1. Manuals
  2. Brands
  3. HP Manuals
  4. Switch
  5. 3100 Series
  6. Configuration manual

Dynamically Advertising Server-Assigned Vlans Through Lldp; Overview; Example Of Using 802.1X To Authenticate Ip Phones; Displaying And Maintaining Voice Vlans - HP 3100 Series Configuration Manual

Hide thumbs
Table of Contents

Advertisement

Dynamically advertising server-assigned VLANs
through LLDP

Overview

This function works with 802.1X or MAC authentication, and is available only for LLDP-enabled IP
phones. If 802.1X authentication is used, make sure the IP phones also support 802.1X
authentication.
To implement this function for an IP phone, perform the following configuration tasks:
Enable LLDP globally and on the port connected to the IP phone.
Configure 802.1X or MAC authentication to ensure that the IP phone can pass security
authentication. For more information about 802.1X authentication, MAC authentication, and
VLAN assignment by servers, see Security Configuration Guide.
Configure VLAN authorization for the IP phone on the authentication server.
After the IP phone passes authentication, LLDP advertises the server-assigned VLAN in the
LLDP-MED Network Policy TLV to the IP phone. The IP phone will send its traffic tagged with the
assigned VLAN. Also, the port connected to the IP phone will be added to the server-assigned
VLAN.

Example of using 802.1X to authenticate IP phones

As shown in
(which must support 802.1X). Configure the authentication server to assign an untagged VLAN to
the host and assign a tagged VLAN to the IP phone.
After the host and the IP phone pass the authentication, the port connected to the IP phone is added
to the VLAN assigned to the IP phone as a tagged member and added to the VLAN assigned to the
host as an untagged member. Also, the LLDP-MED TLVs that the device sends to the IP phone carry
information about the VLAN assigned to the IP phone, so that the voice packets sent out of the IP
phone can be forwarded in the server-assigned VLAN with tags.
The EAPOL packets defined in the 802.1X protocol do not carry VLAN tags. When the server is
configured to assign a tagged VLAN to the IP phone, you must use the dot1x eapol untag command
to configure the port connected to the IP phone to send untagged 802.1X protocol packets.
Only 802.1X supports assigning tagged VLANs.
Figure 41 Using 802.1X to authenticate an IP phone

Displaying and maintaining voice VLANs

Task
Display the voice VLAN state.
Figure
41, configure 802.1X on the device to authenticate the host and the IP phone
Command
display voice vlan state [ | { begin |
exclude | include } regular-expression ]
133
Remarks
Available in any view

Advertisement

Table of Contents
loading

Related Manuals for HP 3100 Series

Related Content for HP 3100 Series

Table of Contents