802.1x and DHCP assigned addresses

I've done a lot of reading on this but I am still confused. I'm not a Microsoft guru so I don't really know waht is going on with login scripts, or cached user/pass.
Scenario 1
==========
I have 802.1x implemented and Joe the contractor comes into the office and plugs in his laptop. He is a guest. I allow guests to have access to a guest VLAN. How can Joe automatically get an IP address, or does he have to do ipconfig /renew?
Scenario 2
==========
What is the behind the scenes process that takes place for my corporate users that login to a domain....how do they get DHCP assigned addresses?
Thanks

I assume from what you have written 'Joe' doesn't have an 802.1x supplicant on his PC? Therefore the switchport eapol frames are ignored by the PC and after a timeout the port is placed in the guest vlan. You need to make sure DHCP is enabled for the guest vlan - either add the appropriate entried to the protecting ACL or add a scope on the router? Depending on the timeouts you may have some delay issues here; I would test this before you roll it out.
For clients with 802.1x supplicants what happens is the PC effectively thinks it is disconnected from the network until the supplicant has authenticated. Once it has authenticated the PC thinks the network adapter is then connected and it will attempt to lease an IP address by broadcasting a DHCP request.
There are however a few 802.1x supplicants and I am not sure how they all integrate with the host O/S. I know the built-in Microsoft one operates as I have described.
HTH
Andy

Similar Messages

  • How to set up both static and DHCP assigned addresses on an AirPort Extreme

    I recently bought an AirPort Extreme to replace my failed Cisco/Linksys router.
    I am having trouble figuring out how I can configure the Extreme to support the already static IP addresses on my network as well as assign IP addresses via DHCP to a few devices where static IPs are not supported, i.e., work laptop.
    Additionally, when DHCP is turned on, are my only options the 10.0, 172.16, and 192.168? What if I am running something like 10.10 or 172.30?
    I am far from green when setting up computer networks, but this AirPort Extreme is making me pull my hair out.
    BTW, I have access to a number of computers running a number of OSes including Windows XP, 7, and 8, as well as Mac OS X Snow Leopard and Mountain Lion.
    The Mountain Lion or Windows 7 machine would be the preferred ones to configure the Extreme. I already have the AirPort Utility software running on them.
    Any help would be appreciated.

    I have found the 'DHCP Reservations' option on the AirPort Extreme to be buggy.  I seem to remember it causing IP conflicts for some reason.  I think what I remember is that if the computer with the reservation was off, and the DHCP server then handed out that IP to another DHCP client, then there would be a conflict when the reserved IP computer was turned back on.  Maybe it was an issue in ealier versions of the AE or OS X as the case may be, and maybe it's been corrected, but I've never bothered using it agian since the method I describe below has always worked without fail.  Also, I'm guessing DHCP Reservations would work fine if one manually enters IPs outside of the DHCP range but in the AE 'DHCP Reservation Setup Assistant' the IP options provided are within the DHCP range which to me makes no sense and increases the potential for IP conflicts.
    Here's what I do to setup a mixed environment of static and dynamic IPs on my network.  It works like a charm and does not require the DHCP server (beyond the distribution of dynamic IPs to hosts using DHCP).
    For machines on my network that are accepting services from the public network, I set them up with static IPs using the 'Manually' option (System Preferences/Network/Ethernet/Configure IPv4).  The settings for 'Router' IP address and 'DNS Server' IP address should both be set with your gateway/router LAN IP).  Use an IP address below or above the DHCP range of adresses (in AE/Internet/DHCP/DHCP Beginning & Ending Address).
    i.e. if my subnet is 10.0.1.1 and my DHCP range is 10.0.1.100 to 10.0.1.150, you could set the static IPs on your local hosts as 10.0.1.x where x = any number from 2 - 99 or from 151 - 200 as an example.
    All other machines and devices that do not require static routing are setup as DHCP clients and get a dynamic IP from the AE.  To me it's a simpler setup though it might take a little extra time to setup initially.
    John

  • 802.1x and DHCP

    we have an issue with DHCP and the guest VLAN, what basically happens is while waiting for authorisation from the Radius server the XP client gets put into the guest vlan where it leases an ip address from the Guest VLAN DHCP Server. Once the client has Been authorised it gets switched across to the secure VLAN but then does not attempt to aquire a new lease with the DHCP for the secure VLAN. I thought that the switching process would trigger The DHCP discover process again, but it seems to just sit there with the wrong ip!!
    Any Views would be welcomed
    thanks

    Jason thanks for your reponse, we know that we have an issue with the radius timing out which is being looked into as a seperate issue , i'll try to expain the setup a little better
    The guestVlan as i have called it is really our old network Vlan and is basicly for legacy pc's.We are currently rolling out a new infrastructure and pc's so 801.1x is being used to authenticate the MAC addresses of the new pc's basicaly creating a auto switching system between the old and new Vlans, as a large amount of users have notebooks this saves on port config tasks
    the system is not wireless and runs on cat6500 switches.
    so you can see when the users connect thier new pc or notebooks they often get serviced by the Legacy DHCP Server because of the radius taking time to authenticate causing the notebook to be placed on the legacy Vlan until the authentication is recieved.
    this would not be a problem if we could get the notebook to start DHCP discovery again to obtain the correct ip once the 802.1x authentication has taken place and the pc is on the correct VLAN.
    it would be good to know how the NIC of the PC sees the switch between vlans, as it seems to be transparent which is why it mantains a DHCP lease obtained before the switch over which is essentially our problem.

  • CRIO failing to get a DHCP assigned address

    I just went through heck with my IT deparment on this so thought I'd post it here.
    I had four cRIO-9073s on a remote switch in one of our labs, that MAX (Measurement and Automation Explorer) was saying were using Link-local addresses.  In fact, all were using the EXACT SAME address:  169.254.62.215.  Very strange!  I was able to talk to them using MAX some times, doing remote restarts, etc., but other times not.  All were configured to grab a DHCP address or fall back to link-local.
    As it turns out, the RIOs were attached to a Cisco switch that has a feature callled STP fully enabled on all ports.  STP is designed to prevent accidental loops in the network from downing your network, and that feature blocks all initial transmissions from attached devices for 30 seconds before letting them through, while it "listens" and "learns" about your device, analyzing to make sure that letting it connect won't create a loop.  Apparently this 30 second delay (forever in computer terms!) is too long for the cRIOs, so they take a link-local address, and since they can't even check the network for other link-local users because their transmissions aren't being forwarded, they all take the exact same address.  I'm still amazed MAX can find them under these conditions! 
    The way to get it working is to turn on "PortFast" on the Cisco switches, which simply disables the steps in STP that cause the slowdown (blocking, listening, learning).  Fortunately this can be done on a port-by-port basis, as it's recommended to NOT turn it on if ports are going to another switch (as that then opens the door for a loop).
    Here's more info:
    http://www.cisco.com/en/US/products/hw/switches/ps708/products_tech_note09186a00800b1500.shtml
    Here's hoping you don't need this!

    Hello Erik,
    Thank you very much for the post. Great work figuring out the root cause of your communication issue!
    Cameron F
    Applications Engineer
    National Instruments

  • DHCP assign address range to AD computer groups - possible?

    Not by OU, no. DHCP doesn't interrogate AD.

    Hello
    Does anyone know if it's possible to get the Windows DHCP server to assign an address range to a group of computers in Active Directory? Is it possible? 
    This topic first appeared in the Spiceworks Community

  • DHCP Assigned IPs

    My old D-Link router had a table where I could tell the DHCP server to assign specific IPs based on the MAC address of the device. I can't find a place in the WRT54G to do this. Do I have to go to each device and assign a fixed IP at the device? I like to keep the DHCP server active for setting up new devices and visitors. By using DHCP in my devices I don't have to reconfigure when I travel. With the old D-Link this worked find. It appears this could be a problem with the WRT54G. Am I missing something? Thanks, Bob

    You are correct.   The WRT54G does not support the "DHCP reservation" feature.   However, several of the newer Linksys wireless n routers support this feature.
    With the WRT54G, you can manually assign your computers a fixed LAN IP address.  You can also have a fixed address on some computers, while others take their address from the WRT54G's DHCP server.  Generally, unless you have a specific need for a fixed LAN IP address (for example, some online games require this for port forwarding to work properly), you should use a DHCP assigned address.
    Linksys has some specific rules about assigning fixed LAN IP addresses.  They are different from the D-Link.
    Rules for using fixed LAN IP addresses on Linksys routers:
    With Linksys routers, a fixed (static) LAN IP addresses must be assigned in the device that is using the address. So you need to enter the fixed address in the computer or printer, not in the router.
    When using a Linksys router, any fixed LAN IP address must be outside the DHCP server range (typically 192.168.1.100 thru 192.168.1.149), and it cannot end in 0, 1, or 255.
    Therefore any fixed LAN IP address would normally need to be in the range of
    192.168.1.2 thru 192.168.1.99 or
    192.168.1.150 thru 192.168.1.254
    assuming you are still using the default DHCP server range.
    Also, in the computer, when you set up a static LAN IP address, you would need to set the "Subnet mask" to 255.255.255.0 and the "Default Gateway" to 192.168.1.1 and "DNS server" to 192.168.1.1
    It is also important that no two devices on your network be set to the same static LAN IP address.

