07-22-2014 05:33 PM - edited 03-07-2019 08:09 PM
I have a client who's network is divided (with VLANs) by floor in their building. With dot1x authentication enabled all users are leasing an IP address from the first DHCP pool regardless of how the port is tagged.
So for instance, VLAN 700 is the 2nd floor VLAN. A user on the 3rd floor connects to a port tagged for VLAN 720, they authenticate through NPS and then receive an IP address from 700. (DHCP is installed on the NPS server)
Everything I have found online about 802.1x VLAN assignment suggests that you can assign a VLAN during authentication, but I haven't found anything that would help me tell the server which DHCP scope to lease addresses from based on how the port is already tagged on the switch. If there is a way to do this I would appreciate a nudge in the right direction. Thanks in advance!
07-23-2014 01:53 AM
Hi,
Has the DHCP server been configured with your user vlan scopes under a SUPERSCOPE ?
If this is the case then take the vlan scopes out of the SUPERSCOPE.
SUPERSCOPES are not used when we want individual vlans to be scopes in their own right.
Worth having a look.
Hope this helps
Regards
Alex
Please rate usefuol posts
07-23-2014 09:46 AM
They are not using Superscope.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: