cancel
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 

Anyone using ShoreTel VOIP with Enterasys NAC?

Anyone using ShoreTel VOIP with Enterasys NAC?

Matt_Stone
New Contributor
We had a ShoreTel VOIP system installed yesterday, this is our first step into the VOIP world. We're using Enterasys NAC with MAC and 802.1x authentication for clients. Ports are configured for both MAC and 802.1x auth with 8 users allowed.

We MAC authenticated the phones and they work fine, however when we plug a computer into the phone it doesn't seem to pass the authentication request up to the switch. Is anyone running this setup? I believe we are looking for some type of 802.1x pass-through option on the phone, but haven't found it so far. The phones are model IP 480g

Thanks
19 REPLIES 19

Matt_Stone
New Contributor
Yes, with the information provided we were able to get the phones to authenticate EAP-MD5. Since we are using NPS 2008 we had to edit the registry to turn EAP-MD5 back on (link here for reference http://support.microsoft.com/kb/922574 )

Unfortunately we still aren't able to get the computers to authenticate when plugged in through the phone. If we put an unmanaged switch on the Enterasys port and plug the phone and computer into that, they both authenticate fine so we still believe this to be an issue with the phone not passing the request up to the switch. We are working with our ShoreTel partner to find a solution. If / when I get that I will post it for the benefit of others.

I have also reached out to Scott in a GTAC case with some wireshark captures to see if he can come up with anything that might help come to a resolution.

Thanks to everyone who replied,

Matt

I remember having an issue with Multi-auth and our phones\wireless when we moved to the C5's and I believe our solution was instead of passing the VLAN-ID via the policy we instead switched to sending the VLAN Attribute in IAS and setting the switch to pass-through for this.

Thanks for the update Matt and we definitely look forward to hearing the resolution!

Tamera_Rousseau
New Contributor
Hi Matt (and Matt), Do you feel that the advice from Scott answered your questions? Matt Stone, did you have a chance to verify that your 2003 server contain that information?

hessm_mhs-pa_or
New Contributor
MD5 Is available in my EAP Methods on IAS (2003).
GTM-P2G8KFN