Security

Reply
Occasional Contributor II

CLearpass 2920 Aruba switch and Polycom IP phone

Hello,

 

I want to use clearpass to authenticated my Polycom IP phone on a aruba 2920 switch.  I uses MAC-based with a staic host list

 

Seen from clearpass this works, the richt vlans are send.

But the phone doens'n works. No IP adress.

 

What we see by whireshark is that the LLDP trigger for the richt VLAN tag is asked by the Phone only the switch doesn't react becauses the authentication is done later. So it looks like a timing issue.

----------------------------------------------------------------------------------------
Aruba ACCX #749, ACDX #793, ACMP, ACEAP | HPE Master AS

contact: thierry.lubbers@axez.nl
Occasional Contributor II

Re: CLearpass 2920 Aruba switch and Polycom IP phone

I tested futher,

 

With a Cisco IP telefoon it works fine with LLDP.

 

For the Polycom i need to enable CDP to get it to work.

Not what i want.

Or send a tagged and untagged vlan through clearpass and use the DHCP option to get the VLAN tag.

Also Not what i want.

 

Anybody an idea how to get LLDP for the Polycom to get to work?

----------------------------------------------------------------------------------------
Aruba ACCX #749, ACDX #793, ACMP, ACEAP | HPE Master AS

contact: thierry.lubbers@axez.nl
Occasional Contributor II

Re: CLearpass 2920 Aruba switch and Polycom IP phone

The problem was/is the switch firmware.

When authentication was enabled on the interfaces LLDP packets where not distributetd anymore.

 

This is solved in WB.16.02.0015.

NOT the WB.16.03.0003

----------------------------------------------------------------------------------------
Aruba ACCX #749, ACDX #793, ACMP, ACEAP | HPE Master AS

contact: thierry.lubbers@axez.nl
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: