The caching of user credentials is a problem - I have not used the
802.1x for wired connections yet, but assumed the situation would be the
same as in the wireless.
I wonder, if you used Microsoft IAS to authenticate against your AD
database, if you would have the same issues with new users and
As I recall, there was an issue with XP SP2 where after getting
switched to a new VLAN, it doesn't release the old IP address and
will try to renew the old address. Depending upon your setup the ACS
may be rejecting that request as it is coming over the wrong VLAN. If
this is the case, the
Just out of curiosity, what is the mechanism that places the user in the
specified vlan? Namely, which component sets the switch port to be part that
a specified vlan?
Thanks
Matt
[EMAIL PROTECTED]
-Original Message-
From: David Warner [mailto:[EMAIL PROTECTED]
Sent: November 21, 2005 4
Matt,
Inside the Cisco ACS server(and other radius servers I assume) you can
specify which vlan a group should be associated with. The dot1x
configuration on the switch will then use that information to set the vlan
when a user successfully authenticates.
dave warner
At 09:50 AM 11/25/200
If you're not using ACS, there are three Radius attributes that can
be used to put a user in a particular VLAN. I don't recall the
attribute numbers off the top of my head, but I am sure you can find
them on Cisco's web site. I know that they are also in the Microsoft
Wireless Provisioning
ecked (August)
Since we're considering using ACS, I'm trying to figure out if I'm going
to have this problem again.
> -Original Message-
> From: David Morton [mailto:[EMAIL PROTECTED]
> Sent: Thursday, December 01, 2005 11:19 PM
> Subject: Re: [WIRELESS-LAN
