Wireless Access

Occasional Contributor II

802.1x time 2

As a follow on to this post:-




I am sure I am able to use 802.1x to get our Alcatec VOIP phones on the Eth1/ on our RAP to ensure that if some one plugs in another device they do not get onto our Voice network, however, our VOIP phones have a PC port that enable us to connect another device.

Through the wired profile I make the wired port Native Vlan our corporate with the voice vlan tagged.  The phone then strips the VLAN and get's on the correct VLAN and passes thru the corporate to the second port on the phone.


Can I:- have two 802.1x policies on one port to firstly allow secure access to the VOIP handset and also one that would kick in if some one were to connect a device to the other side of the phone?  


As with most of my posts, this may be vague, poorly written and difficult to understand, but if you can offer any assistance, it would be greatly received!


Thank you 

tweet @wjhphoto
Guru Elite

Re: 802.1x time 2

You can only have one policy for that port. Devices on the port behind the phone will also be subject to that policy. You can make it a trunk and possibly put the user on a different vlan based on the phone software, but it will be subject to the same policies.

You could have an initial role for devices that do not pass wired 802.1x to have a minimum set of permissions....

*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.3 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Occasional Contributor II

Re: 802.1x time 2

Cheers,  I thought not, but it's good to get an experts advice.

tweet @wjhphoto
Search Airheads
Showing results for 
Search instead for 
Did you mean: