I am having some issues getting dot1x guest auth to work while in MDA mode. The phone is working as expected; its assigned the correct vlan and is functional. guest auth and failed auth works when i attach my computer (without supplicant) to the switch. failed auth also works when i attach to the phone.
Below is my current config I have on my test ports
interface FastEthernet0/14 switchport mode access switchport voice vlan 100 authentication event fail retry 1 action authorize vlan 700 authentication event server dead action authorize vlan 710 authentication event server dead action authorize voice authentication event no-response action authorize vlan 666 authentication event server alive action reinitialize authentication host-mode multi-domain authentication order mab dot1x authentication priority mab dot1x authentication port-control auto mab dot1x pae authenticator dot1x timeout quiet-period 10 dot1x timeout tx-period 10 dot1x timeout ratelimit-period 10 spanning-tree portfast end
..usually a session behind a phone remains forever when using MAB. So you need to configure "autentication violation replace" to allow another device to connect behind the phone and starts the authentication process.
BenefitsDocumentationPrerequisiteImage Download LinksLimitationsSupported PlatformsLicense RequirementsTopologyStep-By-Step ConfigurationConfigure Virtual ServiceActivate the virtual service and configure guest IPsConfiguring UTD (Service Plane)Configurin...
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...