Solved: Re: 802.1x with NPS and PC connected by phone

wkamil123 · ‎05-20-2020

I have a 9200L switch with 16.9.5 software version and want to run 802.1x on a port where phone and PC are connected.

The phone and PC are successful authorize on separate ports but when they are connected together, switch authorize only phone. Wireshark shows request sending from PC but they are not appear in NPS server.
Switch only autohrize PC by MAB method not EAP-TLS.

do you have any suggestions about it. Why PC can't be properly authenticated or why switch try authenticate PC by MAB method.

The phone is a third-party IP Phone Panasonic KX-NT551

below example of port configuration

interface GigabitEthernet1/0/15
 switchport access vlan 50
 switchport mode access
 switchport nonegotiate
 switchport voice vlan 47
 authentication event fail action next-method
 authentication host-mode multi-domain
 authentication open
 authentication order mab dot1x
 authentication priority dot1x mab
 authentication port-control auto
 authentication periodic
 authentication timer reauthenticate 180
 authentication timer restart 30
 authentication violation restrict
 mab
 dot1x pae authenticator
 dot1x timeout server-timeout 2
 dot1x timeout tx-period 5
 dot1x timeout supp-timeout 5
 dot1x max-req 10
 dot1x max-reauth-req 10
 dot1x timeout start-period 1
 dot1x timeout auth-period 1
 auto qos trust 
 spanning-tree portfast
end

configuration aaa section

aaa group server radius nps-radius
 server-private 10.0.20.31 auth-port 1812 acct-port 1813

aaa authentication login console local-case none
aaa authentication login terminal local-case none
aaa authentication enable default enable
aaa authentication dot1x default group nps-radius
aaa authorization exec default local 
aaa authorization network default group nps-radius 
aaa authorization auth-proxy default group nps-radius 
aaa accounting update periodic 5
aaa accounting auth-proxy default start-stop group nps-radius
aaa accounting dot1x default start-stop group nps-radius
aaa accounting system default start-stop group nps-radius
aaa session-id common

SW-1-9200L#sh auth sess
Interface                MAC Address    Method  Domain  Status Fg  Session ID
--------------------------------------------------------------------------------------------
Gi1/0/15                 4c36.4e1a.1c6c mab     VOICE   Auth        1466000A00000542316486DE
Gi1/0/15                 60eb.69d9.38fa N/A     UNKNOWN Unauth      1466000A0000054131647D4A

Session count = 2

wkamil123 · ‎10-28-2022

Two years ago, my dot1x divination project was stuck because of these unfortunate Panasonic phones and for this reason the client resigned to deploy it completely.

I don't remeber what features I was turn off on phone but no matter what I did, it didn't work as I wanted.
My conclusion was that the firmware has a bug, Panasonic support ignored the case and we couldn't update firmware because the PBX was an old type device.

By the way, the cheaper yealink phones have more 802.1x features implemented than the more expensive Panasonic.

View solution in original post

Mike.Cifelli · ‎05-20-2020

When you separate the two (phone & PC) to individual ports does the PC auth via mab only? I am asking because you mentioned this: Switch only autohrize PC by MAB method not EAP-TLS. Is it possible that your supplicant on the PC is not setup to support eap-tls so dot1x fails over to mab? Or maybe something is off on the ISE side to support eap-tls. I suggest checking both. As for authenticating both on same interface you have the right host-mode multi-domain config to support this. Try running some debugs to see if that helps you identify the root cause:
debug dot1x all
debug authentication all
debug radius
debug aaa authentication
debug aaa authorization
Good luck & HTH!

Panos Bouras · ‎05-20-2020

Hi,

Could you please provide the following command output?
show authentication session int gi1/0/15 details

And also can you perform a packet capture for this port and between switch and NPS at the same time?

