Hi, I am setting up a 3750 switch to use 802.1x multi-domain for the first time. I have the switch port configured per the switch multi-domain documentation specifying an access and voice vlan. When I attach the IP phone it gets authorized by the RADIUS (FreeRadius), and does a DHCP bootp request. The DHCP server (Windows) sends it an IP address on the data vlan, and tells the phone to switch to the voice vlan. The phone reboots and comes up with the voice vlan, but at that point the switch appears to block traffic from the phone now that it's on the voice vlan.
If I reconfigure the same port to multi-host as the dot1x type, the phone works ok after the same DHCP action.
Any ideas why the switch is blocking the voice vlan in multi-domain mode?
After some additional reading I found this reference -
"To authorize a voice device, the AAA server must be configured to send a Cisco Attribute-Value (AV) pair attribute with a value of device-traffic-class=voice. Without this value, the switch treats the voice device as a data device."
You have reached the Cisco Logistics Support Center.. To Check Status of
your RMA, visit Product Returns & Replacements (RMA). Need help? Contact
us by Phone or Email. North Americas Phone: 1800 553 2447 Option 4
Email: firstname.lastname@example.org Europe Phone: +3...
The short answer is that you don't.... That isn't entirely true while at
the same time it kind of is, but for the most part you don't configure
the softkeys. You enable or disable them via TCL. Here is the long
answer. Be sure to read the whole thing or e...
Topology: IP Phone > Switches > Microsoft NPS setup to forward 802.1x
proxy to > ISE 2.1 patch 3 Authentication: EAP-TLS using Cisco MIC SANs
Phone Models 802.1X support? 802.1x flavor Addtl Comment EAP-MD5 EAP-TLS
Cisco 3905 Y Y N Cisco 6911 Y Y N Cisco ...