  • IPoE BNG and DHCP on the ASR9K

    Hi,
    can some one tell me if this is possible.
    I have a bundle Interface -using ambiguous VLANS:
    interface Bundle-Ether100.1
    vrf customers_1
    ipv4 unnumbered lo2
    ipv4 point-to-point
    arp learning disable
    service-policy type control subscriber UFB_DHCP
    ipsubscriber ipv4 l2-connected
      initiator dhcp
    encapsulation ambiguous dot1q any second-dot1q any
    I have two loopback interfaces:
    interface lo2
    vrf customers_1
    ipv4 address 100.64.0.1 255.255.128.0
    interface lo3
    vrf customers_1
    ipv4 address 200.200.200.1 255.255.254.0
    I am authenticating users using option82 remote-id, and DHCP for address allocation.  I want to use RADIUS to send back attributes, to set the users template, and, somehow set the dhcp giaddr so that the user gets an address from the correct pool.
    ie. put the user into this template:
    dynamic-template
    type ipsubscriber CUSTOMER
      vrf customers_1
      ipv4 unnumbered Loopback3
    and have them then given an address in the lo3 (200.200.200.0) range.  No matter what i do the dhcp giadd remains the address of the Bundle Interface.
    I have tried all sorts of radius attributes:
    Cisco-AVPair = 'subscriber:service-name=CUSTOMER'
    Cisco-AVPair = 'subscriber:command=activate-service'
    I have tried:
    Cisco-AVPair= 'ipv4:ip-unnumbers=Loopback3'
    Cisco-AVPair= 'subscriber:classname=lo192'  - and creating a dhcp class to set giaddr
    I get a "aaa_type invalid attribute, flags 0x21"
    I am at a bit of loss, and am not sure if what I am wanting to do is even possible.
    though if set the template statically via an onboard policy things seem to work, and my user gets an address from the correct loopback.
    any help would be appreciated.
    ta.

