ios devices not requesting a new DHCP lease after disassociate/disconnection via CoA/Disconnect message
When a device is joined to a wifi network which uses MAC authentication against a RADIUS server where the RADIUS server is assigning VLANs dynamically, many wifi infrastructure vendors support the ability of the RADIUS server to send a Change-of-Authorization (CoA) or a RADIUS-Disconnect mesage to the controller or AP, and the AP will disconnect the client briefly, after which it will immediately reconnect, and reinitiate the RADIUS process by which the RADIUS server can now respond with a new VLAN tag assignment. This allows the RADIUS server to move the client from one VLAN to another without the user involvement.
Recently, ios devices have begun behaving badly in this process. When the controller/AP attempts to disconnect a client, the device gets briefly disconnected, and then reconnects, a new RADIUS request is sent to the server, and a new VLAN is assigned, *however*, the ios device never attempts to request a new IP address via DHCP after reconnecting, and so it ends up continuing to use the old IP address on a VLAN that it should not, causing a loss of connectivity.
Has anyone else encountered this, or know of any way to modify this behavior? It causes a major issue for ios devices joining captive networks where they need to be moved from one VLAN to another.
Thanks