Voice Aware 802.1X Security - Cisco Catalyst 2960 series Configuration Manual
Consolidated platform configuration guide, ios release 15.2(4)e
Hide thumbs
Also See for Catalyst 2960 series:
- Software configuration manual (980 pages) ,
- Command reference manual (800 pages) ,
- Configuration manual (120 pages)
Table of Contents
Advertisement
1
3
5
The switchport nonegotiate command is not supported on supplicant and authenticator switches with
Note
NEAT. This command should not be configured at the supplicant side of the topology. If configured on
the authenticator side, the internal macros will automatically remove this command from the port.
Voice Aware 802.1x Security
To use voice aware IEEE 802.1x authentication, the switch must be running the LAN base image.
Note
You use the voice aware 802.1x security feature to configure the switch to disable only the VLAN on which
a security violation occurs, whether it is a data or voice VLAN. In previous releases, when an attempt to
authenticate the data client caused a security violation, the entire port shut down, resulting in a complete loss
of connectivity.
You can use this feature in IP phone deployments where a PC is connected to the IP phone. A security violation
found on the data VLAN results in the shutdown of only the data VLAN. The traffic on the voice VLAN
flows through the switch without interruption.
Related Topics
Configuring Voice Aware 802.1x Security, on page 1358
Common Session ID
Authentication manager uses a single session ID (referred to as a common session ID) for a client no matter
which authentication method is used. This ID is used for all reporting purposes, such as the show commands
and MIBs. The session ID appears with all per-session syslog messages.
The session ID includes:
• The IP address of the Network Access Device (NAD)
• A monotonically increasing unique 32 bit integer
• The session start time stamp (a 32 bit integer)
This example shows how the session ID appears in the output of the show authentication command. The
session ID in this example is 160000050000000B288508E5:
Switch# show authentication sessions
Interface
Workstations (clients)
Authenticator switch
Trunk port
MAC Address
Method
Consolidated Platform Configuration Guide, Cisco IOS Release 15.2(4)E (Catalyst 2960-X Switches)
Information About 802.1x Port-Based Authentication
2
4
Domain
Status
Supplicant switch (outside
wiring closet)
Access control server (ACS)
Session ID
1351
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