    Alexander,
    thanks for your reply,
    If I use
    Cisco-AVPair = 'subscriber:sa=UFB_CUSTOMER'  -> sets dynamic template
    Cisco-AVPair += 'ipv4:ipv4-unnumbered=Loopback3' -> sets ipv4 loopback
    I get the following form the RADIUS debug (showing template, and loopback understood by RADIUS)
    RP/0/RSP0/CPU0:Nov 28 13:33:11.478 : radiusd[1120]: Radius packet decryption complete with rc = 0
    RP/0/RSP0/CPU0:Nov 28 13:33:11.478 : radiusd[1120]:  RADIUS: Received from id 195 202.74.33.109:1812, Access-Accept, len 121
    RP/0/RSP0/CPU0:Nov 28 13:33:11.478 : radiusd[1120]:  RADIUS:   Vendor-Specific    [26]    34             
    RP/0/RSP0/CPU0:Nov 28 13:33:11.478 : radiusd[1120]:  RADIUS:  authenticator F2 4D D3 E7 B1 E8 90 D3 - F8 77 F1 1C 28 36 E9 6C
    RP/0/RSP0/CPU0:Nov 28 13:33:11.478 : radiusd[1120]:  RADIUS:   Vendor-Specific    [26]    41             
    RP/0/RSP0/CPU0:Nov 28 13:33:11.478 : radiusd[1120]:  RADIUS:  Reply-Message       [18]    26      User authenticated - UBA
    RP/0/RSP0/CPU0:Nov 28 13:33:11.479 : radiusd[1120]: pack_length = 121 radius_len = 121
    RP/0/RSP0/CPU0:Nov 28 13:33:11.479 : radiusd[1120]: rad_nas_reply_to_client: Received response from id : 195,packet type 2
    RP/0/RSP0/CPU0:Nov 28 13:33:11.479 : radiusd[1120]: Total len = 121, Radius len = 121
    RP/0/RSP0/CPU0:Nov 28 13:33:11.479 : radiusd[1120]: filter not found
    RP/0/RSP0/CPU0:Nov 28 13:33:11.479 : radiusd[1120]: Decoding the attribute: Vendor-Specific, aaa_type invalid attribute, flags 0x21
    RP/0/RSP0/CPU0:Nov 28 13:33:11.479 : radiusd[1120]: Decoding the attribute: Vendor-Specific, aaa_type invalid attribute, flags 0x21
    RP/0/RSP0/CPU0:Nov 28 13:33:11.479 : radiusd[1120]: This is sub-string of the Loopback interface name
    RP/0/RSP0/CPU0:Nov 28 13:33:11.479 : radiusd[1120]: Loopback attribute value: Loopback3
    RP/0/RSP0/CPU0:Nov 28 13:33:11.479 : radiusd[1120]: Decoding the attribute: Reply-Message, aaa_type reply-message, flags 0x100
    RP/0/RSP0/CPU0:Nov 28 13:33:11.479 : radiusd[1120]: Reply-Message fragments, 24
    RP/0/RSP0/CPU0:Nov 28 13:33:11.479 : radiusd[1120]: , total 24 bytes
    RP/0/RSP0/CPU0:Nov 28 13:33:11.479 : radiusd[1120]: RADIUS: parsing sevice 'UFB_CUSTOMER' (len 12)
    RP/0/RSP0/CPU0:Nov 28 13:33:11.479 : radiusd[1120]: (rad_nas_reply_to_client) Successfully decoded the response No error: PASS
    RP/0/RSP0/CPU0:Nov 28 13:33:11.479 : radiusd[1120]: (rad_nas_reply_to_client) Successfully stored the preferred server info
    RP/0/RSP0/CPU0:Nov 28 13:33:11.478 : radiusd[1120]: Freeing server group transaction_id (B1000047)
    output from show subscriber running:
    Subscriber Label: 0xff
    % No such configuration item(s)
    dynamic-template
    type ipsubscriber UFB_CUSTOMER
      vrf customers_1
    The subscriber shows up as a session:
    RP/0/RSP0/CPU0:tpisp-cr02-h#show subscriber session all
    Thu Nov 28 13:38:05.389 UTC
    Codes: IN - Initialize, CN - Connecting, CD - Connected, AC - Activated,
           ID - Idle, DN - Disconnecting, ED - End
    Type         Interface                State     Subscriber IP Addr / Prefix                             
                                                    LNS Address (Vrf)                             
    IP:DHCP      BE100.1.ip71             AC        100.64.0.98 (customers_1) 
    However..
    the ip address range is from the loopback 2 address, (this is the loopback bound to the unbundled BNG interface)
    My understanding is that the giaddr address should have been changed to the ip address of lo3, which is the loopback specified in the RADIUS attribute.
    dhcp debug: (this is the dhcp debug that follows directly after the RADIUS debug)
    RP/0/RSP0/CPU0:Nov 28 13:33:11.484 : dhcpd[1080]: DHCPD PACKET: TP1225: Process packet event, client mode: PROXY
    RP/0/RSP0/CPU0:Nov 28 13:33:11.484 : dhcpd[1080]: DHCPD PROXY: TP1955: FSM called for chaddr 000c.4270.6e7c with event DPM_SUCCESS state INIT_DPM_WAIT
    RP/0/RSP0/CPU0:Nov 28 13:33:11.485 : dhcpd[1080]: DHCPD PROXY: TP1917: Process client request called for chaddr 000c.4270.6e7c
    RP/0/RSP0/CPU0:Nov 28 13:33:11.485 : dhcpd[1080]: DHCPD PACKET: TP1883: Giaddr not present, Set giaddr 100.64.0.1, chaddr 000c.4270.6e7c
