Hi,
i have a query regarding the validuser ACL. we have SC1 controller in master-local setup with 5.0.4.X version. the actual issue is in our controller we see that in the user-table we the see the enteries with different IP address with the same wifi MAC address. hence we decided to configure the validuser ACL in order to permit only the IP addresses configured in the netdestination should be placed in the user table. hence we removed any any any permit in the validuser ACL.
After configuring the validuser ACL the wifi client is not getting the IP address from the dhcp server instead it is getting only APIPA address. However if we removed the validuser ACL and then reconfigured with any any any permit then client was getting IP address.
Do we need to configure the any any svc-dhcp permit in the validuser ACL above the other policies in order to make the client to get IP address?
can we also enable the enforce DHCP option in the AAA profile so that those duplicate enteries will not be allowed to display in the user-table since the different IP address displaying in the user-table is not assigned to the client wifi MAC address via DHCP?
Awaiting your valuable feedbck.
Thank you.