role with a contain to vlan setup in the general tab), dynamic egress should not be requisite if you do not have devices like SecureStack A2. Regards, *Sylvain CONTI* <image001.jpg> *Coordinateur technique* *+33 1 64 53 14 12* *+33 6 78 78 07 47* * * *INTEGRATEUR RESEAUX et SECURITE* *Agence Ile de France,* Immeuble Le Montréal - 19bis av. du Québec - ZA Courtaboeuf - 91140 Villebon sur Yvette T : +33 1 64 53 14 14 F : +33 1 69 32 14 02 Siège social -* *Espace Jacques Cartier - BP 96031 - 35360 Montauban de Bretagne T : +33 2 99 06 61 61 F : +33 2 99 06 36 36 *[email protected]** www.retis.fr* *De :* [email protected] [mailto:[email protected]] *Envoyé :* mardi 18 septembre 2012 10:51 *À :* Enterasys Customer Mailing List *Objet :* [enterasys] question about "vlan dynamicegress" Hello, We use some policies with “access control à Contains to vlan”. Our configuration has dynamicegress disabled on all switches. When we use policies on C3, vlan change correctly but not on our N3. We must enable dynamicegress on N3. Do you know why have we some differences between C3 and N3 ? Should dynamicegress be enabled on all switches or not ? Thanks. *Geoffroy HUGUENIN* CEA VALDUC VA/DSTA/STLI/LSIS 21120 IS-SUR-TILLE Téléphone : 03 80 23 77 80 - --To unsubscribe from enterasys, send email to [email protected] with the body: unsubscribe enterasys [email protected] - --To unsubscribe from enterasys, send email to [email protected] with the body: unsubscribe enterasys [email protected] - --To unsubscribe from enterasys, send email to [email protected] with the body: unsubscribe enterasys [email protected] - --To unsubscribe from enterasys, send email to [email protected] with the body: unsubscribe enterasys [email protected] --- To unsubscribe from enterasys, send email to [email protected] with the body: unsubscribe enterasys [email protected]
