NAC 4.7.2 - Clients behind an IP Phone

Unanswered Question
Jun 2nd, 2010

I am currently running NAC appliance version 4.7.2 in OOB virtual gateway.  I have Cisco Cat 3560G PoE switches and 7945 Ip Phones.

My voice Vlan is Vlan4 and one of my data Vlan's is Vlan121.

I have added the MAC address of my IP phone to the filter list and my client behind the IP Phone is authenticating properly to the NAC.

My question is, when I shut down my computer or disconnect my network cable, I am not prompted to authenticate via the NAC client.

Is there a way to cause clients behind an IP Phone to authenticate when they shut down or is this just a symptom of being behind an IP Phone?

For clients not behind an IP Phone, everything works great.

We have several people using the client behind the IP Phone and they need to be assigned the proper Vlan based on their log in user role.

Thanks in advance,


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Faisal Sehbai Fri, 06/04/2010 - 13:56


OOB Logoff feature is coming in 4.8, out due this summer. Currently NAC has no way of knowing when a machine is logged off behind an IP phone. If the machine is shutdown however and brought back up again, it should generate a mac-notification which would place the port in the auth vlan again.

Make sure you're using Mac-Notification for your switches also.


DON GOODLIN Sat, 06/05/2010 - 14:25

Thanks, nice to know logoff will be here in 4.8.

I currently do shut down my laptop and bring it home over night.  The next morning when I connect it to my IP phone, it still is not prompted with a log in.  I currently do have MAC-Notification turned on.



Faisal Sehbai Sun, 06/06/2010 - 20:52


Post the show running-config from your switch and the SNMP setup screens from your CAM.


jenrooksoutlook Thu, 04/02/2015 - 02:00

Thanks Goodlin for your question. We are also using CISCO 7945 in our office and have the same problem. But after going through your fourm and couple of blogs about the NAC client.


Anyhow, I am sharing the blog here for future reads for users who face the same problem (Blog about Cisco 7945)


This Discussion