NAC Assign to VLAN and DHCP

Started by deanwebb, October 27, 2016, 04:52:28 PM

Previous topic - Next topic

deanwebb

NAC system assigns device to VLAN... device goes to VLAN OK.

Then NAC assigns device to another VLAN... device does not go OK.

:think: :wall:

Turns out, it may be due to DHCP Renew actions. If the device doesn't send out a DHCP Renew, or sends it at the wrong time, then the device stays in that first VLAN. Do a port shut/no shut and the DHCP Renew is forced, device goes to the correct VLAN.

This is essentially random... some devices just get stuck and stay stuck. At the same time, other devices fly back and forth to all their VLANs, without issue. Damndest thing. I saw this on CounterACT and talked with another guy that saw this on ISE.
Take a baseball bat and trash all the routers, shout out "IT'S A NETWORK PROBLEM NOW, SUCKERS!" and then peel out of the parking lot in your Ferrari.
"The world could perish if people only worked on things that were easy to handle." -- Vladimir Savchenko
Вопросы есть? Вопросов нет! | BCEB: Belkin Certified Expert Baffler | "Plan B is Plan A with an element of panic." -- John Clarke
Accounting is architecture, remember that!
Air gaps are high-latency Internet connections.