Security

Reply
Regular Contributor II
Posts: 240
Registered: ‎09-11-2013

The switch port on the back of the IP Phones with wired dot1x?

Hi Forum,

I setup wired dot1x with juniper switches for if you pass dot1x then you are an employee vlan and if not clearpass sends a guest vlan back.

I'm not sure though how to get the ip phone to work in this case. When a phone connects to a dot1x configured port with mac auth it just sits there saying failed to get dhcp!! so let's say I allow it to get dhcp, clearpass gets to profile it and then pushes back the voice vlan to the juniper switch, how do I deal with an employee connecting their laptop to the switch port on the back of the IP Phone? would the Juniper switch port force them to do dot1x or what?

 

any suggestion to point me on the right direction are appreciated.

Thanks,

Guru Elite
Posts: 8,456
Registered: ‎09-08-2010

Re: The switch port on the back of the IP Phones with wired dot1x?

The switchport on the phone will authenticate independently from the phone and can have different access.


Thanks,
Tim

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Regular Contributor II
Posts: 240
Registered: ‎09-11-2013

Re: The switch port on the back of the IP Phones with wired dot1x?

Perfect. I will try in my lab and report if I have any questions.

 

Thanks again Tim.

Search Airheads
Showing results for 
Search instead for 
Did you mean: