- Community Home
- >
- Networking
- >
- Security e-Series
- >
- 802.1X - VOIP Phones problem
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-12-2014 08:02 AM
08-12-2014 08:02 AM
802.1X - VOIP Phones problem
Hi everybody,
I have the following problem and hope that with your experience you can help me.
I need to configuring 802.1X in all switches of our network, most of the edges switches are HP 2524. Because of that, in lab, i configured one 2524 and consider that:
VLAN 1 - authenticated (all ports untagged)
VLAN 2 - VOIP (all ports tagged)
VLAN 3 - Unauthenticated
until now, (with success) i can have a domain computer authenticated and a non domain computer receive an ip of the unauthenticated vlan.
The problem is when a put a voip phone in the middle. I have the following situations:
If the voip phone is already configured with VLAN 2. It works perfectly (Because the packet goes with the vlan marked)
If the voip phone is not configured, it receives an IP of the unauthenticated VLAN. (I cannot receive any failure log in NPS - strange!!)
By the way this creates another major security problem, because if i force in one interface of one computer the VLAN 2. The computer will receive an IP of the VLAN 2 because is tagged on the Switch.
Can you guys help me with that?
Regards,
Nuno
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-13-2014 07:53 AM - edited 08-13-2014 07:57 AM
08-13-2014 07:53 AM - edited 08-13-2014 07:57 AM
Re: 802.1X - VOIP Phones problem
I have another situation. Now I can connect one computer to vlan 1 and works. If i connect a voip phone radius server assign vlan 2 and works.
The problem are when i connect a computor to the pc port of the phone device. i have a HELD state in authentication state.
Only phone connected
MAI-802.1X TEST(config)# sh port-access authenticator
Port Access Authenticator Status
Port-access authenticator activated [No] : Yes
Access Authenticator Authenticator Unauth Auth Current
Port Status Control State Backend State VLAN ID VLAN ID VLAN ID
---- ------ -------- -------------- -------------- -------- -------- --------
2 Closed Auto Disconnected Idle 3 1 3
3 Closed Auto Disconnected Idle 3 1 3
4 Closed Auto Disconnected Idle 3 1 3
5 Closed Auto Disconnected Idle 3 1 3
6 Closed Auto Disconnected Idle 3 1 3
7 Closed Auto Disconnected Idle 3 1 3
8 Closed Auto Disconnected Idle 3 1 3
9 Closed Auto Disconnected Idle 3 1 3
10 Closed Auto Disconnected Idle 3 1 3
11 Closed Auto Disconnected Idle 3 1 3
12 Closed Auto Disconnected Idle 3 1 3
13 Closed Auto Disconnected Idle 3 1 3
14 Open Auto Authenticated Idle 3 1 2
15 Closed Auto Disconnected Idle 3 1 3
16 Closed Auto Disconnected Idle 3 1 3
17 Closed Auto Disconnected Idle 3 1 3
18 Closed Auto Disconnected Idle 3 1 3
19 Closed Auto Disconnected Idle 3 1 3
20 Closed Auto Disconnected Idle 3 1 3
21 Closed Auto Disconnected Idle 3 1 3
22 Closed Auto Disconnected Idle 3 1 3
23 Closed Auto Disconnected Idle 3 1 3
24 Closed Auto Disconnected Idle 3 1 3
Computer connected trough phone
MAI-802.1X TEST(config)# sh port-access authenticator
Port Access Authenticator Status
Port-access authenticator activated [No] : Yes
Access Authenticator Authenticator Unauth Auth Current
Port Status Control State Backend State VLAN ID VLAN ID VLAN ID
---- ------ -------- -------------- -------------- -------- -------- --------
2 Closed Auto Disconnected Idle 3 1 3
3 Closed Auto Disconnected Idle 3 1 3
4 Closed Auto Disconnected Idle 3 1 3
5 Closed Auto Disconnected Idle 3 1 3
6 Closed Auto Disconnected Idle 3 1 3
7 Closed Auto Disconnected Idle 3 1 3
8 Closed Auto Disconnected Idle 3 1 3
9 Closed Auto Disconnected Idle 3 1 3
10 Closed Auto Disconnected Idle 3 1 3
11 Closed Auto Disconnected Idle 3 1 3
12 Closed Auto Disconnected Idle 3 1 3
13 Closed Auto Disconnected Idle 3 1 3
14 Closed Auto Held Idle 3 1 3
15 Closed Auto Disconnected Idle 3 1 3
16 Closed Auto Disconnected Idle 3 1 3
17 Closed Auto Disconnected Idle 3 1 3
18 Closed Auto Disconnected Idle 3 1 3
19 Closed Auto Disconnected Idle 3 1 3
20 Closed Auto Disconnected Idle 3 1 3
21 Closed Auto Disconnected Idle 3 1 3
22 Closed Auto Disconnected Idle 3 1 3
23 Closed Auto Disconnected Idle 3 1 3
24 Closed Auto Disconnected Idle 3 1 3