Security

Reply
Contributor I
Posts: 79
Registered: ‎03-03-2015

PC dot1x authentication via IP phone second port/data port

[ Edited ]

Hi All, I need some advice from you guys.

 

I've deployed dot1x wired authentication with clearpass in a site. It's works well with switches but today I received an report from users that part of them failed to perform dot1x wired authentication when the notebook plugged into the IP phone second port/data port. Remark: the IP phone is connecting to the switches as well.

 

I have no clue on this. May I know does the IP phone required dot1x support in order to make this works? Or list in the IP of the IP phone into the clearpass will do?

 

Thanks,

 

 

Guru Elite
Posts: 8,448
Registered: ‎09-08-2010

Re: PC dot1x authentication via IP phone second port/data port

What type of switch?

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Contributor I
Posts: 79
Registered: ‎03-03-2015

Re: PC dot1x authentication via IP phone second port/data port

Most of the switches is cisco 2960 and 3750.

I don't have the record of IP phone model.

Guru Elite
Posts: 8,448
Registered: ‎09-08-2010

Re: PC dot1x authentication via IP phone second port/data port

You'll need to configure the switchport with 802.1X authentication. If you don't want to do 1X for the phone, configure 802.1X with MAC-auth bypass (MAB).

 


Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Search Airheads
Showing results for 
Search instead for 
Did you mean: