Wireless Access

Reply
Occasional Contributor II
Posts: 36
Registered: ‎06-25-2010

802.1x time 2

As a follow on to this post:-

 

http://community.arubanetworks.com/t5/Remote-Networking/RAP2-amp-5-with-wired-802-1x/m-p/5817/highlight/true

 

I am sure I am able to use 802.1x to get our Alcatec VOIP phones on the Eth1/ on our RAP to ensure that if some one plugs in another device they do not get onto our Voice network, however, our VOIP phones have a PC port that enable us to connect another device.

Through the wired profile I make the wired port Native Vlan our corporate with the voice vlan tagged.  The phone then strips the VLAN and get's on the correct VLAN and passes thru the corporate to the second port on the phone.

 

Can I:- have two 802.1x policies on one port to firstly allow secure access to the VOIP handset and also one that would kick in if some one were to connect a device to the other side of the phone?  

 

As with most of my posts, this may be vague, poorly written and difficult to understand, but if you can offer any assistance, it would be greatly received!

 

Thank you 

tweet @wjhphoto
Guru Elite
Posts: 20,820
Registered: ‎03-29-2007

Re: 802.1x time 2

You can only have one policy for that port. Devices on the port behind the phone will also be subject to that policy. You can make it a trunk and possibly put the user on a different vlan based on the phone software, but it will be subject to the same policies.

You could have an initial role for devices that do not pass wired 802.1x to have a minimum set of permissions....


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Occasional Contributor II
Posts: 36
Registered: ‎06-25-2010

Re: 802.1x time 2

Cheers,  I thought not, but it's good to get an experts advice.

tweet @wjhphoto
Search Airheads
Showing results for 
Search instead for 
Did you mean: