cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
819
Views
0
Helpful
1
Comments
Omer Raja
Community Member

Port security Interaction with Tandberg

Port security configured on 3750 with below configuration:-

switchport access vlan 81
 switchport mode access
 switchport voice vlan 2081
 switchport port-security maximum 3
 switchport port-security
 switchport port-security aging time 5
 switchport port-security aging type inactivity
 ip arp inspection limit rate 10
 no logging event link-status
 srr-queue bandwidth share 1 25 60 5
 priority-queue out
 no snmp trap link-status
 mls qos vlan-based
 no mdix auto
 storm-control broadcast level 1.00
 storm-control multicast level 15.00
 storm-control action shutdown
 storm-control action trap
 ip dhcp snooping limit rate 10

Tandberg device set with Voice Vlan off.

The switch will always treat the Tandberg device in Voice vlan.As the tandberg is set with voice vlan off  , the device wont work.This behaviour is only seen with Psec enabled on the port.Without Psec the switch will treat the Tandberg in data vlan.

The implementation of port-security assumes that any device advertising themselves as an IP Phone will move to the voice vlan when the voice vlan
information is being advertised. 

In the situation with the tandberg CTS  is advertising itself as an IP phone and is being send the voice vlan information via CDP.On the tandberg device there is an option explicitly configured that will make the tandberg device ignore the voice vlan information  present in the CDP packets. Psec forces the mac address of the Tandberg device into Voice vlan since this a security feature. This as an expected behaviour with the Psec feature.

Comments
mrboogie08
Level 1
Level 1

Hi oraja.

 

We are experiencing this very issue and came across this post. You seem to imply that this is normal behavior for port-security, CDP and the voice vlan. Would you be able to point me to some Cisco documentation about this? I have not been able to find anything about this aspect of port-security.

 

Any more info you could provide would be very much appreciated.

 

Thanks,

Romeo Guerrero

 

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: