i've been dealing with a really weird issue lately.
We have a Cisco Catalyst 3850P-S running 03.06.08 and authenticating via dot1x on Aruba Clearpass.
Almost all of our workstations are connected through the VoIP phones to reduce the needed switch ports.
Recently I've noticed that a device connected and authenticated in this scenario stays "visible" on the switch port even if it's unplugged from the phone. The same happens with a unmanaged / dumb switch connected.
The port configuration looks like this:
switchport access vlan 10 switchport mode access switchport voice vlan 50 authentication control-direction in authentication event fail action next-method authentication host-mode multi-auth authentication order dot1x mab authentication priority dot1x mab authentication port-control auto authentication periodic authentication timer reauthenticate server mab dot1x pae authenticator dot1x timeout tx-period 2 spanning-tree portfast spanning-tree bpduguard enable
I'm working on my desk, my laptop connected via ethernet through my phone. Now I need to go to a meeting and take my laptop with me. When trying to connect my laptop in the meeting room via ethernet, my device only get's a 169.254.x.x IP address and my MAC address isn't visible on the new switch port. When looking for it using show mac address-table | inc MAC, I still see the address on the switch port my VoIP phone on my desk is connected to.
I know that it is a really weird issue and I hope that I explained it somewhat comprehensible.
My question is if it's a Cisco, VoIP phone or Clearpass issue.
Thanks in advance!
Solved! Go to Solution.
also faced with this issue, in my case it's VoIP phone issue...
The phone has its own switch in it and is holding the mac until reboot...