Hi everyone,
I have a Cisco Switch 2960. With 2 vlan :
vlan 195 : DATA : From f0/1 to f0/24
vlan 14 : VOICE : From f0/1 to f0/24

I config on Switch as below :

enable
config terminal
no ip domain lookup
lin con 0
logg syn
exit
logging console information
####### 802.1x and MAB #######
aaa new-model
aaa authentication dot1x default group radius
aaa authorization exec default local
aaa authorization network default group radius
aaa accounting dot1x default start-stop group radius
aaa session-id common
aaa accounting update periodic 5
radius-server host 10.145.220.19 auth-port 1812 acct-port 1813 key abcd2314
radius-server dead-criteria time 30 tries 3
radius-server vsa send authentication
radius-server vsa send accounting
radius-server attribute 6 on-for-login-auth
radius-server attribute 8 include-in-access-req
radius-server attribute 25 access-request include
int vlan 195
ip add 10.145.195.245 255.255.255.0
ip helper-address 10.145.195.1
exit
ip radius source-interface vlan 195
aaa server radius dynamic-author
client 10.145.220.19 server-key abcd2314
exit
access-list 10 permit host 10.145.220.19
access-list 10 deny any log
ip access-list ext ACL_DEFAULT
permit udp any eq bootpc any eq bootps
permit udp any any eq domain
permit icmp any any
permit udp any any eq tftp
permit ip any host 10.145.220.19
deny ip any any log
exit
dot1x system-auth-control
ip device tracking
int range f0/1-6
switchport host
switchport acc vlan 195
switchport voice vlan 14
ip access-group ACL_DEFAULT in
spanning-tree portfast
spanning-tree bpduguard ena
authentication priority dot1x mab
authentication order dot1x mab
authentication event fail action next-method
authentication host-mode multi-auth
authentication violation restrict
dot1x pae authenticator
mab
dot1x timeout tx-period 10
authentication port-control auto
exit

When i connect laptop to switch and try to authen and author by MAB (disable 802.1X on interface) and dot1x. It all working well. When i connect IPphone to Switch. It Authen and Author Success but still can't recive IP. When i use command "show authentication session interface f0/5" : the domain is DATA not VOICE. and IP that IPphone receive is belong to vlan 195 and and it just show up on Switch. On IPphone, it receive right vlan : 14 but don't receive for vlan 14. The log is below :

PP.L1.SW01(config)#do sho auth sess int f0/5
Interface: FastEthernet0/5
MAC Address: 0007.3b93.92fc
IP Address: 10.145.195.173
User-Name: 00-07-3B-93-92-FC
Status: Authz Success
Domain: DATA
Oper host mode: multi-auth
Oper control dir: both
Authorized By: Authentication Server
Vlan Policy: N/A
Session timeout: N/A
Idle timeout: N/A
Common Session ID: 0A91C3F50000007801618844
Acct Session ID: 0x00000062
Handle: 0x1C000079
Runnable methods list:
Method State
dot1x Failed over
mab Authc Success
PP.L1.SW01(config)#do sho vla
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active
14 PP.VOICE.LAN active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/11, Fa0/12
Fa0/13, Fa0/14, Fa0/15, Fa0/16
Fa0/17, Fa0/18, Fa0/19, Fa0/20
Fa0/21, Fa0/22, Fa0/23, Fa0/24
Gi0/1, Gi0/2
195 PP.2F-IT.LAN active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/11, Fa0/12
Fa0/13, Fa0/14, Fa0/15, Fa0/16
Fa0/17, Fa0/18, Fa0/19, Fa0/20
Fa0/21, Fa0/22, Fa0/23, Fa0/24
Gi0/1, Gi0/2
311 PP.GF.MF.1F.LAN active
PP.L1.SW01#sho mac address-table interface f0/5
Mac Address Table
-------------------------------------------
Vlan Mac Address Type Ports
---- ----------- -------- -----
195 0007.3b93.92fc DYNAMIC Drop
Total Mac Addresses for this criterion: 1

Hope any one deal with this problem before.

Many thank