User Info

Welcome, Guest. Please login or register.
Did you miss your activation email?

Author Topic: vlan dhcp release not working  (Read 17540 times)

Offline spark_rod

  • Cisco Newbie
  • *
  • Posts: 9
  • Reputation: 1
  • Certification: CCNP
vlan dhcp release not working
« on: July 18, 2014, 06:50:45 PM »
Hi, after we solved the web redirect issue which discuss on the previous trend here goes the new issue. The vlan dhcp release not working. My setup is when user connected they will be connected to the guest vlan, if user authenticate as staff which credentials is in AD the user will get new set of IP under the staff vlan. it gets the authorization policy from ISE and assigned the right vlan for staff (vlan48) but the IP did not change after the ip renewal finished, still in vlan64 (guest).

DV-CASW-4-1(config-if)#do sh auth sess int g5/36
            Interface:  GigabitEthernet5/36
          MAC Address:  3c97.0eaf.a8e4
           IP Address: <------------did not change
            User-Name:  nw_sf_test
               Status:  Authz Success
               Domain:  DATA
       Oper host mode:  multi-auth
     Oper control dir:  both
        Authorized By:  Authentication Server
          Vlan Policy:  148 <------------------- correct vlan should be in (172.27.148.x/24)
           Vlan Group:  SIT_STAFF_LAN
     URL Redirect ACL:  ACL_REDIRECT
         URL Redirect:  You are not allowed to view links. Register or Login
              ACS ACL:  xACSACLx-IP-SIT-ISE-ONLY-53c7bea2
      Session timeout:  N/A
         Idle timeout:  N/A
    Common Session ID:  AC1B180800000F8F419020EC
      Acct Session ID:  0x00001082
               Handle:  0xE4000F90

Runnable methods list:
       Method   State
       dot1x    Failed over
       mab      Authc Success

Offline spark_rod

  • Cisco Newbie
  • *
  • Posts: 9
  • Reputation: 1
  • Certification: CCNP
Re: vlan dhcp release not working
« Reply #1 on: July 19, 2014, 01:00:58 PM »
Hi All to has the same issue with me, just to inform everybody that my problem was resolved. Just to share if anyone encounters this issue, there is a bug on the switch which cause the CoA to fail. After the successful CoA the redirect-url and acl redirect are not cleared. The workaround is to create a permit access on the authorization profile. This is the bug ID for reference. CSCue62019.

Offline MC

  • Global Moderator
  • Cisco Guru
  • *****
  • Posts: 400
  • Reputation: 606
  • CCIE x3 (RS,Sec,SP)
  • Certification: CCIE
Re: vlan dhcp release not working
« Reply #2 on: July 20, 2014, 04:52:11 PM »
Hi spark_rod, Just so I understand this correctly. You use web-auth for staff as well and not 802.1X correct? Can you elaborate on the "permit access on the authorization profile"? What exactly you have on the Authorization profile for successfully Staff authen as a workaround. I would guess you at least have the VLAN48 set to change from guest to staff VLAN.


Related Topics

  Subject / Started by Replies Last post
3 Replies
Last post January 26, 2016, 09:26:54 PM
by MC
0 Replies
Last post May 29, 2016, 07:30:47 PM
by micruzz82
8 Replies
Last post September 14, 2017, 08:34:06 PM
by MC
1 Replies
Last post January 02, 2018, 04:51:14 AM
by MC
1 Replies
Last post March 11, 2018, 09:06:31 PM
by MC

SimplePortal 2.3.7 © 2008-2024, SimplePortal