Thank you,Panos.
Please Rate Posts (by clicking on Star) and/or Mark Solutions as Accepted, when applies

wkamil123 · ‎05-20-2020

About packet-capture i will return with this

SW-1-9200L#show authentication session int gi1/0/15 details
            Interface:  GigabitEthernet1/0/15
               IIF-ID:  0x132F75AF
          MAC Address:  4c36.4e1a.1c6c
         IPv6 Address:  Unknown
         IPv4 Address:  Unknown
            User-Name:  4c364e1a1c6c
          Device-type:  Un-Classified Device
               Status:  Authorized
               Domain:  VOICE
       Oper host mode:  multi-domain
     Oper control dir:  both
      Session timeout:  180s (local), Remaining: 71s
       Timeout action:  Reauthenticate
    Common Session ID:  1466000A000006053200C342
      Acct Session ID:  0x00000120
               Handle:  0xba000064
       Current Policy:  POLICY_Gi1/0/15


Local Policies:
        Service Template: DEFAULT_LINKSEC_POLICY_SHOULD_SECURE (priority 150)
      Security Policy:  Should Secure

Server Policies:


Method status list:
       Method           State
          mab           Authc Success

----------------------------------------

            Interface:  GigabitEthernet1/0/15
               IIF-ID:  0x167F1C38
          MAC Address:  60eb.69d9.38fa
         IPv6 Address:  Unknown
         IPv4 Address:  Unknown
            User-Name:  60eb69d938fa
          Device-type:  Un-Classified Device
               Status:  Unauthorized
               Domain:  UNKNOWN
       Oper host mode:  multi-domain
     Oper control dir:  both
      Session timeout:  N/A
    Common Session ID:  1466000A0000061B32103512
      Acct Session ID:  Unknown
               Handle:  0x29000066
       Current Policy:  POLICY_Gi1/0/15


Server Policies:
          
Method status list:
       Method           State
        dot1x           Running
          mab           Stopped

