802.1X delay when moving to a Guest VLAN

Unanswered Question
Sep 4th, 2007
User Badges:

Hi !


I am experiencing a strange DHCP address acquiring delay when my Windows machine without dotx1 enabled is trying to connect to a Cisco switch with dot1x enabled port. I have defined a Guest VLAN for that case, so the client should be moved to the Guest VLAN when a dot1x supplicant does not answering.

It happens so far, but I'm getting a huge delay when receiving an IP from the Guest VLAN DHCP server .... any clue why ?


thanx!

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
dominic.caron Tue, 09/04/2007 - 03:53
User Badges:
  • Silver, 250 points or more

Hi,


This is built in. Before puting the host in the guest vlan, you must give it time to boot and do Dot1x. I believe this can be tunned down with "Maximum retransmission number " and "Retransmission time

" parametre but I dont know if it would be a good move.


Jacob-Harris Thu, 09/13/2007 - 09:24
User Badges:

Hi,


Had the same problems with my installation. Came accross a very little know reg key for XP.


Add the following key to your windows xp box and your default delay (60 seconds) should be practically gone.


Windows Registry Editor Version 5.00


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\EAPOL\Parameters\General\Global]

"SupplicantMode"=dword:00000003

"startPeriod"=dword:00000005


szahid Thu, 09/13/2007 - 10:13
User Badges:
  • Silver, 250 points or more

Also , use the following timers on the switch for faster guest vlan access ( within 2 seconds ) if you are not using them already.


dot1x timeout tx-period 1

dot1x max-reauth-req 1


thanks

Salman.




Actions

This Discussion