This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

802.1 x behind ip phone

802.1 x behind ip phone

Kamal_FIKRI
New Contributor

‎03-18-2016 06:48 PM

Hello,
I try to configure Extreme switch summit X-440-48 with netlogin and dynamic vlan radius based, all is working fine when i plug a PC directly to the switch, but i need to use IP Phone Snom in the voice vlan without authentication and the PC should be behind the IP Phone, there is a way to bypass authentication for IP Phone based on there OUI and authenticate all PC ? i already did it with 3Com switch.
0 Kudos
4 REPLIES 4

Kamal_FIKRI
New Contributor

‎03-18-2016 09:17 PM

good idea, I'll test it by tomorrow, thanks a lot Brad 😄
0 Kudos

BradP
Extreme Employee

‎03-18-2016 09:13 PM

Hi Kamal,

Yes, to create an access list in CLI mode, enter the command "vi " yes, that policy should work with netlogin on the same port.
0 Kudos

Kamal_FIKRI
New Contributor

‎03-18-2016 09:09 PM

Thank you Brad,
Can we create access control list in CLI mode ? if so, this ACL will work with netlogin in the same port ?
i'll give it a try

0 Kudos

BradP
Extreme Employee

‎03-18-2016 07:19 PM

Hi Kamal,

You should be able to create an access control list for the port that looks like this:

entry PhoneVlan {
if {
ethernet-source-address 00:01:02:03:01:01 / ff:ff:ff:00:00:00; } then { add-vlan-id ; } } In the above example, the effective match condition will be "00:01:02:xx:xx:xx". If no mask is supplied, it will be assumed to be ff:ff:ff:ff:ff:ff.

The 'then' statement should include "add-vlan-id" and then the vlan ID that you want to use.
0 Kudos
GTM-P2G8KFN