For our setup we are using 802.1x to authenticate users, this works fine. But now we want to add a voice vlan. The phone always has to be in vlan 20, while the client is in vlan 99 unless he can authenticate himself, then he's in vlan 50. So the setup would be
[ switch ] - [ VoIP phone ] - [ client ]
VLAN 20 - voice
VLAN 50 - authenticated
VLAN 99 - guest
The phone doesn't have to authenticate itself, so we're using host-mode multi-host. I should also add that we're using Alcatel phones, not cisco.
The problem is that the phone doesn't get an ip from the voice vlan, it's getting a vlan 99 ip.
This is our configuration for the interface on the switch:
switchport mode access switchport voice vlan 20 authentication event fail action authorize vlan 99 authentication event no-response action authorize vlan 99 authentication host-mode multi-host authentication port-control auto authentication violation protect dot1x pae authenticator dot1x timeout tx-period 2 dot1x max-reauth-req 1 spanning-tree portfast
Is there anything wrong with this? If you need any more information just ask.
Thanks in advance
... View more