Security

last person joined: 20 hours ago 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

The switch port on the back of the IP Phones with wired dot1x?

This thread has been viewed 0 times

  • 1.  The switch port on the back of the IP Phones with wired dot1x?

    Posted Aug 14, 2015 11:33 AM

    Hi Forum,

    I setup wired dot1x with juniper switches for if you pass dot1x then you are an employee vlan and if not clearpass sends a guest vlan back.

    I'm not sure though how to get the ip phone to work in this case. When a phone connects to a dot1x configured port with mac auth it just sits there saying failed to get dhcp!! so let's say I allow it to get dhcp, clearpass gets to profile it and then pushes back the voice vlan to the juniper switch, how do I deal with an employee connecting their laptop to the switch port on the back of the IP Phone? would the Juniper switch port force them to do dot1x or what?

     

    any suggestion to point me on the right direction are appreciated.

    Thanks,



  • 2.  RE: The switch port on the back of the IP Phones with wired dot1x?

    EMPLOYEE
    Posted Aug 14, 2015 11:37 AM
    The switchport on the phone will authenticate independently from the phone and can have different access.


    Thanks,
    Tim


  • 3.  RE: The switch port on the back of the IP Phones with wired dot1x?

    Posted Aug 14, 2015 11:42 AM

    Perfect. I will try in my lab and report if I have any questions.

     

    Thanks again Tim.