Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
494
Views
5
Helpful
3
Replies

PC connecting to 7940 phone connecting to 3560

thomuff
Level 3
Level 3

‎02-10-2006 09:36 PM - edited ‎03-03-2019 01:47 AM

How would you configure mac-address sticky on the port for the voice vlan and access vlan to limit to 1 mac address per vlan? Also, is there gotchas running dot1x on the port?

Basically we want to connect Pc to 7940 to Catalyst 3560, when one or the other is replaced, it will err-disable the port.

Labels:
0 Helpful
3 Replies 3

tekha
Level 3
Level 3

‎02-12-2006 03:29 AM

My guess is that it would be something like this:

interface FastEthernet0/20

description CP7912 0012.7f9b.83ca Phone

switchport access vlan 100

switchport mode access

switchport voice vlan 97

switchport port-security maximum 1 vlan access

switchport port-security maximum 1 vlan voice

switchport port-security

switchport port-security mac-address sticky

Afterwards the switch added this to the running config:

switchport port-security mac-address sticky 0012.7f9b.83ca vlan voice

I would imagine it would do the same for the access vlan, but I don't have a PC on the back of the phone, so I don't really know.

See if it works, and please let me know.

0 Helpful

tekha
Level 3
Level 3
In response to tekha

‎02-12-2006 07:38 AM

OK, it doesn't work.

I've to make the config look like this insteed:

interface FastEthernet0/20

description CP7912 0012.7f9b.83ca Phone

switchport access vlan 100

switchport mode access

switchport voice vlan 97

switchport port-security maximum 3

switchport port-security maximum 2 vlan access

switchport port-security maximum 1 vlan voice

switchport port-security

switchport port-security violation restrict

switchport port-security mac-address sticky

switchport port-security mac-address sticky 0012.7f9b.83ca vlan voice

switchport port-security mac-address sticky 0012.7f9b.83ca

switchport port-security mac-address sticky 0050.dad9.ff0a

The last three lines are made automatically and if the CP7940 works like my CP7912, then for some reason, the phones MAC address appears in both access and voice vlan. Sounds like a bug, but it works with "max 3" and "max 2 vlan access".

I choose "violation restrict", insteed of "violation shutdown", because if a user was to change the PC with another PC, the port in the switch would allso turn off access to the phone.

thomuff
Level 3
Level 3
In response to tekha

‎02-13-2006 01:13 PM

thank you

0 Helpful
Customers Also Viewed These Support Documents