SW-1-9200L#

wkamil123 · ‎05-20-2020

some debug logs

MAC 60eb.69d9.38fa it's a PC

2020/05/20 21:03:58.126 {smd_R0-0}{1}: [dot1x] [20491]: UUID: 0, ra: 0, TID: 0 (debug): [60eb.69d9.38fa:Gi1/0/15] EAPOL packet sent to client 0xFDC00001B
2020/05/20 21:03:58.126 {smd_R0-0}{1}: [dot1x] [20491]: UUID: 0, ra: 0, TID: 0 (debug): [0000.0000.0000:unknown] Pkt body: 01 02 00 05 01 
2020/05/20 21:03:58.126 {smd_R0-0}{1}: [dot1x] [20491]: UUID: 0, ra: 0, TID: 0 (info): [60eb.69d9.38fa:Gi1/0/15] EAP Packet - REQUEST, ID : 0x2 
2020/05/20 21:03:58.126 {smd_R0-0}{1}: [dot1x] [20491]: UUID: 0, ra: 0, TID: 0 (info): [60eb.69d9.38fa:Gi1/0/15] Sent EAPOL packet - Version : 3,EAPOL Type : EAP, Payload Length : 5, EAP-Type = Identity
2020/05/20 21:03:58.126 {smd_R0-0}{1}: [dot1x] [20491]: UUID: 0, ra: 0, TID: 0 (debug): [0000.0000.0000:Gi1/0/15] Sending out EAPOL packet
2020/05/20 21:03:58.126 {smd_R0-0}{1}: [dot1x] [20491]: UUID: 0, ra: 0, TID: 0 (debug): [0000.0000.0000:Gi1/0/15] Setting EAPOL eth-type to 0x888e, destination mac to 60eb.69d9.38fa
2020/05/20 21:03:58.126 {smd_R0-0}{1}: [dot1x] [20491]: UUID: 0, ra: 0, TID: 0 (debug): [60eb.69d9.38fa:Gi1/0/15] 0xFDC00001B:entering request state
2020/05/20 21:03:58.126 {smd_R0-0}{1}: [dot1x] [20491]: UUID: 0, ra: 0, TID: 0 (debug): [60eb.69d9.38fa:Gi1/0/15] 0xFDC00001B:request request action
2020/05/20 21:03:58.126 {smd_R0-0}{1}: [dot1x] [20491]: UUID: 0, ra: 0, TID: 0 (debug): [60eb.69d9.38fa:Gi1/0/15] Posting EAP_REQ for 0xFDC00001B
2020/05/20 21:03:53.125 {smd_R0-0}{1}: [dot1x] [20491]: UUID: 0, ra: 0, TID: 0 (debug): [60eb.69d9.38fa:Gi1/0/15] EAPOL packet sent to client 0xFDC00001B
2020/05/20 21:03:53.125 {smd_R0-0}{1}: [dot1x] [20491]: UUID: 0, ra: 0, TID: 0 (debug): [0000.0000.0000:unknown] Pkt body: 01 02 00 05 01 
2020/05/20 21:03:53.125 {smd_R0-0}{1}: [dot1x] [20491]: UUID: 0, ra: 0, TID: 0 (info): [60eb.69d9.38fa:Gi1/0/15] EAP Packet - REQUEST, ID : 0x2 
2020/05/20 21:03:53.125 {smd_R0-0}{1}: [dot1x] [20491]: UUID: 0, ra: 0, TID: 0 (info): [60eb.69d9.38fa:Gi1/0/15] Sent EAPOL packet - Version : 3,EAPOL Type : EAP, Payload Length : 5, EAP-Type = Identity
2020/05/20 21:03:53.125 {smd_R0-0}{1}: [dot1x] [20491]: UUID: 0, ra: 0, TID: 0 (debug): [0000.0000.0000:Gi1/0/15] Sending out EAPOL packet
2020/05/20 21:03:53.125 {smd_R0-0}{1}: [dot1x] [20491]: UUID: 0, ra: 0, TID: 0 (debug): [0000.0000.0000:Gi1/0/15] Setting EAPOL eth-type to 0x888e, destination mac to 60eb.69d9.38fa
2020/05/20 21:03:53.125 {smd_R0-0}{1}: [dot1x] [20491]: UUID: 0, ra: 0, TID: 0 (debug): [60eb.69d9.38fa:Gi1/0/15] 0xFDC00001B:entering request state
2020/05/20 21:03:53.125 {smd_R0-0}{1}: [dot1x] [20491]: UUID: 0, ra: 0, TID: 0 (debug): [60eb.69d9.38fa:Gi1/0/15] 0xFDC00001B:request request action
2020/05/20 21:03:53.125 {smd_R0-0}{1}: [dot1x] [20491]: UUID: 0, ra: 0, TID: 0 (debug): [60eb.69d9.38fa:Gi1/0/15] Posting EAP_REQ for 0xFDC00001B
2020/05/20 21:03:48.125 {smd_R0-0}{1}: [dot1x] [20491]: UUID: 0, ra: 0, TID: 0 (debug): [60eb.69d9.38fa:Gi1/0/15] EAPOL packet sent to client 0xFDC00001B
2020/05/20 21:03:48.125 {smd_R0-0}{1}: [dot1x] [20491]: UUID: 0, ra: 0, TID: 0 (debug): [0000.0000.0000:unknown] Pkt body: 01 02 00 05 01 
2020/05/20 21:03:48.125 {smd_R0-0}{1}: [dot1x] [20491]: UUID: 0, ra: 0, TID: 0 (info): [60eb.69d9.38fa:Gi1/0/15] EAP Packet - REQUEST, ID : 0x2 
2020/05/20 21:03:48.125 {smd_R0-0}{1}: [dot1x] [20491]: UUID: 0, ra: 0, TID: 0 (info): [60eb.69d9.38fa:Gi1/0/15] Sent EAPOL packet - Version : 3,EAPOL Type : EAP, Payload Length : 5, EAP-Type = Identity
2020/05/20 21:03:48.125 {smd_R0-0}{1}: [dot1x] [20491]: UUID: 0, ra: 0, TID: 0 (debug): [0000.0000.0000:Gi1/0/15] Sending out EAPOL packet
