How to configure IP-phone servival with 802.1x

  • 0
  • 1
  • Question
  • Updated 4 years ago
Create Date: Jul 13 2012 3:03AM

Hi,I have an extreme switch summit 450 with summitX-12.5.4.5.xos.On it, I have configured 802.1x with radius and authentication on mac.An IP-phone (Cisco or Avaya) is connect to switch and authenticated with mac.When the IP-phone is authenticated, it is on a vlan voice (name: Voce vid: 150).This vlan is tagged on the port.I need that if radius is unavailable, the switch put IP-phone on vlan voice without the mac-address of IP-phone not to be memorized on switch on the local database.This is my configuration, but doesnâ€TMt work.# Module vlan configuration.create vlan "Voce"configure vlan Voce tag 150configure vlan Voce add ports 43 tagged create vlan "Logging"configure vlan Logging tag 88enable ipforwarding vlan Daticonfigure vlan Voce ipaddress 10.x.x.x 255.255.255.224# Module lldp configuration.enable lldp ports 43configure lldp port 43 advertise port-descriptionconfigure lldp port 43 advertise system-nameconfigure lldp port 43 advertise system-capabilitiesconfigure lldp port 43 advertise management-addressconfigure lldp port 43 advertise vendor-specific dot1 port-vlan-idconfigure lldp port 43 advertise vendor-specific dot3 mac-phyconfigure lldp port 43 advertise vendor-specific med capabilitiesconfigure lldp port 43 advertise vendor-specific med power-via-mdiconfigure lldp port 43 advertise vendor-specific med policy application voice vlan Voce dscp 46# Module netLogin configuration.configure netlogin move-fail-action authenticateconfigure netlogin vlan Loggingenable netlogin dot1x mac configure netlogin agingtime 1enable netlogin ports 43 dot1x enable netlogin ports 43 mac configure netlogin ports 43 mode mac-based-vlansconfigure netlogin ports 43 no-restartconfigure netlogin add mac-list ff:ff:ff:ff:ff:ff 48 ports 43configure netlogin mac timers reauth-period 30enable netlogin authentication service-unavailable vlan ports 43disable netlogin logout-privilegedisable netlogin session-refreshdisable netlogin redirect-pageconfigure netlogin authentication service-unavailable vlan Voce ports 43I have searched on internet and could not find solution.thank you

(from Amilcare_Tiberti)
Photo of EtherNation User

EtherNation User, Employee

  • 20,340 Points 20k badge 2x thumb

Posted 4 years ago

  • 0
  • 1

There are no replies.

This conversation is no longer open for comments or replies.