    RP/0/RSP0/CPU0:Nov 28 13:33:11.485 : dhcpd[1080]: DHCPD PACKET: TP571: L3 packet TX unicast to dest 202.74.33.108, port 67, source 100.64.0.1, vrf 0x60000003 (1610612739), tbl 0xe0000012 (3758096402)
    RP/0/RSP0/CPU0:Nov 28 13:33:11.485 : dhcpd[1080]: DHCPD_PACKET: pktTx id 666: ---------- IPv4 DHCPD --- dhcpd_iox_l3_unicast_packet -------
    RP/0/RSP0/CPU0:Nov 28 13:33:11.485 : dhcpd[1080]: DHCPD_PACKET: pktTx id 666: VRF name (id): customers_1 (0x60000003)
    RP/0/RSP0/CPU0:Nov 28 13:33:11.485 : dhcpd[1080]: DHCPD_PACKET: pktTx id 666: L3 src: 100.64.0.1
    RP/0/RSP0/CPU0:Nov 28 13:33:11.485 : dhcpd[1080]: DHCPD_PACKET: pktTx id 666: L3 dst: 202.74.33.108
    RP/0/RSP0/CPU0:Nov 28 13:33:11.485 : dhcpd[1080]: DHCPD_PACKET: pktTx id 666: L3 dst port: 67
    RP/0/RSP0/CPU0:Nov 28 13:33:11.485 : dhcpd[1080]: DHCPD_PACKET: pktTx id 666: metadata: L3 input Intf: Bundle-Ether100.1
    RP/0/RSP0/CPU0:Nov 28 13:33:11.485 : dhcpd[1080]: DHCPD_PACKET: pktTx id 666: metadata: Output Intf: Null
    RP/0/RSP0/CPU0:Nov 28 13:33:11.485 : dhcpd[1080]: DHCPD_PACKET: pktTx id 666: metadata: FROM: L3
    RP/0/RSP0/CPU0:Nov 28 13:33:11.485 : dhcpd[1080]: DHCPD_PACKET: pktTx id 666: metadata: NETWORK_ORDER
    RP/0/RSP0/CPU0:Nov 28 13:33:11.485 : dhcpd[1080]: DHCPD_PACKET: pktTx id 666: metadata: Vlan Info
    RP/0/RSP0/CPU0:Nov 28 13:33:11.485 : dhcpd[1080]: DHCPD_PACKET: pktTx id 666: metadata: Vlan EtherType 1: 0x8100
    RP/0/RSP0/CPU0:Nov 28 13:33:11.485 : dhcpd[1080]: DHCPD_PACKET: pktTx id 666: metadata: Vlan Priority 1: 0 (0x0)
    RP/0/RSP0/CPU0:Nov 28 13:33:11.485 : dhcpd[1080]: DHCPD_PACKET: pktTx id 666: metadata: Vlan Format 1: 0 (0x0)
    RP/0/RSP0/CPU0:Nov 28 13:33:11.485 : dhcpd[1080]: DHCPD_PACKET: pktTx id 666: metadata: Vlan ID 1: 101 (0x65)
    RP/0/RSP0/CPU0:Nov 28 13:33:11.485 : dhcpd[1080]: DHCPD_PACKET: pktTx id 666: metadata: Vlan EtherType 2: 0x8100
    RP/0/RSP0/CPU0:Nov 28 13:33:11.485 : dhcpd[1080]: DHCPD_PACKET: pktTx id 666: metadata: Vlan Priority 2: 0 (0x0)
    RP/0/RSP0/CPU0:Nov 28 13:33:11.485 : dhcpd[1080]: DHCPD_PACKET: pktTx id 666: metadata: Vlan Format 2: 0 (0x0)
    RP/0/RSP0/CPU0:Nov 28 13:33:11.485 : dhcpd[1080]: DHCPD_PACKET: pktTx id 666: metadata: Vlan ID 2: 23 (0x17)
    RP/0/RSP0/CPU0:Nov 28 13:33:11.485 : dhcpd[1080]: DHCPD_PACKET: pktTx id 666:
    RP/0/RSP0/CPU0:Nov 28 13:33:11.485 : dhcpd[1080]: DHCPD_PACKET: pktTx id 666: op:     BOOTREQUEST
    RP/0/RSP0/CPU0:Nov 28 13:33:11.485 : dhcpd[1080]: DHCPD_PACKET: pktTx id 666: chaddr: 000c.4270.6e7c
    RP/0/RSP0/CPU0:Nov 28 13:33:11.485 : dhcpd[1080]: DHCPD_PACKET: pktTx id 666: xid:    0x303751ed
    RP/0/RSP0/CPU0:Nov 28 13:33:11.485 : dhcpd[1080]: DHCPD_PACKET: pktTx id 666: flags:  0x8000 (broadcast)
    RP/0/RSP0/CPU0:Nov 28 13:33:11.485 : dhcpd[1080]: DHCPD_PACKET: pktTx id 666: ciaddr: 0.0.0.0
    RP/0/RSP0/CPU0:Nov 28 13:33:11.485 : dhcpd[1080]: DHCPD_PACKET: pktTx id 666: yiaddr: 0.0.0.0
    RP/0/RSP0/CPU0:Nov 28 13:33:11.485 : dhcpd[1080]: DHCPD_PACKET: pktTx id 666: siaddr: 0.0.0.0
    RP/0/RSP0/CPU0:Nov 28 13:33:11.485 : dhcpd[1080]: DHCPD_PACKET: pktTx id 666: giaddr: 100.64.0.1
    RP/0/RSP0/CPU0:Nov 28 13:33:11.485 : dhcpd[1080]: DHCPD_PACKET: pktTx id 666: cookie: 0x63825363
    RP/0/RSP0/CPU0:Nov 28 13:33:11.486 : dhcpd[1080]: DHCPD_PACKET: pktTx id 666: option: MESSAGE_TYPE: DISCOVER
    RP/0/RSP0/CPU0:Nov 28 13:33:11.486 : dhcpd[1080]: DHCPD_PACKET: pktTx id 666: option: PARAMETER_REQUEST data: "0x01-79-03-21-06-2a"
    RP/0/RSP0/CPU0:Nov 28 13:33:11.486 : dhcpd[1080]: DHCPD_PACKET: pktTx id 666: option: CLIENT_IDENTIFIER data: "0x01-00-0c-42-70-6e-7c"
    RP/0/RSP0/CPU0:Nov 28 13:33:11.486 : dhcpd[1080]: DHCPD_PACKET: pktTx id 666: option: HOST_NAME data: "MikroTik"
    RP/0/RSP0/CPU0:Nov 28 13:33:11.486 : dhcpd[1080]: DHCPD_PACKET: pktTx id 666: option: RELAY_INFORMATION
    RP/0/RSP0/CPU0:Nov 28 13:33:11.486 : dhcpd[1080]: DHCPD_PACKET: pktTx id 666: option: RELAY_INFORMATION: CIRCUIT_ID: 0x01-0f-43-48-4f-52-55-53-31-30-30-30-30-30-34-35-33
    I tried changing the dynamic template to service rather than ipsubscriber, this did not make a difference.  You make a reference to DHCP classname.  I have defined a DHCP class, however do not know how to match or force the use of a particular class by using a RADIUS attribute.
    Thanks,
    Mike

  • 802.1X and automatic vlan assignment

    Hello,
    I'm testing a 802.1X infrastructure :
    Switch : Try with Netgear Prosafe GS728TPS and Cisco SF300
    Radius Server  : Microsoft NPS
    DHCP Relay for address assignement by Vlan
    I have created some policies with simple authentication for testing (MSCHAP V2) and vlan assignement or not (depend on Active Directory Group).
    All work fine on a Windows 7 Pro. The user 1 is authenticated whithout vlan and the user 2 is authenticated with a vlan.
    The DHCP works fine and the 2 users have an IP.
    When I try on MAC OS X (ver. 10.7.2 and ver. 10.9.2) the user 1 (whithout vlan) work fine. I have an IP and access to the LAN. But the user 2 (with vlan) don't work. The Mac don't get an IP and I'm not on the VLAN. If i push manually an IP of the vlan, I have no access to the VLAN.
    There are some specifics parameters to add for enable vlan on Mac OS X ?
    Thanks for reply
    Ben

    Edit : It's for wired connections

  • Time Capsule Loses DHCP IP Address and Cannot access Internet

    My set up: Astound Cable Modem -> Belkin Router ->TC broadcasting wireless to 2 Apple TVs, 2 AE n units. Up until recently, we were experiencing periodic loss of internet access and rebooting the cable modem and router would get us up and running. After the 7.4.1 Airport update, the TC has been losing its DHCP assigned IP (from the router) and self-assigning an invalid address. If I am tied into the router via ethernet, I can access the internet just fine. However, using the wireless from TC, that is not the case.
    I have invested a lot of time and effort into setting up a worry-free wireless network and back up solution for our two laptops, 2 iPhones and Apple TVs. Something has really gone wrong of late. I work from home quite a bit and rely on a VPN connection to remain in touch with the office. Having to restart the network every half hour or so, is not conducive to productivity!
    I have tried a number of solutions on these boards, but nothing sticks. I really do not know where to go for help. Drag all the components down to the Genius bar? How do they emulate my specific set up? I suppose they could verify my TC set up is correct? But it is pretty basic: creates a network/bridge mode/serves as a TM back up source for our laptops - works by direct ethernet connect, but not wirelessly. This last problem may be a function of the image bundle name: it includes the MAC address which is different depending on whether we are accessing by ethernet or airport. Not sure about that one…
    Anyway, we are really in need of expert advice and I just wanted the forum to know this easy stuff ain't so easy after all! And, that I appreciate all the help I can get from the good people who frequent this place that actually know what they are doing! Unlike me.
    Any advice is welcome.

