Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Question about setting vlan for Video Teleconference Equipment

We recently purchased some Video Teleconference equipment (Product called LifeSize). Initially we had configured a seperate vlan for VTC traffic and when a user needed to move the vtc equipment to a different room for a meeting, we would have to manually go in change the vlan assignment on the switch for that port to the VTC vlan. From my understanding, there is a way to set this up so that anytime the vtc is plugged into any switch port, the port would automatically update to the proper VTC vlan. Is there a way to configure the switch to change the vlan option anytime the VTC equipment is plugged into any switchport? We are using Cisco 3750G series switches. There is an option on the VTC equipment for vlan configuration where we can specify the vlan. However, we we set the vlan, we loose connectivity to the device. If the vlan is preconfigured on the VTC equipment, what is the proper configuration on the switch port?

Thx in advance for any help given.

1 REPLY
Hall of Fame Super Blue

Re: Question about setting vlan for Video Teleconference Equipme

You would need a radius server to do 802.1x authentication. The radius server can associate the vlan you want to use with the authentication. So basically the device connects to the switch port, the device is challenged for credentials by the switch, it responds and then the switch passes the authentication details to the radius server. If the authentication was succesful the radius server can then pass a number of attributes back to the switch one of which is the vlan the port is to be assigned to.

There is an additional issue with your setup in that generally 802.1x is used to authenticate clients which have an 802.1x supplicant on it but i suspect your equipment won't. So you can configure the mac authentication bypass feature. What happens here is the switch challenges your equipment but there is no response. Once the challenge has timed out you can configure the switch to then use the mac address of the connected device to authenticate it to the radius server.

Here is the link for configuring 802.1x on the 3750 switch -

http://www.cisco.com/en/US/docs/switches/lan/catalyst3750/software/release/12.2_55_se/configuration/guide/sw8021x.html#wp1205506

Note the restrictions just in case they affect your setup.

As for the radius server the Cisco version is ACS. There are others but you would need to make sure they supported everything needed.

Final point. I have never used 802.1x to do dynamic vlan assignment so i can't guarantee anything.

Jon

407
Views
0
Helpful
1
Replies
CreatePlease login to create content