2020/05/20 21:03:48.125 {smd_R0-0}{1}: [dot1x] [20491]: UUID: 0, ra: 0, TID: 0 (debug): [0000.0000.0000:Gi1/0/15] Setting EAPOL eth-type to 0x888e, destination mac to 60eb.69d9.38fa
2020/05/20 21:03:48.125 {smd_R0-0}{1}: [dot1x] [20491]: UUID: 0, ra: 0, TID: 0 (debug): [60eb.69d9.38fa:Gi1/0/15] 0xFDC00001B:entering request state
2020/05/20 21:03:48.125 {smd_R0-0}{1}: [dot1x] [20491]: UUID: 0, ra: 0, TID: 0 (debug): [60eb.69d9.38fa:Gi1/0/15] 0xFDC00001B:request request action
2020/05/20 21:03:48.125 {smd_R0-0}{1}: [dot1x] [20491]: UUID: 0, ra: 0, TID: 0 (debug): [60eb.69d9.38fa:Gi1/0/15] Posting EAP_REQ for 0xFDC00001B
2020/05/20 21:03:43.121 {smd_R0-0}{1}: [dot1x] [20491]: UUID: 0, ra: 0, TID: 0 (debug): [60eb.69d9.38fa:Gi1/0/15] EAPOL packet sent to client 0xFDC00001B
2020/05/20 21:03:43.121 {smd_R0-0}{1}: [dot1x] [20491]: UUID: 0, ra: 0, TID: 0 (debug): [0000.0000.0000:unknown] Pkt body: 01 02 00 05 01 
2020/05/20 21:03:43.121 {smd_R0-0}{1}: [dot1x] [20491]: UUID: 0, ra: 0, TID: 0 (info): [60eb.69d9.38fa:Gi1/0/15] EAP Packet - REQUEST, ID : 0x2 
2020/05/20 21:03:43.121 {smd_R0-0}{1}: [dot1x] [20491]: UUID: 0, ra: 0, TID: 0 (info): [60eb.69d9.38fa:Gi1/0/15] Sent EAPOL packet - Version : 3,EAPOL Type : EAP, Payload Length : 5, EAP-Type = Identity
2020/05/20 21:03:43.121 {smd_R0-0}{1}: [dot1x] [20491]: UUID: 0, ra: 0, TID: 0 (debug): [0000.0000.0000:Gi1/0/15] Sending out EAPOL packet
2020/05/20 21:03:43.121 {smd_R0-0}{1}: [dot1x] [20491]: UUID: 0, ra: 0, TID: 0 (debug): [0000.0000.0000:Gi1/0/15] Setting EAPOL eth-type to 0x888e, destination mac to 60eb.69d9.38fa
2020/05/20 21:03:43.121 {smd_R0-0}{1}: [dot1x] [20491]: UUID: 0, ra: 0, TID: 0 (debug): [60eb.69d9.38fa:Gi1/0/15] 0xFDC00001B:entering request state
2020/05/20 21:03:43.121 {smd_R0-0}{1}: [dot1x] [20491]: UUID: 0, ra: 0, TID: 0 (debug): [60eb.69d9.38fa:Gi1/0/15] 0xFDC00001B:request request action
2020/05/20 21:03:43.121 {smd_R0-0}{1}: [dot1x] [20491]: UUID: 0, ra: 0, TID: 0 (debug): [60eb.69d9.38fa:Gi1/0/15] Posting EAP_REQ for 0xFDC00001B
2020/05/20 21:03:38.119 {smd_R0-0}{1}: [dot1x] [20491]: UUID: 0, ra: 0, TID: 0 (debug): [60eb.69d9.38fa:Gi1/0/15] EAPOL packet sent to client 0xFDC00001B
2020/05/20 21:03:38.119 {smd_R0-0}{1}: [dot1x] [20491]: UUID: 0, ra: 0, TID: 0 (debug): [0000.0000.0000:unknown] Pkt body: 01 02 00 05 01 
2020/05/20 21:03:38.119 {smd_R0-0}{1}: [dot1x] [20491]: UUID: 0, ra: 0, TID: 0 (info): [60eb.69d9.38fa:Gi1/0/15] EAP Packet - REQUEST, ID : 0x2 
2020/05/20 21:03:38.119 {smd_R0-0}{1}: [dot1x] [20491]: UUID: 0, ra: 0, TID: 0 (info): [60eb.69d9.38fa:Gi1/0/15] Sent EAPOL packet - Version : 3,EAPOL Type : EAP, Payload Length : 5, EAP-Type = Identity
2020/05/20 21:03:38.119 {smd_R0-0}{1}: [dot1x] [20491]: UUID: 0, ra: 0, TID: 0 (debug): [0000.0000.0000:Gi1/0/15] Sending out EAPOL packet
2020/05/20 21:03:38.118 {smd_R0-0}{1}: [dot1x] [20491]: UUID: 0, ra: 0, TID: 0 (debug): [0000.0000.0000:Gi1/0/15] Setting EAPOL eth-type to 0x888e, destination mac to 60eb.69d9.38fa
2020/05/20 21:03:38.118 {smd_R0-0}{1}: [dot1x] [20491]: UUID: 0, ra: 0, TID: 0 (debug): [60eb.69d9.38fa:Gi1/0/15] 0xFDC00001B:entering request state
2020/05/20 21:03:38.118 {smd_R0-0}{1}: [dot1x] [20491]: UUID: 0, ra: 0, TID: 0 (debug): [60eb.69d9.38fa:Gi1/0/15] 0xFDC00001B:request request action
2020/05/20 21:03:38.118 {smd_R0-0}{1}: [dot1x] [20491]: UUID: 0, ra: 0, TID: 0 (debug): [60eb.69d9.38fa:Gi1/0/15] Posting EAP_REQ for 0xFDC00001B
2020/05/20 21:03:33.118 {smd_R0-0}{1}: [dot1x] [20491]: UUID: 0, ra: 0, TID: 0 (debug): [60eb.69d9.38fa:Gi1/0/15] 0xFDC00001B:idle request action
