cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
324
Views
0
Helpful
1
Replies

Cisco IP Phones Unauth with ACS Intermittently

tbrouill
Level 1
Level 1

Hello all!

 

I've been having some issues with Cisco IP phones losing their authentication with ACS Ver 5.8. This normally happens if a customer unplugs their phone or moves it around a lot. It loses its authorization and then gets stuck on the switch in an Unauth state.

 

The only solution I currently have to get the phones to authenticate with ACS and register with Call Manager after this happens is to default the port and reconfigure it exactly the same way.

 

The following is the port configuration I currently have set up.

 

description 802.1x Controlled
 switchport access vlan 999
 switchport mode access
 switchport voice vlan 888
 authentication host-mode multi-domain
 authentication order mab
 authentication priority dot1x mab
 authentication port-control auto
 authentication periodic
 mab
 spanning-tree portfast
 spanning-tree bpduguard enable

 

I appreciate any help anybody can provide, and I can provide more information if needed.

1 Reply 1

Nadav
Level 7
Level 7

Hi,

 

When you say that the user disconnects their phone and moves it to somewhere else, do they connect it to a different port on the same switch/stack? If so your problem may be that MAC move isn't enabled on the switch.