cancel
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 

Network Login 802.1x with Mitel phone 6865i and X440 fails because of a link down

Network Login 802.1x with Mitel phone 6865i and X440 fails because of a link down

Claude_COPAVER
New Contributor
Environment : EXOS X440-48P version 15.6.3.1 patch 1-5, X150-24t version 12.6.5.2,
Mitel phones Mitel 6865i version 4.0.0.2031, FreeRADIUS, DHCP server
LLDP is not configured on the switches and the phones VLAN is dynamicaly created on the switches after the phones are authenticated

As you can see below,the proccess is succesfull with X150-24t
08:24:38.44 Network Login 802.1x user AuthUser logged in MAC XX:XX:XX:XX:XX:XX port 15 VLAN(s) "V_VOICE", authentication Radius
08:24:37.83 port 15 link UP at speed 100 Mbps and full-duplex
08:24:36.18 Network Login user AuthUser cleared due to link down event, Mac XX:XX:XX:XX:XX:XX port 15 VLAN(s) "V_VOICE"
08:24:36.18 port 15 link down
08:24:32.55 Network Login 802.1x user AuthUser logged in MAC XX:XX:XX:XX:XX:XX port 15 VLAN(s) "V_VOICE", authentication Radius
08:24:03.64 port 15 link UP at speed 100 Mbps and full-duplex
08:23:25.44 Port 24 link UP at speed 100 Mbps and full-duplex
08:23:08.62 port 15 link down
08:23:08.56 port 15 link UP at speed 100 Mbps and full-duplex


With X440-48P,the proccess failed after the link down


09:15:11.01 port 15 link UP at speed 1 Gbps and full-duplex
09:15:08.18 Network Login user AuthUser cleared due to link down event, Mac XX:XX:XX:XX:XX:XX port 15 VLAN(s) "V_VOICE"
09:15:08.17 port 15 link down
09:15:02.92 Network Login 802.1x user AuthUser logged in MAC XX:XX:XX:XX:XX:XX port 15 VLAN(s) "V_VOICE", authentication Radius
09:14:36.76 port 15 link UP at speed 1 Gbps and full-duplex
09:14:36.45 port 15 is delivering power

Can you help in finding an issue for X440, many thanks.

ColoCopa

20 REPLIES 20

Kevin_Kim
Extreme Employee
You could also verify if the IP phone sends an EAPoL start to the switch after the link comes up again by checking the log counter, configuring additional log event, or mirrorring EAPOL packets on the port to the IP phone.

show log counters "nl.dot1x.eapolPktRcvd"

enable log debug-mode
configure log filter "DefaultFilter" add events "nl.dot1x.eapolPktRcvd"

It appears that the IP phone somehow drops the link on a tri-speed auto-nego port based on the fact that a link bounce occurs as long as the iphone port has auto-nego turned on. (while a switch port has auto-nego off.)

Each time and whatever the case, the IP phone sends an EAPOL start but once and at the begining (time 5 for 6865i and time 3 fore 6753i) as you can see in the captures bellow.
In case of success, the phone sends a DHCP request and starts to download its configuration files.
But with automatic link setting, the IP phone 6865i can't join the DHCP server because of the network ogin user AuthUser cleared due to link down event.
On the other hand, the link never goes down with manual link setting.

Here the "show config netlogin detail" for both switches

I agree. But this is the result when the switch port bounces. The question is, why the switch port bounces when the IP phone port is set to auto-negociation.
Is it because in auto-negociation mode, the maximum speed is 100 Mbps for the switch port 10/100/1000 Mbps ? Is it because of the IP phone ?

GTM-P2G8KFN