Hello,  I'm having a problem and I've been struggling with it for quite awhile.  I've seen that others had similar issues and while I took a lot from the other postings regarding this subject, I still find myself in a bad spot with it all.  Any and all assistance is greatly appreciated.

I am implementing a NAC solution at the company where I work using 802.1x authentication.  The current setup I'm running in my "lab" is a cisco 3750 (12.2.55 SE6).  Into the fastethernet interface, I have an Avaya 96XX series phone and a workstation daisy chained off the back of the phone.  I am using HP iMC User Access Management as the RADIUS server to authenticate against.

I have to use multi-domain authentication because we need to use guest-vlan and other failover vlan options. 

The problem that I am having is that while I do believe I have everything configured correctly, my phones are not being placed into the voice vlan.  The phones remain in the data vlan (224) and drops packets for the voice vlan (42) as seen here...

  Vlan    Mac Address       Type        Ports

----    -----------       --------    -----

  42    001b.4f73.d214    STATIC      Drop

224    001b.4f73.d214    STATIC      Fa1/0/1

I have LLDP enabled on the switch and can see the phones appearing in the "show lldp neighbors", but I see them only appearing as a bridge instead of a bridge and a phone.

Capability codes:
    (R) Router, (B) Bridge, (T) Telephone, (C) DOCSIS Cable Device
    (W) WLAN Access Point, (P) Repeater, (S) Station, (O) Other

Device ID           Local Intf     Hold-time  Capability      Port ID
AVB73D214           Fa1/0/1        120        B               001b.4f73.d214

Total entries displayed: 1

When I debug RADIUS, I see the device-type-class=voice show up in the output, though I don't see it where I would expect to see it, that being next to Cisco AVpair.  Here's the output....

Mar  6 10:52:53.878: RADIUS:  authenticator 25 3A 1A F2 B4 A3 41 AE - BA A2 53 EF B9 01 25 7B

Mar  6 10:52:53.878: RADIUS:  User-Name           [1]   14  "001b4f73d214"

Mar  6 10:52:53.878: RADIUS:  User-Password       [2]   18  *

Mar  6 10:52:53.878: RADIUS:  Service-Type        [6]   6   Call Check                [10]

Mar  6 10:52:53.878: RADIUS:  Framed-MTU          [12]  6   1500

Mar  6 10:52:53.878: RADIUS:  Called-Station-Id   [30]  19  "00-22-91-D2-A9-03"

Mar  6 10:52:53.878: RADIUS:  Calling-Station-Id  [31]  19  "00-1B-4F-73-D2-14"

Mar  6 10:52:53.878: RADIUS:  Message-Authenticato[80]  18

Mar  6 10:52:53.878: RADIUS:   0F 65 F6 B3 BD 73 20 93 C2 EE 39 B8 07 6E 59 ED            [ es 9nY]

Mar  6 10:52:53.878: RADIUS:  EAP-Key-Name        [102] 2   *

Mar  6 10:52:53.878: RADIUS:  Vendor, Cisco       [26]  49

Mar  6 10:52:53.887: RADIUS:   Cisco AVpair       [1]   43  "audit-session-id=AC1C00FA00000034047796C8"

Mar  6 10:52:53.887: RADIUS:  NAS-Port-Type       [61]  6   Ethernet                  [15]

Mar  6 10:52:53.887: RADIUS:  NAS-Port            [5]   6   50101

Mar  6 10:52:53.887: RADIUS:  NAS-Port-Id         [87]  19  "FastEthernet1/0/1"

Mar  6 10:52:53.887: RADIUS:  NAS-IP-Address      [4]   6   172.28.0.250

Mar  6 10:52:53.887: RADIUS(0000003B): Started 5 sec timeout

Mar  6 10:52:53.904: RADIUS: Received from id 1645/111 172.28.5.161:1812, Access-Accept, len 99

Mar  6 10:52:53.904: RADIUS:  authenticator 9E 4B 90 E1 F8 79 C4 F3 - F9 B0 8A 45 1B 0F 34 39

Mar  6 10:52:53.904: RADIUS:  User-Name           [1]   14  "001b4f73d214"

Mar  6 10:52:53.904: RADIUS:  Service-Type        [6]   6   Call Check                [10]

Mar  6 10:52:53.904: RADIUS:  State               [24]  10

Mar  6 10:52:53.904: RADIUS:   FB C4 EA 4A 64 C6 4D C0               [ JdM]

Mar  6 10:52:53.904: RADIUS:  Termination-Action  [29]  6   1

Mar  6 10:52:53.904: RADIUS:  Session-Timeout     [27]  6   86401

Mar  6 10:52:53.904: RADIUS:  Acct-Interim-Interva[85]  6   600

Mar  6 10:52:53.904: RADIUS:  Vendor, Unknown     [26]  31

Mar  6 10:52:53.904: RADIUS:  Unsupported         [1]   25

Mar  6 10:52:53.912: RADIUS:   64 65 76 69 63 65 2D 74 79 70 65 2D 63 6C 61 73  [device-type-clas]

Mar  6 10:52:53.912: RADIUS:   73 3D 76 6F 69 63 65           [ s=voice]

Mar  6 10:52:53.912: RADIUS(0000003B): Received from id 1645/111

Lastly, here's a snapshot of the running config. 

aaa new-model

!

!

aaa authentication login default local

aaa authentication dot1x default group radius

aaa authorization network default group radius local

aaa accounting update periodic 1

aaa accounting dot1x default start-stop group radius

!

!

!

aaa session-id common

power inline consumption default 5500

auto qos srnd4

dot1x system-auth-control

dot1x guest-vlan supplicant

vlan 42

name voice

vlan 224

name XF:1.1

interface FastEthernet1/0/1

switchport access vlan 224

switchport mode access

switchport voice vlan 42

switchport port-security maximum 5 vlan access

power inline consumption 5500

authentication event fail action authorize vlan 501

authentication event server dead action authorize vlan 500

authentication event no-response action authorize vlan 501

authentication host-mode multi-domain

authentication order dot1x mab

authentication port-control auto

authentication periodic

mab

dot1x pae authenticator

no cdp enable

spanning-tree portfast

radius-server host 172.28.x.xxx auth-port 1812 acct-port 1813 key xxxxx

radius-server vsa send accounting

radius-server vsa send authentication

That's all I can think of.  Sorry for the long post.  Again, I appreciate any assistance anyone can give me.  Thanks!!!!!!!!!!