4402 controller with 4.0.602 code, MS XP Client, 802.1x authentication, device and user authentication:
The controller is configured with (2) SSIDs: Secure, Public.
There are (3) VLANs I want to place the devices in after user authentication (obviously machine authentication occurs prior to this). The (3) VLANs are Staff, Student and Faculty; numbered 10, 20 and 30.
Here is what happens.
The machine associates with the secure ssid, authenticates and is placed in the student vlan (20) - this is the VLAN I have assigned to the SSID by default.
I have aaa-override enabled.
A staff or faculty member logs on and is authenticated. The controller receives the new VLAN assignment from the radius server. I can see this if I go to client details and it shows the IP address and VLAN assignment.
Here is the kicker - the IP address is still the original IP address it was assigned from the original machine authentication when it was placed in the student VLAN, not what it should be in the staff or faculty vlan.
So I do a ipconfig /release and /renew at the client and I still get the same IP address not one from the staff or faculty VLAN.
It appears as if the VLAN was sent to the controller but never really applied.
I am using the DHCP Server within the 4402 controller.
Any thoughts or leads would be helpful.