The phones are Cisco phones. The switches are Avaya 5500 series so CDP does not work. LLDP-Med from the switch is used to configure the phones (tell it voice vlan, QOS stuff, etc).
A couple of the phones have the following fingerprint: 1,3,15,6,12,35,66,150 A couple of the phones do not show a fingerprint One phone shows as auto-registered and it's fingerprint is 1,3,6,15,42,66,150 which was resolved to Cisco IP Phone 0c:85:25:3f:d6:ee Here are some examples of what is seen in the switch forwarding table: Vlan mac addr port 1128 d4:d7:48:41:c6:cd 1/11 1128 00:16:41:e6:23:87 1/11 2038 d4:d7:48:41:c6:cd 1/11 2038 70:81:05:0c:3d:26 1/31 38 70:81:05:0c:3d:26 1/31 2038 00:07:7d:df:c9:a4 1/39 38 00:07:7d:df:c9:a4 1/39 Where - vlan 1128 = registration vlan - vlan 2038 = voice vlan - vlan 38 = (registered) data vlan - d4:d7:48:41:c6:cd, 70:81:05:0c:3d:26, 00:07:7d:df:c9:a4 are phones that are showing up in both the voice and data vlans - 00:16:41:e6:23:87 is a registered computer that shows up in the registration vlan Associated packetfence.log logs show the following for port 11 (the one with the computer connected): Jan 18 15:52:30 pfsetvlan(15) INFO: nb of items in queue: 1; nb of threads running: 0 (main::startTrapHandlers) Jan 18 15:52:30 pfsetvlan(15) INFO: secureMacAddrViolation trap received on 10.10.38.1 ifIndex 11 for d4:d7:48:41:c6:cd (main::handleTrap) Jan 18 15:52:30 pfsetvlan(15) INFO: d4:d7:48:41:c6:cd is a secure MAC address at 10.10.38.1 ifIndex 27 VLAN 38. De-authorizing (new entry 02:00:00:00:00:27) (main::do_port_security) Jan 18 15:52:31 pfsetvlan(15) INFO: MAC: d4:d7:48:41:c6:cd is unregistered; belongs into registration VLAN (pf::vlan::vlan_determine_for_node) Jan 18 15:52:31 pfsetvlan(15) INFO: authorizing d4:d7:48:41:c6:cd at new location 10.10.38.1 ifIndex 11 (main::handleTrap) Jan 18 15:52:31 pfsetvlan(15) INFO: finished (main::cleanupAfterThread) Jan 18 15:52:36 pfsetvlan(10) INFO: nb of items in queue: 1; nb of threads running: 0 (main::startTrapHandlers) Jan 18 15:52:36 pfsetvlan(10) INFO: secureMacAddrViolation trap received on 10.10.38.1 ifIndex 11 for 00:16:41:e6:23:87 (main::handleTrap) Jan 18 15:52:36 pfsetvlan(10) INFO: de-authorizing 00:16:41:e6:23:87 (new entry 02:00:00:00:00:07) at old location 10.10.38.1 ifIndex 7 (main::do_port_security) Jan 18 15:52:36 pfsetvlan(10) INFO: authorizing 00:16:41:e6:23:87 (old entry d4:d7:48:41:c6:cd) at new location 10.10.38.1 ifIndex 11 (main::handleTrap) Jan 18 15:52:36 pfsetvlan(10) INFO: MAC: 00:16:41:e6:23:87, PID: pier, Status: reg, VLAN: 38 (pf::vlan::vlan_determine_for_node) Jan 18 15:52:36 pfsetvlan(10) INFO: finished (main::cleanupAfterThread) Jan 18 15:52:40 pfsetvlan(18) INFO: nb of items in queue: 1; nb of threads running: 0 (main::startTrapHandlers) Jan 18 15:52:40 pfsetvlan(18) INFO: secureMacAddrViolation trap received on 10.10.38.1 ifIndex 11 for d4:d7:48:41:c6:cd (main::handleTrap) Jan 18 15:52:40 pfsetvlan(18) INFO: authorizing d4:d7:48:41:c6:cd (old entry 00:16:41:e6:23:87) at new location 10.10.38.1 ifIndex 11 (main::handleTrap) Jan 18 15:52:40 pfsetvlan(18) INFO: MAC: d4:d7:48:41:c6:cd is unregistered; belongs into registration VLAN (pf::vlan::vlan_determine_for_node) Jan 18 15:52:40 pfsetvlan(18) INFO: finished (main::cleanupAfterThread) Jan 18 15:52:46 pfsetvlan(11) INFO: nb of items in queue: 1; nb of threads running: 0 (main::startTrapHandlers) Jan 18 15:52:46 pfsetvlan(11) INFO: secureMacAddrViolation trap received on 10.10.38.1 ifIndex 11 for 00:16:41:e6:23:87 (main::handleTrap) Jan 18 15:52:46 pfsetvlan(11) INFO: authorizing 00:16:41:e6:23:87 (old entry d4:d7:48:41:c6:cd) at new location 10.10.38.1 ifIndex 11 (main::handleTrap) Jan 18 15:52:46 pfsetvlan(11) INFO: MAC: 00:16:41:e6:23:87, PID: pier, Status: reg, VLAN: 38 (pf::vlan::vlan_determine_for_node) Jan 18 15:52:46 pfsetvlan(11) INFO: finished (main::cleanupAfterThread) Jan 18 15:52:51 pfsetvlan(20) INFO: nb of items in queue: 1; nb of threads running: 0 (main::startTrapHandlers) Jan 18 15:52:51 pfsetvlan(20) INFO: secureMacAddrViolation trap received on 10.10.38.1 ifIndex 11 for d4:d7:48:41:c6:cd (main::handleTrap) Jan 18 15:52:51 pfsetvlan(20) INFO: authorizing d4:d7:48:41:c6:cd (old entry 00:16:41:e6:23:87) at new location 10.10.38.1 ifIndex 11 (main::handleTrap) Jan 18 15:52:51 pfsetvlan(20) INFO: MAC: d4:d7:48:41:c6:cd is unregistered; belongs into registration VLAN (pf::vlan::vlan_determine_for_node) Jan 18 15:52:52 pfsetvlan(20) INFO: finished (main::cleanupAfterThread) Jan 18 15:53:02 pfsetvlan(7) INFO: nb of items in queue: 1; nb of threads running: 0 (main::startTrapHandlers) Jan 18 15:53:02 pfsetvlan(7) INFO: secureMacAddrViolation trap received on 10.10.38.1 ifIndex 11 for 00:16:41:e6:23:87 (main::handleTrap) Jan 18 15:53:02 pfsetvlan(7) INFO: authorizing 00:16:41:e6:23:87 (old entry d4:d7:48:41:c6:cd) at new location 10.10.38.1 ifIndex 11 (main::handleTrap) Jan 18 15:53:02 pfsetvlan(7) INFO: MAC: 00:16:41:e6:23:87, PID: pier, Status: reg, VLAN: 38 (pf::vlan::vlan_determine_for_node) Jan 18 15:53:03 pfsetvlan(7) INFO: finished (main::cleanupAfterThread) Jan 18 15:53:41 pfsetvlan(13) INFO: nb of items in queue: 1; nb of threads running: 0 (main::startTrapHandlers) Jan 18 15:53:41 pfsetvlan(13) INFO: secureMacAddrViolation trap received on 10.10.38.1 ifIndex 11 for d4:d7:48:41:c6:cd (main::handleTrap) Jan 18 15:53:41 pfsetvlan(13) INFO: authorizing d4:d7:48:41:c6:cd (old entry 00:16:41:e6:23:87) at new location 10.10.38.1 ifIndex 11 (main::handleTrap) Jan 18 15:53:41 pfsetvlan(13) INFO: MAC: d4:d7:48:41:c6:cd is unregistered; belongs into registration VLAN (pf::vlan::vlan_determine_for_node) Jan 18 15:53:41 pfsetvlan(13) INFO: finished (main::cleanupAfterThread) Jan 18 15:53:49 pfsetvlan(14) INFO: nb of items in queue: 1; nb of threads running: 0 (main::startTrapHandlers) Jan 18 15:53:49 pfsetvlan(14) INFO: secureMacAddrViolation trap received on 10.10.38.1 ifIndex 11 for 00:16:41:e6:23:87 (main::handleTrap) Jan 18 15:53:49 pfsetvlan(14) INFO: authorizing 00:16:41:e6:23:87 (old entry d4:d7:48:41:c6:cd) at new location 10.10.38.1 ifIndex 11 (main::handleTrap) Jan 18 15:53:49 pfsetvlan(14) INFO: MAC: 00:16:41:e6:23:87, PID: pier, Status: reg, VLAN: 38 (pf::vlan::vlan_determine_for_node) Jan 18 15:53:49 pfsetvlan(14) INFO: finished (main::cleanupAfterThread) Jan 18 15:54:41 pfsetvlan(5) INFO: nb of items in