I am doing the NAP With 802.1x enforcement. I Set the Guest vlan and auth-fail vlan and set the 802.1x authcation based port in the cisco 3550 switch and configure the RADIUS standard attributes Tunnel-Medium-Type, Tunnel-Pvt-Group-ID, and Tunnel-Type. Authcation method is EAP-mschap v2 .Authcation Mode is user authication.
Question 1: When I log on nap client that is a domain computer and inpute the domain password that is ok and the client can obtain corresponding right IP normal.but when i input local username and password in it ,the nap client obtain 169 IP. Sometime I must inpute command ipconfig/release and ipconfig/renew,the client can obtain restricted vlan IP . The client auth-fail,it should Immediately obtain auth-fail vlan IP. Why must inpute command ipconfig/release and ipconfig/renew,?how to solve it ?
Question 2: A group computer inpute user name and password ,the client auth-fail.It should Immediately obtain auth-fail vlan IP,but i must also muaul ipconfig/release and ipconfig/renew,the client can obtain restricted vlan IP ã
Why ?How to solve it ?
Question3:No sccm server ,i only deploy nps server ã wsus serverã dc and so on ,if client that don't install the new patches that have been in the wsus server is the client put in the restricted vlan ?