RADIUS CoA

Started by config t, April 03, 2025, 11:29:47 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions

config t

April 03, 2025, 11:29:47 AM
When I impose a RADIUS CoA on a Windows box to maneuver it to an isolation VLAN should it detect the network change and DORA automatically? It seems as if it is failing to initiate DHCP unless the port is bounced.
:matrix:

Please don't mistake my experience for intelligence.

config t

#1
April 03, 2025, 12:04:46 PM
To answer my own question:

It depends on the equipment string. In this case a voip handset in-line with the PC was causing a failure to detect the network change so it wouldn't initiate DHCP. The answer for this scenario was installing the NAC agent.
:matrix:

Please don't mistake my experience for intelligence.

deanwebb

#2
Yesterday at 06:35:04 PM
Yes, and most Windows won't notice the change without an agent. This is why agentless solutions have to hard-bounce the port to get the device to request a new IP address. Any dot1x solution works so much better with agents that replace the Windows supplicant.

I have evil things to say about Windows supplicants, if you would like to hear them...
Take a baseball bat and trash all the routers, shout out "IT'S A NETWORK PROBLEM NOW, SUCKERS!" and then peel out of the parking lot in your Ferrari.
"The world could perish if people only worked on things that were easy to handle." -- Vladimir Savchenko
Вопросы есть? Вопросов нет! | BCEB: Belkin Certified Expert Baffler | "Plan B is Plan A with an element of panic." -- John Clarke
Accounting is architecture, remember that!
Air gaps are high-latency Internet connections.
Print
Go Up Pages1
User actions