Nac Ip phone switchport trunk allowed question

Unanswered Question
Dec 3rd, 2009
User Badges:

We are in the process of testing our NAC for deployment.  We have it working correctly using Layer2 OOB VG setup.  My question is in regards to the switchport allowed question on a port that is attached to an ip phone.  Our goal is to have the NAC change the allowed vlan to only be the voice vlan and either the Auth vlan or Access Vlan.  From what we can tell it simply removes the last vlan that was associated on the port.  I would expect the config to do something like the following:

No device is plugged in behind phone:

switchport trunk allowed vlan AuthVlan/InitalVlan, Voice Vlan.  (only)

After device has plugged in and authenticated:

swithport trunk allowed vlan AcccessVlan, Voice Vlan (only)

We are uing 4.6.1

Any ideas?



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)


This Discussion