    I removed the Belkin router and set up the Airport Time Capsule as the DHCP server. No problems since.

  • Help needed : DHCP not assigning addresses on VMware. click for more details.

    Hello people of technet,
    I'm new to this forum I was told I could get some help here. I need your help with an issue that I have on my network. As the title says, my DHCP server is not assigning addresses from a specific pool.
    Information about the topology:
    I have to sites linked with a VPN site to site connection. In the first site I have a DHCP Server, In the second site I have a client that should get an address automatically from the DHCP. I installed a DHCP relay agent on the server that manages the VPN
    connection on the second site with a correct configuration. All other configurations are done right I verified a couple of times. I checked the connectivity with a ping test between the client (with static address for the test) from the second site to the
    DHCP server from the first site, it is all working. The problem is that the DHCP server is not assigning addresses from the specific pool. All machines (4) run on windows server 2008 r2.
    Thank you for your time and support, just tell me if you need more informations.

    I fixed the problem it is working now, apparently it was the VMnet cards that caused the issue I've just reseted their configuration to default state. I've had the idea after you asked me to check DHCP address assignement on the same site. One more thing
    to do now, switch from the workgroup to a domain.
    Thank you for you time.

  • Suse 9 oracle 10g installation DHCP-assigned public IP addresses problem

    Hi,
    I got below error when I have tried to install Oracle 10gR2.
    I have checked # hostname, it is Ok. I setup network to use static Ip.
    I checked /etc/hosts. Does oracle get hostname another file?
    How can I solve my problem.
    Thanks.
    Recommendation: Oracle supports installations on systems with
    DHCP-assigned public IP addresses. However, the primary network
    interface on the system should be configured with a static IP
    address in order for the Oracle Software to function properly.
    See the Installation Guide for more details on installing the
    software on systems configured with DHCP.

    Hostname command should return the fully qualified hostname as shown below:
    % hostname
    hostname.domainname

  • IPCP L2TP did not assigned address and install route

    Hi all,
    My Company recently using L2TP over radio link, for testing purpose the LNS using cisco 1841 and the L2TP client using 3 different machine:
    1. Hongdian Router
    2. Teldat Router
    3. Win XP client L2TP with IPSEC Disable
    there is problem when using Hongdian and Teldat router, the LNS did not assigned address and install route,the IPCP State suddenly closed as you can see at Debug LNS IPCP Fail.txt. I can assure you both router config is working (because when using another L2TP server like sl2tps or mikrotik, it just work fine).
    But When using Win L2TP client, it work as you can see at Debug LNS IPCP Success.txt
    i enclosed the config LNS too
    help plz anyone?

    Hi all,
    My Company recently using L2TP over radio link, for testing purpose the LNS using cisco 1841 and the L2TP client using 3 different machine:
    1. Hongdian Router
    2. Teldat Router
    3. Win XP client L2TP with IPSEC Disable
    there is problem when using Hongdian and Teldat router, the LNS did not assigned address and install route,the IPCP State suddenly closed as you can see at Debug LNS IPCP Fail.txt. I can assure you both router config is working (because when using another L2TP server like sl2tps or mikrotik, it just work fine).
    But When using Win L2TP client, it work as you can see at Debug LNS IPCP Success.txt
    i enclosed the config LNS too
    help plz anyone?

  • Hi.  I'm trying to set-up the wireless access times in my Airport Utility.  I need to enter the "Description" and the "MAC Address" of each wireless client before I assign access times. What are these?  Thanks.

    Hi.  I'm trying to set-up the wireless access times in my Airport Utility.  I need to enter the "Description" and the "MAC Address" of each wireless client before I assign access times. What are these?  Thanks.

    Let's say that an iPhone is one of the wireless clients that you want to allow access to the network.
    The Description of this device is anything that you want to specify for easy identification purposes. For example, the Description might be something like......
    Rex's iPhone
    The MAC Address, also known as a Wi-Fi Address is  a unique indentifiction number that is assigned to every device. The number will always follow this form:
    xx : xx : xx : xx : xx : xx, where "x" could be a number or letter.
    To find the MAC Address or Wi-Fi Address of an iPhone or iPad.....
    On the Home screen.....
    Tap Settings
    Tap General
    Tap About
    Wi-Fi Address is the item that you want
    If you have a Mac computer......you can find the MAC Address or Wi-Fi Address as follows:
    Open System Preferences (gear icon on the dock)
    Open Network
    Click on Wi-Fi on the left
    Click Advanced at the lower right
    The Wi-Fi Address for the Mac is located at the bottom of the window
    Other wireless devices usually have the MAC Address or Wi-Fi Address on the label on the back or bottom of the device

  • Static IP address and DHCP range

    Hi,
    A month back I decided to move over from Win to OS X and got my MB Pro RD. Along with that decided to replace my DLink DIR-655 wireless router with TC.
    My home network counts up to 15 devices that uses wireless AP. ISP ethernet cable comes out of wall and directly to TC, no other devices in between.
    Back in time when I had DLink in use it was using static IP 89.201.x.x and DHCP was assiging 192.168.x.x addresses to devices.
    Now when moved over to TC only DHCP range I can get is in range 89.201.x.x, it does not allow to change DHCP to something else than 89.201.x.x
    Question - is there a way to configure TC so that I use same static IP (89.201.x.x) but DHCP gives out 192.168.x.x to devices?
    Thanks in advance!
    BR
    UAUX

    Ok you must set the TC into router mode.. at the moment you have it in some other mode..
    You can use 192.168 if you want to but by default the TC is 10.0.1.x
    So the Internet tab should be set either dhcp or if you have static IP then you can apply that.
    Normally even a static IP from the ISP is still received by dhcp on the WAN interface.
    On the Network tab you must select DHCP + NAT.
    In the network options you change the IP and dhcp range..
    The TC always takes address 1.. and you do not set the TC address directly.. rather you set the dhcp range and the TC will follow.
    So in my example I have set 192.168.2.2-200 for dhcp and the TC will automatically become 192.168.2.1
    Set it as you prefer.

  • Potential Security Hole with 802.1x and Voice VLANs?

    I have been looking at 802.1x and Voice VLANs and I can see what I think is a bit of a security hole.
    If a user has no authentication details to gain access via 802.1x - i.e. they have not been given a User ID or the PC doesn't have a certificate etc. If they attach a PC to a switchport that is configured with a Voice VLAN (or disconnect an IP Phone and plug the PC direct into the switchport) they can easily see via packet sniffing the CDP packets that will contain the Voice VLAN ID. They can then easily create a Tagged Virtual NIC (via the NIC utilities or driver etc) with the Voice VLAN 802.1q Tag. Assuming DHCP is enabled for the Voice VLAN they will get assigned an IP address and have access to the IP network. I appreciate the VLAN can be locked down at the Layer-3 level with ACL's so any 'non-voice related' traffic is blocked but in this scenario the user has sucessfully bypassed 802.1x authentication and gain access to the network?
    Has anyone done any research into this potential security hole?
    Thanks
    Andy

    Thanks for the reply. To be honest we would normally deploy some or all of the measures you list but these don't around the issue of being able to easily bypass having to authenticate via 802.1x.
    As I said I think this is a hole but don't see any solutions at the moment except 802.1x on the IP Phone, although at the moment you can't do this with Voice VLANs?
    Andy

Maybe you are looking for

  • Domain Names and Oracle

    Hi, I am preparing to install Oracle 8i on my Windows NT machine, and I stumped into something that I can find no answer for. Oracle asks me to say what my domain name is (e.g. suse.com). It uses this to manage the different Oracle instances, e.g., s

  • How to add a "global" counter in uccx?

    Hi my customer has UCCX 8.5 Enhanced and he cannot afford an upgrade to Premium. They need to know how many times an option has been pressed by the users along the time. That option has only a "play prompt" step. I thought about using an XML file and

  • HOW TO ACTIVATE KEYGAURD LOCK ON NOKIA 6630 HANDSE...

    DOES ANY ONE KNOW HOW TO ACTIVATE THE KEYGAURD LOCK ON NOKIA 6630 HANDSET. AS THE PHONE DOES NOT HAVE THE FUNCTION IN THE SETTINGS PLEASE ANY ONE GUIDE ME IN THE MATTER.

  • Dynamic Distribution Groups - Message Delivery Restrict to Security Group

    Hi, I have created a dynamic distribution group and want to restrict mail delivery to only accept messages from members of a security group.  How do I achieve this? The idea is the DDG's are set with their criteria and if anyone leaves/joins the rele

  • How to uninstall Java 2 Runtime v1.3.x silently

    I am trying to uninstall old version v1.3.x of Java 2 Runtime Environment silently (through command-line) using script. but I can't find a way to do so. Is there someone know how to uninstall old version silently? That would be a great help if someon