Meraki

TedS · ‎Mar 23 2018

Team,

I am issue COA messages to an MS-220 switch to change the VLAN. The VLAN is changing fine which is great. However, the port needs to bounce to trigger a DHCP renew. I can't seem to find anything on how to do that.

I am following these two articles:

https://documentation.meraki.com/MS/Port_and_VLAN_Configuration/Dynamic_VLAN_assignment_via_802.1X_(...

https://documentation.meraki.com/MS/Access_Control/Change_of_Authorization_with_RADIUS_(CoA)_on_MS_S...

Change of Authorization is used to change client authorizations in the following use cases:

Reauthenticate RADIUS Clients
Changing the VLAN for an existing client session when authentication via Wired 802.1x or MAC Authentication Bypass (MAB) is possible using CoA. A port bounce will force the client to re-authenticate and assign the new VLAN.

Any Suggestions?

PhilipDAth · ‎Mar 27 2018

I tested this today using the Microsoft NPS server and having it return a new VLAN did indeed cause the port to bounce and the client got a DHCP from the new VLAN.

I tested this using firmware MS 10.18.

View solution in original post

PhilipDAth · ‎Mar 23 2018

Perhaps try 10.19. I have not tested that specific feature, but everything else is working good for me in that code release.

PhilipDAth · ‎Mar 25 2018

I thought about this further.

Do you actually need to change the VLAN, or could you simply push a different group policy to use, and thus change the users access?

PhilipDAth · ‎Mar 27 2018

I tested this today using the Microsoft NPS server and having it return a new VLAN did indeed cause the port to bounce and the client got a DHCP from the new VLAN.

I tested this using firmware MS 10.18.

Meraki

Community

Bouncing switch port after 802.1x COA VLAN change

Bouncing switch port after 802.1x COA VLAN change