03-19-2015 08:11 AM - edited 03-19-2015 08:30 AM
Hi All, I need some advice from you guys.
I've deployed dot1x wired authentication with clearpass in a site. It's works well with switches but today I received an report from users that part of them failed to perform dot1x wired authentication when the notebook plugged into the IP phone second port/data port. Remark: the IP phone is connecting to the switches as well.
I have no clue on this. May I know does the IP phone required dot1x support in order to make this works? Or list in the IP of the IP phone into the clearpass will do?
03-19-2015 05:29 PM
You'll need to configure the switchport with 802.1X authentication. If you don't want to do 1X for the phone, configure 802.1X with MAC-auth bypass (MAB).
Tim Cappalli | Aruba ClearPass TME
@timcappalli | ACMX #367 / ACCX #480 / ACEAP / CWSP