Wireless Access

last person joined: yesterday 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

802.1x time 2

This thread has been viewed 0 times

  • 1.  802.1x time 2

    Posted Jan 31, 2012 02:01 PM

    As a follow on to this post:-

     

    http://community.arubanetworks.com/t5/Remote-Networking/RAP2-amp-5-with-wired-802-1x/m-p/5817/highlight/true

     

    I am sure I am able to use 802.1x to get our Alcatec VOIP phones on the Eth1/ on our RAP to ensure that if some one plugs in another device they do not get onto our Voice network, however, our VOIP phones have a PC port that enable us to connect another device.

    Through the wired profile I make the wired port Native Vlan our corporate with the voice vlan tagged.  The phone then strips the VLAN and get's on the correct VLAN and passes thru the corporate to the second port on the phone.

     

    Can I:- have two 802.1x policies on one port to firstly allow secure access to the VOIP handset and also one that would kick in if some one were to connect a device to the other side of the phone?  

     

    As with most of my posts, this may be vague, poorly written and difficult to understand, but if you can offer any assistance, it would be greatly received!

     

    Thank you 



  • 2.  RE: 802.1x time 2
    Best Answer

    EMPLOYEE
    Posted Jan 31, 2012 08:48 PM
    You can only have one policy for that port. Devices on the port behind the phone will also be subject to that policy. You can make it a trunk and possibly put the user on a different vlan based on the phone software, but it will be subject to the same policies.

    You could have an initial role for devices that do not pass wired 802.1x to have a minimum set of permissions....


  • 3.  RE: 802.1x time 2

    Posted Feb 01, 2012 04:29 AM

    Cheers,  I thought not, but it's good to get an experts advice.