12-05-2013 12:27 AM
Our customer say that before NAC they haven't experience any IP conflict issue but after NAC few windows machine start experiencing IP conlict message pop up in the icon tray. Is the "ip device tracking " in the switch configuration is causing this ip conflict?
Solved! Go to Solution.
12-05-2013 01:02 AM
Which NAC and how is it configured?
Aruba Customer Engineering
Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base
Validated Reference Design Guides : http://community.arubanetworks.com/t5/Validated-Reference-Design/tkb-p/Aruba-VRDs
12-05-2013 03:57 AM
Hi cJoseph thanks for prompt reply,
Our client is using ClearPass Policy Manager Appliance 5K and 25K models.
See below switch configuration
radius server Server1
address ipv4 x.x.x.x auth-port 1645 acct-port 1646
automate-tester username test
aaa server radius dynamic-author
client x.x.x.x server-key *******
radius-server deadtime 8
radius-server dead-criteria time 10 tries 3
radius-server vsa send authentication
ip device tracking
ip dhcp snooping
ip access-list extended default
permit ip any any
aaa authentication dot1x default group radius
aaa authorization network default group radius
aaa accounting dot1x default start-stop group radius
dot1x critical eapol
interface range fa0/X-X
ip access-group default in
authentication order dot1x mab
authentication priority dot1x mab
authentication port-control auto
authentication timer reauthenticate server
authentication host multi-auth
dot1x pae authenticator
dot1x timeout tx-period 10
dot1x timeout supp-timeout 3
dot1x max-req 1
The windows machine is configured win 802.1X : Authentication method PEAP and allow to access if policy match <Machine Authentication and User Authentication>.
Some blogs I read they say it is due to "ip device tracking"
Duplicate IP Address Cause
12-05-2013 06:19 PM
10-05-2016 04:55 AM
We are encountering this occassionally too. To address this we are moving the Aruba's onto a vLAN with network-based DHCP, and disabling builtin DHCP/NAT.