2020/05/20 21:03:33.118 {smd_R0-0}{1}: [dot1x] [20491]: UUID: 0, ra: 0, TID: 0 (debug): [60eb.69d9.38fa:Gi1/0/15] EAPOL packet sent to client 0xFDC00001B
2020/05/20 21:03:33.118 {smd_R0-0}{1}: [dot1x] [20491]: UUID: 0, ra: 0, TID: 0 (debug): [0000.0000.0000:unknown] Pkt body: 01 02 00 05 01 
2020/05/20 21:03:33.118 {smd_R0-0}{1}: [dot1x] [20491]: UUID: 0, ra: 0, TID: 0 (info): [60eb.69d9.38fa:Gi1/0/15] EAP Packet - REQUEST, ID : 0x2 
2020/05/20 21:03:33.118 {smd_R0-0}{1}: [dot1x] [20491]: UUID: 0, ra: 0, TID: 0 (info): [60eb.69d9.38fa:Gi1/0/15] Sent EAPOL packet - Version : 3,EAPOL Type : EAP, Payload Length : 5, EAP-Type = Identity
2020/05/20 21:03:33.118 {smd_R0-0}{1}: [dot1x] [20491]: UUID: 0, ra: 0, TID: 0 (debug): [0000.0000.0000:Gi1/0/15] Sending out EAPOL packet
2020/05/20 21:03:33.118 {smd_R0-0}{1}: [dot1x] [20491]: UUID: 0, ra: 0, TID: 0 (debug): [0000.0000.0000:Gi1/0/15] Setting EAPOL eth-type to 0x888e, destination mac to 60eb.69d9.38fa
2020/05/20 21:03:33.118 {smd_R0-0}{1}: [dot1x] [20491]: UUID: 0, ra: 0, TID: 0 (debug): [60eb.69d9.38fa:Gi1/0/15] 0xFDC00001B:entering request state
2020/05/20 21:03:33.118 {smd_R0-0}{1}: [dot1x] [20491]: UUID: 0, ra: 0, TID: 0 (debug): [60eb.69d9.38fa:Gi1/0/15] Posting AUTH_START for 0xFDC00001B
2020/05/20 21:03:33.118 {smd_R0-0}{1}: [dot1x] [20491]: UUID: 0, ra: 0, TID: 0 (debug): [60eb.69d9.38fa:Gi1/0/15] 0xFDC00001B:connecting authenticating action
2020/05/20 21:03:33.118 {smd_R0-0}{1}: [dot1x] [20491]: UUID: 0, ra: 0, TID: 0 (debug): [60eb.69d9.38fa:Gi1/0/15] 0xFDC00001B: authenticating state entered
2020/05/20 21:03:33.118 {smd_R0-0}{1}: [dot1x] [20491]: UUID: 0, ra: 0, TID: 0 (debug): [60eb.69d9.38fa:Gi1/0/15] Posting RX_REQ on Client 0xFDC00001B
2020/05/20 21:03:33.118 {smd_R0-0}{1}: [dot1x] [20491]: UUID: 0, ra: 0, TID: 0 (debug): [60eb.69d9.38fa:Gi1/0/15] 0xFDC00001B: restart connecting
2020/05/20 21:03:33.118 {smd_R0-0}{1}: [dot1x] [20491]: UUID: 0, ra: 0, TID: 0 (debug): [60eb.69d9.38fa:Gi1/0/15] 0xFDC00001B:enter connecting state
2020/05/20 21:03:33.118 {smd_R0-0}{1}: [dot1x] [20491]: UUID: 0, ra: 0, TID: 0 (debug): [60eb.69d9.38fa:Gi1/0/15] Posting !EAP_RESTART on Client 0xFDC00001B
2020/05/20 21:03:33.118 {smd_R0-0}{1}: [dot1x] [20491]: UUID: 0, ra: 0, TID: 0 (info): [60eb.69d9.38fa:Gi1/0/15] Dot1x authentication started for 0xFDC00001B (60eb.69d9.38fa)
2020/05/20 21:03:33.118 {smd_R0-0}{1}: [dot1x] [20491]: UUID: 0, ra: 0, TID: 0 (debug): [60eb.69d9.38fa:Gi1/0/15] Created a client entry (0xFDC00001B)
2020/05/20 21:03:33.118 {smd_R0-0}{1}: [dot1x] [20491]: UUID: 0, ra: 0, TID: 0 (debug): [60eb.69d9.38fa:Gi1/0/15] 0xFDC00001B:entering idle state
2020/05/20 21:03:33.118 {smd_R0-0}{1}: [dot1x] [20491]: UUID: 0, ra: 0, TID: 0 (debug): [60eb.69d9.38fa:Gi1/0/15] 0xFDC00001B: entering init state
2020/05/20 21:03:33.118 {smd_R0-0}{1}: [dot1x] [20491]: UUID: 0, ra: 0, TID: 0 (debug): [60eb.69d9.38fa:Gi1/0/15] Sending create new context event to EAP for 0xFDC00001B (60eb.69d9.38fa)
2020/05/20 21:03:33.118 {smd_R0-0}{1}: [dot1x] [20491]: UUID: 0, ra: 0, TID: 0 (debug): [60eb.69d9.38fa:Gi1/0/15] 0xFDC00001B: entering restart
2020/05/20 21:03:33.118 {smd_R0-0}{1}: [dot1x] [20491]: UUID: 0, ra: 0, TID: 0 (debug): [60eb.69d9.38fa:Gi1/0/15] 0xFDC00001B: disconnected
2020/05/20 21:03:33.118 {smd_R0-0}{1}: [dot1x] [20491]: UUID: 0, ra: 0, TID: 0 (debug): [60eb.69d9.38fa:Gi1/0/15] 0xFDC00001B: initialising
2020/05/20 21:03:33.118 {smd_R0-0}{1}: [dot1x-redun] [20491]: UUID: 0, ra: 0, TID: 0 (debug): Record not found
2020/05/20 21:03:33.118 {smd_R0-0}{1}: [smd] [20491]: UUID: 0, ra: 0, TID: 0 (debug):

MaxMi · ‎08-21-2020

Hi wkamil123,

Recently I have had the same issue with the same IP Phone model.

Could you tell if you solved the problem or maybe you used some workaround.

I will be really appresiate if you give some information.

Thank you

wkamil123 · ‎08-21-2020

Hello MaxMi,

I didn't found a solution yet but I found the bug in KX-NT551 firmware. So, my phone has 2.007 firmware version and the LLDP works when the port on a switch is on VLAN 1. If I changed settings on switch ports to the voice vlan and data vlan separately then the phone do not read it by LLDP.
I know that the problem was resolved in firmware version 2.010 for this phone but it couldn't be upgrade from the telephone exchange model which I have.
The case was requested to the Panasonic support but I don't know what was the replay message.
My client has to decide what to do with it next.

Regards Kamil

MaxMi · ‎08-21-2020

Thank you wkamil123 for your answer.

I also asked to create a ticket in Panasonic support. Will see what the say.

I will inform when get the answer.

wkamil123 · ‎08-21-2020

The last post I forgot add that I don't really know if the upgrade firmware
to 2.010 version resolve PC authentication on a switch port.

Because the second issue on this phone is that when is booting 3 times
resets the switch port and every time the port is authenticated.

But the third time the phone boots up, it blocks the internal switch and PC
is not able to authenticate.

Kamil

MaxMi · ‎08-21-2020

I have exactly the same scenario, PC (while IP Phone booting) two times authenticating normally as needed, but the last third attempt it's not. In a logs for dot1x on a swiches it says that "no response from client".

Seems that Phone do not pass EoL after it was booted.

gustlik102 · ‎10-11-2022

Update phone to 2.011 firmware version didn't resolve problem

wkamil123 · ‎10-28-2022

Two years ago, my dot1x divination project was stuck because of these unfortunate Panasonic phones and for this reason the client resigned to deploy it completely.

I don't remeber what features I was turn off on phone but no matter what I did, it didn't work as I wanted.
My conclusion was that the firmware has a bug, Panasonic support ignored the case and we couldn't update firmware because the PBX was an old type device.

By the way, the cheaper yealink phones have more 802.1x features implemented than the more expensive Panasonic.