Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Wired 802.1x / CSSC 5.1 loop "aquiring IP Addr." and "Authentication"

Hello

I am currently preparing an installation for wired 802.1x authentication. My setup consist of the following:

- MS IAS

- MS AD

- MS DC-DHCP for auth. users

- Switch WS-C3560

- Testclient with CSSC 5.1

The dot1x authentication itself is working properly and the switchport is configured with the appropriate VLAN.

After the user is logged in to the computer the CSSC always stays on Status "aquiring IP address" before it re-authenticates again. If you have a look at the client's IP configuration everything is fine. It looks like the CSSC doesn't recognise that the DHCP IP allocation was done properly.

I have checked the DHCP configuration on the DC and it is correct. In the log you can see that the client is releasing and renewing his address often and this must be triggered by the CSSC. I have also checked the timers and they shouldn't be too short.

In the CSSC Log you can find the following error:

DHCP release failure => -20{error}

DHCP ipReconnect failure => -2(error)

Uploaded you can find the following:

- CSSC Logfile

- CSSC XML-Config file

Any ideas?

Regards

Stefan

2 REPLIES
New Member

Re: Wired 802.1x / CSSC 5.1 loop "aquiring IP Addr." and "Authen

Hello world

The following sentence was found:

“The SSC agent does do a gateway ARP to verify network connectivity. If it doesn't get a response then it will release and try to get a new IP.”

As I was setting up 802.1x in the lab no gateway existed and this is why I faced exactly this problem. When I have changed the DHCP Router address the CSSC changed to State "connected"

Hopefully this forum entry can help someone else.

Stefan

New Member

Re: Wired 802.1x / CSSC 5.1 loop "aquiring IP Addr." and "Authen

Hi,

I have pretty much the same lab environment as you referenced earlier, I was wondering if you figured out a way to remote manage your desktops with the CSSC supplicant? Any suggestions will be greatly appreciated.

Thanks!

373
Views
0
Helpful
2
Replies
CreatePlease login to create content