Skip to ContentSkip to Footer
Start of content
- Community Home
- >
- Networking
- >
- Switching and Routing
- >
- Comware Based
- >
- Frequency of MAC address authentication (phones)
Comware Based
turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
-
-
Categories
- Topics
- Hybrid IT with Cloud
- Mobile & IoT
- IT for Data & Analytics
- Transformation
- Strategy and Technology
- Products
- Cloud
- Integrated Systems
- Networking
- Servers and Operating Systems
- Services
- Storage
- Company
- Events
- Partner Solutions and Certifications
- Welcome
- Welcome
- Announcements
- Tips and Tricks
- Feedback
-
Blogs
- Alliances
- Around the Storage Block
- Behind the scenes @ Labs
- Converged Data Center Infrastructure
- Digital Transformation
- Grounded in the Cloud
- HPE Careers
- HPE Storage Tech Insiders
- Infrastructure Insights
- Inspiring Progress
- Internet of Things (IoT)
- My Learning Certification
- Networking
- OEM Solutions
- Servers: The Right Compute
- Telecom IQ
- Transforming IT
-
Quick Links
- Community
- Getting Started
- FAQ
- Ranking Overview
- Rules of Participation
- Contact
- Email us
- Tell us what you think
- Information Libraries
- Integrated Systems
- Networking
- Servers
- Storage
- Other HPE Sites
- Support Center
- Enterprise.nxt
- Marketplace
- Aruba Airheads Community
-
Categories
-
Forums
-
Blogs
-
InformationEnglish
Frequency of MAC address authentication (phones)
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
03-20-2009 06:57 AM
03-20-2009 06:57 AM
Frequency of MAC address authentication (phones)
Frequency of MAC address authentication (phones)
Prior to a forthcoming changeover to DHCP networking, we've implemented
MAC address access control on our switches (5500/5500PWR), via a Radius
server. This seems to run perfectly well until we include the PoE switches
(reserved for VoIP telephones & wifi APs only) - invariably within an hour of
doing this our Radius server stops working. It appears that, unlike the
computers which authenticate once and then remain on our network until
they're physically removed, the telephones are constantly re-authenticating
themselves, and the volume of requests is making our server grind to a
halt. Our casual observations reveal that when not in use the phones are
re-authenticating randomly at intervals of between 30secs to 2mins; when
in use they re-authenticate every 60 seconds exactly. Our gut feeling is
that the volume of requests, when coincident with a failed request from an
unauthorised machine, is causing the failure.
Our voice and management are set to the same VLAN, and we haven't
noticed any intermittent rebooting/re-registering of the telephones. Apart
from the fault described above, the telephones seem completely stable.
I've spoken to the people who administer our Cisco Call Manager, and
they're pretty sure this is an issue relating to our 3Com switches.
I'd be very grateful for any advice.
Thanks in advance,
Alastair
MAC address access control on our switches (5500/5500PWR), via a Radius
server. This seems to run perfectly well until we include the PoE switches
(reserved for VoIP telephones & wifi APs only) - invariably within an hour of
doing this our Radius server stops working. It appears that, unlike the
computers which authenticate once and then remain on our network until
they're physically removed, the telephones are constantly re-authenticating
themselves, and the volume of requests is making our server grind to a
halt. Our casual observations reveal that when not in use the phones are
re-authenticating randomly at intervals of between 30secs to 2mins; when
in use they re-authenticate every 60 seconds exactly. Our gut feeling is
that the volume of requests, when coincident with a failed request from an
unauthorised machine, is causing the failure.
Our voice and management are set to the same VLAN, and we haven't
noticed any intermittent rebooting/re-registering of the telephones. Apart
from the fault described above, the telephones seem completely stable.
I've spoken to the people who administer our Cisco Call Manager, and
they're pretty sure this is an issue relating to our 3Com switches.
I'd be very grateful for any advice.
Thanks in advance,
Alastair
1 REPLY
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
03-20-2009 08:10 AM
03-20-2009 08:10 AM
Re: Frequency of MAC address authentication (phones)
Re: Frequency of MAC address authentication (phones)
At first glance this seems more complex than a simple config change and more of a problem for 3Com Tech support to handle than their Forum.
Start with the issue that is the most deterministic first. That would be the 60 Second failure. Your twice as likely to capture info on this issue than some random time between 30 sec-2 mins. Also this has the most enduser impact because the devices are in use when it happens and is probably causing the most impact on your Radius Server
I would suggest a couple of things. I havent dealt with 3Com support much but most support organisation would ask for the following anyway so its still worthwhile
1 Get a packet trace using Wireshark from a port with a phone that fails every 60 seconds.
2 Need the config file from you switch
3 You need to get some logs from the switch around the time of the failure. There are a couple of ways you can do it and all of them are in the manulas just need to do some digging. Serial Connection with Hyperterm, Telnet ( need ro redirect console output to the Telnet session) or syslog. Also I beleive there is a log on the switch itself.
Without some kid of log, trace the following is purely speculation. The 60 Seconds sounds like a a registration timer or polling interval of some sort from the phones or from the switch.
The 30 Sec- 2 Min could be a random keepalive.
When idle the times sounds like a
Start with the issue that is the most deterministic first. That would be the 60 Second failure. Your twice as likely to capture info on this issue than some random time between 30 sec-2 mins. Also this has the most enduser impact because the devices are in use when it happens and is probably causing the most impact on your Radius Server
I would suggest a couple of things. I havent dealt with 3Com support much but most support organisation would ask for the following anyway so its still worthwhile
1 Get a packet trace using Wireshark from a port with a phone that fails every 60 seconds.
2 Need the config file from you switch
3 You need to get some logs from the switch around the time of the failure. There are a couple of ways you can do it and all of them are in the manulas just need to do some digging. Serial Connection with Hyperterm, Telnet ( need ro redirect console output to the Telnet session) or syslog. Also I beleive there is a log on the switch itself.
Without some kid of log, trace the following is purely speculation. The 60 Seconds sounds like a a registration timer or polling interval of some sort from the phones or from the switch.
The 30 Sec- 2 Min could be a random keepalive.
When idle the times sounds like a
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.
End of content
United States
Hewlett Packard Enterprise International
Communities
- Communities
- HPE Blogs and Forum
© Copyright 2018 Hewlett Packard Enterprise Development LP