I am trying to configure 802.1x on our network. I am running into an issue. When the PC without a certificate is connected to the IP Phone, upon the authentication failure the switch does not assign the port to Guest or auth-failed vlan. so I never get the IP.
This happens when i connect the PC to the IP Phone. It works fine if i connect the PC directly to the switchport.
Here's my configuration on the switch port.
switchport access vlan 8
switchport mode access
switchport voice vlan 3030
srr-queue bandwidth share 10 10 60 20
srr-queue bandwidth shape 10 0 0 0
mls qos trust device cisco-phone
mls qos trust cos
auto qos voip cisco-phone
dot1x pae authenticator
dot1x port-control auto
dot1x guest-vlan 999
dot1x auth-fail vlan 999
dot1x auth-fail max-attempts 2
no mdix auto