abeats
Posts 5
|
I recently had some experience working with 802.1X and Avaya IP phones at a customer site. Though we had some initial postive results configuring the Cisco switch to support LLDP communications with the Avaya (firmware v2.7 or greater, where LLDP support is built into the firmware) IP phone, the results were inconsistent. We were initially seeing LLDP immediately put the phone on the correct voice VLAN, but the phone would take upwards of three minutes to get its IP address and start up (and sometimes it would NEVER get an IP and would NEVER initialize). After fairly extensive testing and "knob turning", my current opinion is that LLDP on the Avaya IP phones and 802.1X on the Cisco switches don’t play nicely together. We finally reverted to MAC-Authentication-Bypass (MAB) on the Cisco switches, using Beacon's LDAP database as the authoritative (via RADIUS) authentication store for the Beacon-profiled Avaya IP phones. This solution works quickly, consistently and effectively - every time. Upon the Cisco switch MAC-authing the Avaya IP phone, the CiscoAVPair "device-traffic-class=voice" RADIUS return attribute drops the phone into the appropriate voice-vlan on the Cisco switch and everything works great.
|