Another VLANs when user role works = 128,144 asnd the subnet´s (10.0.128.0/24 and 10.0.144.0/24)
When I connect my pc, my port change to vlan 136, I receive the login of NAC Agent, I successfully login but my VLAN not changed to VLAN 128, and my ip address not chaged too. The snmp configuration is ok because in the first step when I connect into the port the vlan is changed.
My doubt about my config is:
In interface eth1(untrusted) CAS I have the VLAN 136
In interface eth0 (trusted) CAS I have the VLAN 140, my doubt, I need put the VLAN 128 and the 144?
In managed subnet I have only the 10.0.140.0/24 subnet wich correspond to vlan 140, I need put the 128 and 144 subnets?
I solved the first problem, it was a dumb misconfiguration. What is happening now is that I have more than one user role, but only one auth VLAN. In the user role I have 3 VLANs with 3 different subnets, the problem is: when a client authenticates it dosn't renew the its IP address, it continues to use the same IP that it got when it was in the auth VLAN. I need the client do change its address to the correct subnet associate with the VLAN.
We're using a OOB VGW L2 setup, in the access switch I can see that the port's VLAN is changed from the auth vlan to the user role VLAN, but the client keeps the same IP address from the auth VLAN.
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...