11-13-2008 08:04 AM - edited 03-10-2019 04:11 PM
Hello
I am currently preparing an installation for wired 802.1x authentication. My setup consist of the following:
- MS IAS
- MS AD
- MS DC-DHCP for auth. users
- Switch WS-C3560
- Testclient with CSSC 5.1
The dot1x authentication itself is working properly and the switchport is configured with the appropriate VLAN.
After the user is logged in to the computer the CSSC always stays on Status "aquiring IP address" before it re-authenticates again. If you have a look at the client's IP configuration everything is fine. It looks like the CSSC doesn't recognise that the DHCP IP allocation was done properly.
I have checked the DHCP configuration on the DC and it is correct. In the log you can see that the client is releasing and renewing his address often and this must be triggered by the CSSC. I have also checked the timers and they shouldn't be too short.
In the CSSC Log you can find the following error:
DHCP release failure => -20{error}
DHCP ipReconnect failure => -2(error)
Uploaded you can find the following:
- CSSC Logfile
- CSSC XML-Config file
Any ideas?
Regards
Stefan
11-17-2008 04:16 AM
Hello world
The following sentence was found:
âThe SSC agent does do a gateway ARP to verify network connectivity. If it doesn't get a response then it will release and try to get a new IP.â
As I was setting up 802.1x in the lab no gateway existed and this is why I faced exactly this problem. When I have changed the DHCP Router address the CSSC changed to State "connected"
Hopefully this forum entry can help someone else.
Stefan
12-22-2008 04:02 PM
Hi,
I have pretty much the same lab environment as you referenced earlier, I was wondering if you figured out a way to remote manage your desktops with the CSSC supplicant? Any suggestions will be greatly appreciated.
Thanks!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide