Thanks for your answer,
The client does not get an ip address.
I have an user role with vlan 405 and a firewall policie that permit the dhcp traffic.
I have a dhcp server defined for the interface vlan 405, but all devices are not able to connect to the network.
The firewall " any any svc-dhcp permit" is showed when I do "show acl hits", but it seems not work.
In test mode I put this rule for blacklist devices that match it, but it does not work.
This is that I can see:
#show auth-tracebuf mac 00:1b:77:cf:5c:76
Nov 21 15:27:40 station-up * 00:1b:77:cf:5c:76 00:1a:1e:c3:96:a1 - - open system
Nov 21 15:27:40 station-data-ready * 00:1b:77:cf:5c:76 00:00:00:00:00:00 400 405
Nov 21 15:27:40 station-down * 00:1b:77:cf:5c:76 00:1a:1e:c3:96:a1 - -
Nov 21 15:27:41 station-data-ready * 00:1b:77:cf:5c:76 00:00:00:00:00:00 400 405
Nov 21 15:27:41 station-up * 00:1b:77:cf:5c:76 00:1a:1e:c3:96:a1 - - open system
Nov 21 15:27:41 station-data-ready * 00:1b:77:cf:5c:76 00:00:00:00:00:00 400 405
Nov 21 15:27:41 station-down * 00:1b:77:cf:5c:76 00:1a:1e:c3:96:a1 - -
#show acl hits | i congresos
congresos logon-control-congresos-II any any svc-dhcp permit 3 5 906