This past weekend, we placed a new implementation of CCA v4.1.0.1 into
service.  Everything seemed to be working fine with clients authenticating
and going through remediation.  About 3.5 hours into the trial, we started
receiving reports that customers on 4 out of the 5 vlans passing through a
IB L2 CAS could not get ip addresses.   The outbound traffic from the client
was traversing the path through the CAS, router, and hitting the dhcp
server.  The server would issue an ip address, but the client would not
receive the answer.   Sniffing found the CAS was not forwarding it back to
the client.   

It was discovered that if I deleted the vlan mapping under

Device Management > CCA Servers > Manage > Advanced > VLAN Mapping

and re-entered the same untrusted, trusted, description the dhcp traffic
would flow both directions.  TAC has stated that a couple other sites have
seen this same behavior, used the same recovery technique, and have not seen
the issue come back again.

Anyone else experienced this problem?  If so, did you follow the same
recovery technique and has it reoccurred?

Thanks.


Jeff Spyker
Senior Network Engineer
Network Engineering and Security

Old Dominion University
ECS 4300
4700 Elkhorn Ave
Norfolk, VA  23529

757.683.5048 - phone
757.683.5155 - fax