Hi Jordan,
Why don't you manage dhcp on vlan 10 and 20 by packetfence ?
It's not a controller issue and it's not a packetfence issue, it's just that
the device is not able to detect that the vlan changed.
It's why on reg and isol vlan we configured packetfence's dhcp server to
provide low lease (30 s) to be able to have a new dhcp request each 30s.
Regards
Fabrice
Le 19 mars 2015 02:32:22 GMT-04:00, Jordan Altmann
<[email protected]> a écrit :
>Hello,
>
>I'm having an issue where the client doesn't request a new IP after the
>PacketFence Captive Portal registration occurs. A little background:
>
>Cisco WLC 5508 Firmware 8.0.115.0
>
>VLAN 10: Registration 10.0.10.X/24
>VLAN 20: Isolation 10.0.20.x/24
>VLAN 30: Production 10.0.30.x/24
>
>PacketFence Interfaces:
>eth0.10 10.0.10.2
>eth0.20 10.0.20.2
>eth0.441 172.44.0.10 (Management)
>
>Core Router:
>VLAN 10
> ip helper-address 172.20.0.3
> ip helper-address 172.44.0.10
>
>VLAN 20
> ip helper-address 172.20.0.3
> ip helper-address 172.44.0.10
>
>VLAN 30
> ip helper-address 172.20.0.3
> ip helper-address 172.44.0.10
>
>
>When I connect a client to the "NAC" SSID I am correctly put into VLAN
>10 and given a DHCP address. From there I am able to authenticate my
>credentials using Active Directory. RADIUS changes my VLAN and ACL via
>a CoA packet to VLAN 30 and Authorize_any. However, even though the
>client shows up as being a part of VLAN 30 it doesn't automatically
>renew so it holds onto a 10.0.10.x address. I can manually release and
>renew an then it works, however, this is not what should happen. I've
>made a Cisco TAC case thinking it was an issue with the controller not
>being put into a DHCP_REQD state after a reassocation, however, they
>think it's PacketFence.
>
>My understanding was that if you had "DHCP Address Required" selected
>on the Cisco WLC that it would put you in a DHCP_REQD state on the
>controller after the VLAN has changed, however, that must not be the
>case.
>
>Any insight would be greatly appreciated.
>
>Jordan Altmann
>Network Specialist
>
>
>------------------------------------------------------------------------
>
>------------------------------------------------------------------------------
>Dive into the World of Parallel Programming The Go Parallel Website,
>sponsored
>by Intel and developed in partnership with Slashdot Media, is your hub
>for all
>things parallel software development, from weekly thought leadership
>blogs to
>news, videos, case studies, tutorials and more. Take a look and join
>the
>conversation now. http://goparallel.sourceforge.net/
>
>------------------------------------------------------------------------
>
>_______________________________________________
>PacketFence-users mailing list
>[email protected]
>https://lists.sourceforge.net/lists/listinfo/packetfence-users
--
Envoyé de mon téléphone Android avec K-9 Mail. Excusez la brièveté.
------------------------------------------------------------------------------
Dive into the World of Parallel Programming The Go Parallel Website, sponsored
by Intel and developed in partnership with Slashdot Media, is your hub for all
things parallel software development, from weekly thought leadership blogs to
news, videos, case studies, tutorials and more. Take a look and join the
conversation now. http://goparallel.sourceforge.net/
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
