HPE Community
Switches, Hubs, and Modems
1753496 Members
4092 Online
108794 Solutions
New Discussion

2610 - 802.1x issues with IP Phone, vlan & NPS

 
Wayne Gillan
Advisor

‎05-19-2011 11:08 PM

‎05-19-2011 11:08 PM

2610 - 802.1x issues with IP Phone, vlan & NPS

Hi,
I'm experiencing some strange behaviour while trying to setup 802.1x auth on our 2610 switches. I have a static vlan for voip with tagged ports, a default vlan with untagged, and 2 other vlans that are assigned to ports with Windows NPS. So NPS can assign either vlan 1 (default and Compliant), 12 (noncompliant) or 13 (Guest). See config attached.

I can authenticate both IP phone and PC seperately with no problems. And I can authenticate both phone and PC on the one port (using phones PC port) if NPS assigns the default vlan to the PC. But if the vlan assigned by NPS for the PC is not the default vlan the phone drops out, but the PC is still connected.

I see these messages on the switch log
W 05/20/11 16:22:46 dca: 8021X client untagged VLAN-id arbitration error, MAC
001EF7C4183B port 18.

which is the MAC of the phone. The phones are set to operate only on voice vlan (7), and all ports are tagged vlan 7 so can't understand why it drops out? And with the message above, what VLAN is it trying to enable??
0 Kudos
1 REPLY 1
pltavares
Occasional Visitor

‎03-15-2012 01:28 PM

‎03-15-2012 01:28 PM

Re: 2610 - 802.1x issues with IP Phone, vlan & NPS

Hi,

 

I'm experiencing the same issue but in my case the phone (cisco 7911) is connected (EAP-MD5) and PC won't.

 

did you manage to solve this issue?

 

Regards,

 

Pedro

0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.