801.1x and DHCP




I am trying to setup a small wired 802.1x network using IAS, PEAP with
MSCHAPV2, ADS and Cat switch.

Client : win 2k prof SP4
IAS/Domain Contr/DHCP : Windows 2000 server with SP4

The main idea is to assign user-based VLANs, without breaking Domain
policies, logon scripts etc.

Issue I am facing is with DHCP seems to time out on re-authentication:-

The sequence :

Boots up -> Computer Authenticates itself -> VLAN assigned to port as per
policy -> DHCP -> Gets on the network -> Comp policies etc are applied
normally -> MS GINA -> Login -> PEAP authentication successful -> Port
assigned intended user-based VLAN -> At this point DHCP times out. Get an
event 1003.

(Your computer was not able to renew its address from the network (from the
DHCP Server) for the Network Card with network address 000xxxxxxxx.

The following error occurred: The semaphore timeout period has expired. Your
computer will continue to try and obtain an address on its own from the
network address (DHCP) server.) -> The port status is authenticated at this
point. ->

Manually renewing the ip address resolves the issue and the machine gets on
the intended VLAN.

This looks likes the problem in MS Article ID : 314994. However, W2k SP4
should not have this issue.

Any pointers are welcome.


Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question