We are implementing NAC 4.7(2) in an OOB VGW configuration. I am attaching a PC to the port of a managed switch and the device is not getting an IP address. I have done packet captures to confirm that I do not see DHCP discovers or requests coming from the CAS or the PC.
The following information may help:
Management VLAN is 24 w/ IP address10.50.24.10
The VLAN mapping is: Trusted VLAN 32 ==> untrusted VLAN 632
Managed subnet IP address is 10.50.33.175 / 255.255.254.0 for VLAN 632 that matches the subnet range of VLAN 32 which is
10.50.32.0 / 255.255.254.0.
DHCP is of course passthrough
The managed switch port is in VLAN 632 when the machine is connected. I'm not sure how to troubleshoot this further.
Are you trunking vlan 632 to the untrusted interface of the CAS? You say you've done captures to verify DHCP isn't happening. Where did you do those captures?