Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1258
Views
0
Helpful
1
Replies

Question about setting vlan for Video Teleconference Equipment

osmhquser
Level 1
Level 1

‎12-09-2013 07:41 AM - edited ‎03-07-2019 04:59 PM

We recently purchased some Video Teleconference equipment (Product called LifeSize). Initially we had configured a seperate vlan for VTC traffic and when a user needed to move the vtc equipment to a different room for a meeting, we would have to manually go in change the vlan assignment on the switch for that port to the VTC vlan. From my understanding, there is a way to set this up so that anytime the vtc is plugged into any switch port, the port would automatically update to the proper VTC vlan. Is there a way to configure the switch to change the vlan option anytime the VTC equipment is plugged into any switchport? We are using Cisco 3750G series switches. There is an option on the VTC equipment for vlan configuration where we can specify the vlan. However, we we set the vlan, we loose connectivity to the device. If the vlan is preconfigured on the VTC equipment, what is the proper configuration on the switch port?

Thx in advance for any help given.

Labels:
0 Helpful
1 Reply 1

Jon Marshall
Hall of Fame
Hall of Fame

‎12-09-2013 02:49 PM

You would need a radius server to do 802.1x authentication. The radius server can associate the vlan you want to use with the authentication. So basically the device connects to the switch port, the device is challenged for credentials by the switch, it responds and then the switch passes the authentication details to the radius server. If the authentication was succesful the radius server can then pass a number of attributes back to the switch one of which is the vlan the port is to be assigned to.

There is an additional issue with your setup in that generally 802.1x is used to authenticate clients which have an 802.1x supplicant on it but i suspect your equipment won't. So you can configure the mac authentication bypass feature. What happens here is the switch challenges your equipment but there is no response. Once the challenge has timed out you can configure the switch to then use the mac address of the connected device to authenticate it to the radius server.

Here is the link for configuring 802.1x on the 3750 switch -

http://www.cisco.com/en/US/docs/switches/lan/catalyst3750/software/release/12.2_55_se/configuration/guide/sw8021x.html#wp1205506

Note the restrictions just in case they affect your setup.

As for the radius server the Cisco version is ACS. There are others but you would need to make sure they supported everything needed.

Final point. I have never used 802.1x to do dynamic vlan assignment so i can't guarantee anything.

Jon

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card