queue: 1; nb of threads running: 0 (main::startTrapHandlers) Jan 18 15:54:41 pfsetvlan(5) INFO: secureMacAddrViolation trap received on 10.10.38.1 ifIndex 11 for d4:d7:48:41:c6:cd (main::handleTrap) Jan 18 15:54:41 pfsetvlan(5) INFO: authorizing d4:d7:48:41:c6:cd (old entry 00:16:41:e6:23:87) at new location 10.10.38.1 ifIndex 11 (main::handleTrap) Jan 18 15:54:41 pfsetvlan(5) INFO: MAC: d4:d7:48:41:c6:cd is unregistered; belongs into registration VLAN (pf::vlan::vlan_determine_for_node) Jan 18 15:54:41 pfsetvlan(5) INFO: finished (main::cleanupAfterThread) The end result is that only d4:d7:48:41:c6:cd is authorized by mac security to talk on that port, probably because the computer ends up giving up. Any thoughts? -----Original Message----- From: Francois Gaudreault [mailto:[email protected]] Sent: January-18-12 10:25 AM To: [email protected] Subject: Re: [Packetfence-users] VOIP Phone with packetfence Hi Kevin, Let's start with a bunch of questions: What hardware do you have (Cisco, HP,...)? Do the Phone and hardware supports CDP or LLDP? When you go to the node table, do you have the phone DHCP fingerprint? On 12-01-17 4:07 PM, Kevin Manuel wrote: > Hi, > > We are having difficulties getting packetfence to recognize a VOIP > phone as a phone. And if we connect a computer to the phone it creates > several issues with packetfence because the phone mac address is > showing up on the data vlan along with the computer for some reason > (in addition the phone mac address showing up on the voice vlan). The > phone works - the computer does not. > > I realize I didn't include much for details, but does anybody have any > advice based on the info above? > > Thanks in advance, > > Kevin > > > ---------------------------------------------------------------------- > -------- Keep Your Developer Skills Current with LearnDevNow! > The most comprehensive online learning library for Microsoft > developers is just $99.99! Visual Studio, SharePoint, SQL - plus > HTML5, CSS3, MVC3, Metro Style Apps, more. Free future releases when you subscribe now! > http://p.sf.net/sfu/learndevnow-d2d > _______________________________________________ > Packetfence-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/packetfence-users > -- Francois Gaudreault, ing. jr [email protected] :: +1.514.447.4918 (x130) :: www.inverse.ca Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence (www.packetfence.org) ---------------------------------------------------------------------------- -- Keep Your Developer Skills Current with LearnDevNow! The most comprehensive online learning library for Microsoft developers is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3, Metro Style Apps, more. Free future releases when you subscribe now! http://p.sf.net/sfu/learndevnow-d2d _______________________________________________ Packetfence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users ------------------------------------------------------------------------------ Keep Your Developer Skills Current with LearnDevNow! The most comprehensive online learning library for Microsoft developers is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3, Metro Style Apps, more. