Hi,
I have DOT1X authentication configured on all switch ports (Both data & voice VLAN).
I also have Cisco IP phones.
My requirement is: to allow Cisco IP phones without DOT1X authentication.
I have tried using "authentication host-mode single-host", but the issue is any IP phone can be connected making this a security loophole.
Is there a way to only a single IP phone on this port without DOT1x. (NOTE: There are around 200 IP phones [belong to a specific VLAN] which need to be connected this way - if there is any other alternative on how to only whitelist the macaddress of these IP phones to authenticate without DOT1x. Please let me know)
Kindly suggest.