I have run across an odd issue, I am currently researching an issue that is happening on our networks.

If a guest on the network is connected through wireless on our network and his/her VPN requires to be connected first before entering windows. The guest of course will call in and we will apply the proper ipchains to the IP address.

Recenetly however, if that guest moves around on the network to a different WAP everything the same as before, IP address, same network, same router, only difference is the WAP the guest is connecting to. The guest will lose there connection.

When the guest calls in he is arpingable, chains still exist, however traffic will not go through, so what we have to do is delete the chains, recreate them and then the VPN will connect again.

To me this issue doesn't make sense as to why it would happen between WAPs. It is only VPNs that have to be connected before the guest can log into his/her computer. Has anyone seen this issue? and/or know of any soluions?