Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

IP address Assignment for 802.1x Client

Working on a Wireless deployment using 802.1x and a question has come up regarding Address Assignment.

The design requires wireless vlan assignment based on username and Active Directory group assignment.

The simplest way to provide dynamic addressing would obviously be multiple DHCP Scopes on a server and use ip helper functionally to provide relay servers.

Another option (I think) would be to create IP address pools in the ACS server based on ACS group and have ACS pass it back as part of the authentication process. I'm wondering if this is even a valid option with 802.1x authentication. It seems to me that it would cut down on alot of the traffic assoiciated with a DHCP discovery/request/offer conversation as the number of wireless clients start to grow.

5 REPLIES
Silver

Re: IP address Assignment for 802.1x Client

Yes. This can be done. You can configure IP address pools in the ACS server based on ACS group and have ACS pass it back as part of the authentication process. This will work.

New Member

Re: IP address Assignment for 802.1x Client

Have you done this?

I tried it today by setting a static IP address to a single user logon.

The user authentication worked but it ignored the static IP address that was sent back and just did dhcp anyway.

New Member

Re: IP address Assignment for 802.1x Client

HI,

have u done successfully with dynamic vlan assignment on WLC ?

New Member

Re: IP address Assignment for 802.1x Client

Err, no. There is no provision in EAP-TLS, PEAP (CHAP), or even basic EAP to provide network information (eg IP address/mask/gateway/DNS/etc).

There is also no provision in Windows 2k or XP interface management software to accept IP details for interface configuration via any wireless authentication protocol.

peter

New Member

Re: IP address Assignment for 802.1x Client

Thanks a lot !!

507
Views
0
Helpful
5
Replies
CreatePlease login to create content