We have Onguard set up to do system health checks when first logging on to the network.
Policy is set if system comes back with any status but healthy, to terminate session after posture check, then allow 802.1x service to drop to untrusted vlan.
If system comes back healthy, terminate session after posture check, then allow 802.1x service to drop to trusted vlan.
My issue is when a system changes health status, the session is terminated on the Cisco switch as expected, 802.1x service is run again and system is assigned the correct vlan, but the Windows workstation does not make a dhcp request after the session is terminated, and does not pick up an IP for the vlan it was assigned.
A temporary work around is to run ipconfig/release, renew after the workstation changes health status, but I need the workstation to automatically send a new DHCP request after the session is terminated.
Anyone have a similar issue?