NAC and IP phone

Unanswered Question
Nov 2nd, 2009

Hi All,

I was configuring NAC. I've noticed when I plug IP phone to the switch managed by NAC, IP phone register to the callmanager without to creating filter on NAC. On switch port, voice vlan has been assigned and IP phone has been registered without any problem.

Do I still need to setup filter for IP phones or leave it as is?

why Cisco mentions in documents to create filter for IP phones even though it's registered to Callmanager without filter?

any suggestion would be very appreciated.


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Faisal Sehbai Mon, 11/02/2009 - 12:30


Your switch will report any MAC addresses on the port it sees and sends traps to the CAM. When the CAM sees a new trap on the switchport, it will switch it to auth vlan.

You add the filters so the CAM can ignore the MAC addresses of the phones when the switch reports them, otherwise your port will continue to bounce between auth and access vlans.



Bryan Wulfric Tue, 04/03/2012 - 03:04

Hi Faisal,

Do we need to use certification timer when the user connect to network via back of the IP Phone? In the port profile, do we need to check "Change VLAN according to global device filter list"?



This Discussion