Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

dot1x and ip phone

We have dot1x enabled with MDA. Consider this scenario:

Only one Cisco IP phone is connected to the switchport (no PC). And phone fails both dot1x and MAB. Switch will place it in DATA vlan by default. This works as expected....Why doesn't IP phone work while in DATA vlan? It keeps showing "registering", "configuring IP" etc. IP helpers are same for both data and voice vlan.

  • AAA Identity and NAC
4 REPLIES

dot1x and ip phone

If the phone has passed authentication and authorization succesfully then it's a connectivity issue. The ip phone keeps saying "registering" because it can't reach the Call Manager. Could you please check connectivity ?

New Member

dot1x and ip phone

Phone has not passed authentication. I am letting it fail intentionally to understand the behavior. It lands in DATA domain and can be seen on switch. But phone shows "registering".

dot1x and ip phone

Hello Kashish

If hte phone has failed authentication then the behavior depends on both the switch configuration and the radius configuration.

For example if the switch has "authentication open" in the switchport configuration, then all traffic will be allowed.

If the radius configuration says that a failed authentication is OK then all traffic will be allowed, if the radius configuration says that a failed authentication is not OK it can deny all traffic.

what radius server are you using ? what is your switch configuration ?

New Member

Re: dot1x and ip phone

Kashish,

Pretty sure you meant MDA puts it on either on DATA or VOICE "domain."

You have to create a RULE in your RADIUS server that places VOIP phones into VOICE domain.

If you look at topics I responded to, you will see what I have gone through.



Sent from Cisco Technical Support iPhone App

219
Views
0
Helpful
4
Replies