cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
549
Views
0
Helpful
2
Replies

Detect a reboot behind an ip phone

tisnow
Cisco Employee
Cisco Employee

I’ve got a customer issue that is preventing an expansion plan.

They have PC’s behind IP phones and are concerned that when the PC reboots after a patch install that because they have an IP phone connected the port state doesn’t (or new MAC detection) that the A/C agent doesn’t perform posture validation.

Is there anything we can do?

Below is the long TAC case

http://wwwin-tools.cisco.com/casekwery/getServiceRequest.do?id=680942643

1 Accepted Solution

Accepted Solutions

gbekmezi-DD
Contributor
Contributor

What kind of iphones do they have Tim? If Cisco, are they running dot1x auth or doing posture only? If so then either proxy eapol-logoff or cdp second port disconnect feature may work:

http://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/Security/TrustSec_1-99/Dot1X_Deployment/Dot1x_Dep_Guide.html#wp386903

George

Warning: I either dictated this to my device, or typed it with my thumbs. Erroneous words are a feature, not a typo.

View solution in original post

2 Replies 2

gbekmezi-DD
Contributor
Contributor

What kind of iphones do they have Tim? If Cisco, are they running dot1x auth or doing posture only? If so then either proxy eapol-logoff or cdp second port disconnect feature may work:

http://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/Security/TrustSec_1-99/Dot1X_Deployment/Dot1x_Dep_Guide.html#wp386903

George

Warning: I either dictated this to my device, or typed it with my thumbs. Erroneous words are a feature, not a typo.

Hi George.  Thanks for the note.

They are running dot1x and doing posture with Anyconnect.   It's looking to be a switch bug rather than an A/C client.

Tim

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers