- Integrated Systems
- About Us
- Integrated Systems
- About Us
04-06-2010 01:39 AM - last edited on 12-02-2013 02:22 AM by RASHMI
I would want my MSM730 controller doesn't take in consideration (ignore) the content of the Framed-IP-Address field that the clients send. There is a way?
I don't find this option in the controller configuration guide....
PS- This thread has been moved from Communication and Wireless to MSM Series- Forum Moderator
04-07-2010 05:28 AM
However, as far as I know the MSM controller does not make use of the frame-ip-address information internally. Meaning you can put it in the access-request and use it when pointing to an external RADIUS server, but when pointing to the MSM controller itself for local authentication, it will be ignored, because the controller has no use for it.
However, I'd like to understand a bit more what you want to achieve by having the framed-ip-address interpreted by the controller? What was the behavior/functionality that you expected?
04-07-2010 07:24 AM
I use an external radius server and an external dhcp server. Some clients (actually I noted this only with 802.1X client built-in MAC-OS-X tiger; it doesn't happen with ubuntu) send an IP in the framed-IP-address field.
This IP address is one of the subnet 169.254.0.0 (this is the subnet of link-local how you can see if you type route -n in a shell). I don't know because the client sends this IP (have you any ideas?).
The authentication process works but after the authentication I see in the controller in the VSC->overview->wireless_client page the client with the IP send to its by the dhcp and in the VSC->overview->user_session the same client with the IP of the subnet 169.254.0.0. The client now results authenticated but it can't navigate in internet.
I wished that there was an easy way to say to the controller to ignore any framed-ip-address field. There isn't?
04-14-2010 07:17 AM
The address that you see and is used by the Apple gear is "normal" for the fact that it is the way Apple does something similar to UPnP. It is kind of plug and play addressing if you prefer.
The key thing is that I'm confident the MSM controller is completely ignoring that information. It might display it in the client information because it "sees" it through, but I'm positive that it is always ignoring the information.
It is just used in cased of an external RADIUS server (and the MSM controller would relay that information to the external RADIUS server).
Bottom line, it means that it is probably not what is the cause of your problem. The question I have is: are ALL your clients not accessing the internet, or just the Apple ones? If you are telling me it is ALL clients (linux, windows, OS-X) and not just OS-X they I would say you have a different/bigger problems. If it is just OS-X then I would be proven wrong and the MSM controller may do something about that information (which I really doubt right now).
04-15-2010 08:02 AM
Thanks for answering.
With Ubuntu or Windows the authentication and the access to internet work perfectly. The problem is only with MAC-OS (I have tested only tiger OS).
Today I have done some other tests and the problem seems related to the 169.254.x.x address.
-First I connect the client to an other of my wireless networks (no 802.1x) and the client take an address of my subnet (146.x.x.x).
-After I try to connect the client to 802.1x wireless network and the client asks (by means of the Framed-IP-Address field) for the same address that it have taken earlier (that is 146.x.x.x).
And now it works!
I don't know how I can do other tests because I don't know how I can force the client to ask for a particular IP address....
04-15-2010 08:58 AM
04-16-2010 04:29 AM
I had already noticed this...so I have to use the access control...
04-16-2010 05:05 AM