cancel
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 

How to advertise Voice Vlan tag and DSCP QOS config to a VoIP Phone in a NAC configuration?

How to advertise Voice Vlan tag and DSCP QOS config to a VoIP Phone in a NAC configuration?

Rien_van_Maurik
New Contributor
Hello All

I have a problem to configure the LLDP configuration ( with the advertise information for VoIP Phone's) in a NAC policy.
We are configuring NAC in a existing EXOS network (X670-G2 and x440-G2)
As part of the existing EXOS configuration is the LLDP advertising for VoIP Phone's, this configuration like this:
configure lldp port 1:1 advertise vendor-specific med capabilities
configure lldp port 1:1 advertise vendor-specific dot1 vlan-name vlan ADXVoice
configure lldp port 1:1 advertise vendor-specific med power-via-mdi
configure lldp port 1:1 advertise vendor-specific med policy application voice vlan ADXVoice dscp 46
Configure lldp port 1:1 advertise system-capabilities
Configure lldp port 1:1 advertise vendor-specific dot1 port-protocol-vlan-id vlan ADXVoice

The ADXVoice vlan is Tagged configured on Port 1:1

The problem is;
as part of the NAC configuration we configured a policy to configure the Switchport with the ADXVoice tagged op that port when a VoIP Phone connect to that port , that works fine, but the phone doesn't receive the LLDP advertise configuration

Looking in to the EXOS configuration we discover that the LLDP advertise configuration doesn't exit on the switch port where the NAC authentication is active. and we concluded that the LLDP advertise configuration is cleared when the switch port is going down and all the Vlan's (including ADXVoice) are cleared of the switch port.
We tested this and indeed when we delete a switch port from vlan ADXVoice also the LLDP advertise information is delete from that port.

So our conclusion is in EXOS there must be a Voice Vlan configured on a Vlan to be able to configure LLDP advertise on that port.

but when we use NAC policy to configure the switchport when a VoIP phone connect to that port, there's , when that port is down , no Voice vlan configured on that port and no LLDP Advertise.

as solution we want to connect the LLDP advertise configuration to the NAC policy for VoIPphone,
so that the NAC not only configure the switch with the correct Vlan but also with the LLDP advertising
but we can't find any example for that.

Has anybody a solution or example for this?
1 REPLY 1

jeronimo
Contributor III

Did you ever find a solution to this?

We also don't want any "static dynamic" configuration on the switch, i.e. lldp statements per port which tell the individual phone what vlan to use (we use multiple PBXs). We want all of this done centrally from NAC.

What would be acceptable would be a lldp statement on all ports that would for example tell phones to tag their voice traffic. Better yet, have NAC tell the switch to do this once the MAC address of a known phone has been detected.

Unfortunately once you set things like :

lldp med-network-policies voice tagging tagged
lldp med-network-policies voice-signaling tagging tagged

The phone no longer responds even if you manage to set a tagged vlan on the port with radius attributes only implemented very recently like:

Extreme-Dynamic-Client-Assignments=pv=%VLAN_ID%,vni=%CUSTOM1%,ev=%VLAN_EGRESS%

I don't know, this still seems to be bleeding edge, but it can't be.

How are people doing this?

GTM-P2G8KFN