I am trying to figure out how to get our 7970 phones to authenticate with ACS. The phones have been configured for 802.1x and a pre-shared password has been selected. The ports on the switch have also been configured. In ACS I added the MAC address of the phone to ACS. When I test by using the wrong username and password I see the failed attempts by the phone in the logs of ACS.....However the phone is still allowed to connect and make calls. A co-worker was able to get this to work by selecting "enable AV-PAIR" under group setup. However I have no idea what variables would go in here to make this work. Does any one have any expereince in making this work?
You need to add multi-domain authentication to the port, per the previous doc. Else, the phone will get access simply b/c it's exchanging CDP info with the switch.
Hope this helps,