Configuring Voice Aware 802.1X Security - Cisco Catalyst 2960 series Configuration Manual
Consolidated platform configuration guide, ios release 15.2(4)e
Hide thumbs
Also See for Catalyst 2960 series:
- Software configuration manual (980 pages) ,
- Command reference manual (800 pages) ,
- Configuration manual (120 pages)
Table of Contents
Advertisement
How to Configure 802.1x Port-Based Authentication
Configuring Voice Aware 802.1x Security
Note
To use voice aware IEEE 802.1x authentication, the switch must be running the LAN base image.
You use the voice aware 802.1x security feature on the switch to disable only the VLAN on which a security
violation occurs, whether it is a data or voice VLAN. You can use this feature in IP phone deployments where
a PC is connected to the IP phone. A security violation found on the data VLAN results in the shutdown of
only the data VLAN. The traffic on the voice VLAN flows through the switch without interruption.
Follow these guidelines to configure voice aware 802.1x voice security on the switch:
• You enable voice aware 802.1x security by entering the errdisable detect cause security-violation
• If you use the errdisable recovery cause security-violation global configuration command to configure
• You can re-enable individual VLANs by using the clear errdisable interface interface-id vlan [vlan-list]
Beginning in privileged EXEC mode, follow these steps to enable voice aware 802.1x security:
SUMMARY STEPS
1. configure terminal
2. errdisable detect cause security-violation shutdown vlan
3. errdisable recovery cause security-violation
4. clear errdisable interfaceinterface-id vlan [vlan-list]
5. Enter the following:
6. end
7. show errdisable detect
Consolidated Platform Configuration Guide, Cisco IOS Release 15.2(4)E (Catalyst 2960-X Switches)
1358
shutdown vlan global configuration command. You disable voice aware 802.1x security by entering
the no version of this command. This command applies to all 802.1x-configured ports in the switch.
If you do not include the shutdown vlan keywords, the entire port is shut down when
Note
it enters the error-disabled state.
error-disabled recovery, the port is automatically re-enabled. If error-disabled recovery is not configured
for the port, you re-enable it by using the shutdown and no shutdown interface configuration commands.
privileged EXEC command. If you do not specify a range, all VLANs on the port are enabled.
• shutdown
• no shutdown
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
