This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.
One problem is solved, but another problem has come.
I use the MDA Mode. And if the radius is not available, the voice and data device will placed in the data domain.
A security voliation blocked the port after: SECURITY_VIOLATION: Security violation on the interface FastEthernet0/1, new MAC address...
What can I do? Only the data device should placed in the critical VLAN.The voice device should not move in any vlan, when this szenario ocur.
I use IOS 12.2.(55)SE1.
Here a short excert of the configuration:
switchport mode access
switchport voice vlan 2
authentication event server dead action authorize vlan 3
authentication event server alive action reinitialize
authentication host-mode multi-domain
authentication port-control auto
dot1x pae authenticator
Thanks for any help.
A new feature which is the critical voice vlan feature is out to support this:
Here is the command you need to run based off the configuration guide:
authentication event server dead action authorize voice
I have read this article. But the command does not work in my IOS. This command is for Cisco IOS Release 15.2M&T. I typed this command on the interface, is this right?
Authenticator(config-if)#$ion event server dead action authorize voice
authentication event server dead action authorize voice (unter vo is the '^'. It seems he doesn´t know voice )
% Invalid input detected at '^' marker.
This is the same switch which is running 12.2(55)SE also what model switch is this?
Cisco IOS Software, C2960 Software (C2960-LANBASEK9-M), Version 12.2(55)SE1, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2010 by Cisco Systems, Inc.
Compiled Thu 02-Dec-10 08:16 by prod_rel_team
Image text-base: 0x00003000, data-base: 0x01800000
ROM: Bootstrap program is C2960 boot loader
BOOTLDR: C2960 Boot Loader (C2960-HBOOT-M) Version 12.2(44)SE5, RELEASE SOFTWARE (fc1)
Authenticator uptime is 2 days, 4 hours, 29 minutes
System returned to ROM by power-on
System image file is "flash:/c2960-lanbasek9-mz.122-55.SE1.bin"
Switch Ports Model SW Version SW Image
------ ----- ----- ---------- ----------
* 1 26 WS-C2960-24TT-L 12.2(55)SE1 C2960-LANBASEK9-M
I also see the same issue you are seeing and I am running 12.2(58)SE on a 2960S. Give me some time to see what I can find, if you need immediate assistance I would suggest opening a tac case and posting what the resolution steps are.
Please open a TAC case and see if an engineer can help you, either there is a bug in the documentation or there is a bug in this version of code. Once you get an answer please share with this forum.
*Please rate helpful posts*
I dont work for Cisco, so i dont have the ability to do so. However please contact your partner, or Cisco account rep so they can get you the proper support for this.
*Please rate helpful posts*