Wired Intelligent Edge

 View Only
last person joined: 22 hours ago 

Bring performance and reliability to your network with the HPE Aruba Networking Core, Aggregation, and Access layer switches. Discuss the latest features and functionality of your switching devices, and find ways to improve security across your network to bring together a mobile-first solution
Back to discussions
Expand all | Collapse all

LLDP-MED - Port-Security - Mitel - No Voice VLAN allocated

This thread has been viewed 12 times

  • 1.  LLDP-MED - Port-Security - Mitel - No Voice VLAN allocated

    Posted Oct 21, 2019 05:10 AM

    We have discovered that if port security is applied to a switch port limiting the number of mac-addresses to 4 the Voice VLAN will not be applied to to a Mitel phone and therefore the phone boots up in the Data VLAN.

     

    "port-security learn-mode limited-continuous address-limit 4 action send-disable"

     

    vlan 2
       name DATA
       untagged 1/4-1/46,2/1-2/39,2/41-2/46,3/1-3/22,3/24,3/29-3/45
       ip helper-address 172.x.x.x.x
       ip address 172.20.X.X 255.255.255.0
       exit

    vlan 600
       name VOICE-MITEL
       tagged 1/4-1/46,2/1-2/39,2/41-2/46,3/1-3/25,3/27,3/29-3/45
       untagged 2/40,3/28
       ip helper-address 172.x.x.x.x
         ip address 10.200.X.X 255.255.255.0
       qos priority 6
       voice;

    interface 1/6
       name DATA+MITEL
       tagged vlan 600
       untagged vlan 2
       port-security learn-mode limited-continuous address-limit 4 action send-disable
       spanning-tree bpdu-protection
       exit

     

    Once the port-security is removed the Mtel Phone will be allocated the Voice VLAN (600) everytime it is rebooted. Therefore is is allocated the connected IP address via DHCP and the correct QOS marking.

     

    All Mitel phones are on the same Software version

     

    Software version

    WC.16.03.0​005

    WC.16.5.0013

    Product

    (JL262A) Aruba 2930F 48G PoE+ 4SFP Swch

     

     

     

     



  • 2.  RE: LLDP-MED - Port-Security - Mitel - No Voice VLAN allocated

    MVP GURU
    Posted Oct 21, 2019 09:49 AM

    Hi,

     

    I will be a good idea to start to upgrade the switch firmware... (it is old release...)



  • 3.  RE: LLDP-MED - Port-Security - Mitel - No Voice VLAN allocated

    Posted Oct 21, 2019 03:24 PM

    The switch has been upgraded to WC.16.10.0001 and the issue remains.



  • 4.  RE: LLDP-MED - Port-Security - Mitel - No Voice VLAN allocated

    MVP GURU
    Posted Oct 21, 2019 03:26 PM

    What do you have on the log ?



  • 5.  RE: LLDP-MED - Port-Security - Mitel - No Voice VLAN allocated

    Posted Oct 21, 2019 04:11 PM

    The switch was rebooted following the upgrade but there is nothing within the log that is unexpected. Specifically related to port-security.

     

    The phone that was being tested is conected to port 1/6

     

    After the switch rebooted the LAN conection on the Mitel had set was rebooted so the process of interface going off-line, being blocked by STP, becoming on-line and appliying power was repeated several times.

     

    Port 1/6 only has a single Mitel hadset connected.

     

    I 10/21/19 17:44:39 00560 ports: ST1-CMDR: port 1/6 PD Detected.
    I 10/21/19 17:44:39 00561 ports: ST1-CMDR: port 1/6 Applying Power to PD.
    I 10/21/19 17:44:41 00435 ports: ST1-CMDR: port 1/6 is Blocked by STP
    I 10/21/19 17:44:43 00076 ports: ST1-CMDR: port 1/6 is now on-line
    I 10/21/19 17:44:53 00077 ports: ST1-CMDR: port 1/6 is now off-line
    I 10/21/19 17:44:57 00435 ports: ST1-CMDR: port 1/6 is Blocked by STP
    I 10/21/19 17:44:59 00076 ports: ST1-CMDR: port 1/6 is now on-line
    I 10/21/19 17:46:34 00077 ports: ST1-CMDR: port 1/6 is now off-line
    W 10/21/19 17:46:34 00563 ports: ST1-CMDR: port 1/6 PD MPS Absent indication.
    I 10/21/19 17:46:34 00565 ports: ST1-CMDR: port 1/6 PD Removed.
    I 10/21/19 17:46:37 00560 ports: ST1-CMDR: port 1/6 PD Detected.

     

    show LLDP info remote shows the floowing:

     

    ** WITH PORT SECURITY APPLIED **

     

    show lldp info remote-device 1/6

     LLDP Remote Device Information Detail

      Local Port   : 1/6
      ChassisType  : local
      ChassisId    : SEP08000FB1DA8A
      PortType     : local
      PortId       : Port 1
      SysName      :
      System Descr : M6050006
      PortDescr    :
      Pvid         :

      System Capabilities Supported  : telephone
      System Capabilities Enabled    : telephone

      Remote Management Address

    ------------------------------------------------------------------------------
      Local Port   : 1/6
      ChassisType  : network-address
      ChassisId    :
      PortType     : mac-address
      PortId       : 08 00 0f b1 da 8a
      SysName      : MITEL 5320e IP
      System Descr : MITEL 5320e IP,GigE,h/w rev 0,ASIC rev 1,f/w Boot 06.04.0...
      PortDescr    : LAN port
      Pvid         :

      System Capabilities Supported  : bridge, telephone
      System Capabilities Enabled    : bridge, telephone

      Remote Management Address
         Type    : all802
         Address : 08 00 0f b1 da 8a

      MED Information Detail
        EndpointClass          :Class3
        Media Policy Vlan id   :0
        Media Policy Priority  :0
        Media Policy Dscp      :46
        Media Policy Tagged    :False
        Poe Device Type        :PD
        Power Requested        :5.5 W
        Power Source           :Unknown
        Power Priority         :High

     

    ** WITHOUT PORT SECURITY APPLIED **

     

    show lldp info remote-device 1/6

     LLDP Remote Device Information Detail

      Local Port   : 1/6
      ChassisType  : network-address
      ChassisId    : 10.200.1.53
      PortType     : mac-address
      PortId       : 08 00 0f b1 da 8a
      SysName      : regDN 87747,MITEL 5320e IP
      System Descr : regDN 87747,MITEL 5320e IP,GigE,h/w rev 0,ASIC rev 1,f/w ...
      PortDescr    : LAN port
      Pvid         :

      System Capabilities Supported  : bridge, telephone
      System Capabilities Enabled    : bridge, telephone

      Remote Management Address
         Type    : ipv4
         Address : 10.200.1.53

      MED Information Detail
        EndpointClass          :Class3
        Media Policy Vlan id   :600
        Media Policy Priority  :6
        Media Policy Dscp      :46
        Media Policy Tagged    :True
        Poe Device Type        :PD
        Power Requested        :5.5 W
        Power Source           :Unknown
        Power Priority         :High

     



  • 6.  RE: LLDP-MED - Port-Security - Mitel - No Voice VLAN allocated

    MVP GURU
    Posted Oct 26, 2019 04:15 PM

    Do you have try with more debug on log ?