We have about 15+ MX300's deployed in our environment. The video infrastructure is not connected to our Call Manager environment. The two are separate and we will be integrating next year. The Video endpoints currently use the data vlan and the IP phones are on the voice vlans. We also have dot1x as port security. Cisco phones connect fine and register on the voice vlans. MX300's mac address is added to the MAB table and they pass authentication and get on the data vlan.
We purchased two MX300 G2 units, and these units by default go on the voice vlan. The question that came up was, should these units be on the voice vlan instead of the data vlan?
Has anyone deployed them on the voice vlan? Has this caused an issue with voice traffic?
I would put the video stuff in their own VLAN, not voice or data. If you use QoS, you can then check and manipulate VLAN differentially in addition to the tags that can be set on the endpoints.
There is no reason why they couldn't exist in either the data or voice VLAN, however, its simply is a matter of preference as to how you wish to setup and segregate your network. I think the automatic voice VLAN operation is often because organisations may have setup preferential queues already n the voice side of things.
Thanks for your reply. We have dot1x on our ports and if an unauthorized computer is connected, its put on the guest vlan with no access. The computer will authenticate since the are on the domain and go ont the data vlan. The phones pass dot1x and are on the voice vlan.
The video units, when plugged in out of the box go on the voice vlan, since by default voice vlan is set to auto. We add the mac address of the video endpoint to the MAB table in ACS, change the setting from Auto to Off for Voice Vlan, Assign a static IP on the separate vlan (other than the voice vlan), Unplug and replug the video unit. The port displays that it passed dot1x using mab. But, we are unable to ping the unit.
The only way we get a ping is when we turn off dot1x and that is something we don't want to do. Since the units will be located in a public area.
The short answer is that you don't.... That isn't entirely true while at
the same time it kind of is, but for the most part you don't configure
the softkeys. You enable or disable them via TCL. Here is the long
answer. Be sure to read the whole thing or e...
Topology: IP Phone > Switches > Microsoft NPS setup to forward 802.1x
proxy to > ISE 2.1 patch 3 Authentication: EAP-TLS using Cisco MIC SANs
Phone Models 802.1X support? 802.1x flavor Addtl Comment EAP-MD5 EAP-TLS
Cisco 3905 Y Y N Cisco 6911 Y Y N Cisco ...
This document describe how DST changes and how time changes are
implemented in DST. Daylight Saving Time (DST) is the practice of
setting the clocks forward 1 hour from standard time during the summer
months, and back again in the fall, in order to make b...