Wondering if anyone else has come across this. We are in the process of allowing students in our college access to the internet on ther personal laptops, without giving them access to the network as such.
At current, we are using ACL lists on our HP switches and VLAN's, the student will connect to the Wireless Access Point in there desired location, the ACL's filter out everything apart from DNS, DHCP, HTTP and HTTPS traffic, this allows them to ONLY obtain an IP, communicate with DNS and use HTTP and HTTPS.
The rules also filter our access to the local network by DENYING 10.x.x.x adresses but allowing x.x.x.x adresses (internet) 10.x being local networks.
At current the process works fantasticly with Windows XP. The test setup is as follows.
Sony Vaio laptop with dual boot XP and Vista.
With the XP Setup, it works fantastic. WPA, TKIP, MSCHAPv2. Upon connecting to the access point we are asked for credentials (directed via radius to say 802.1x, in the "Wireless Users" group which we have created on AD. We provide the credentials and domain name, and we are in, with only internet access! WOO!
This works PERFECTLY as wanted, students are known by AD logging, so its not an open network that anyone can jump into.
We open the boot in Vista, we mimic the EXACT settings, WPA, TKIP, MSCHAPv2, checked, double checked, the settings are EXACT, the hardware is EXACT there is no faults.
We start the connection, we are asked for credentials, we get "limited connectivity" and have no assigned IP address (windows generated address is shown on ipconfig) and we cannot get access, dispite using the same hardware and settings.
Sorry for the "HOLY WALL OF TEXT!!" but if you have any ideas, experience or solutions, please share.
I had something similar with WIFI in vista, sometimes it just lost the DCHP assigned IP address. ipconfig /release & ipconfig /renew didn't work I rebooted still nothing. I then used Ethernet instead and after a few days it started to work properly again.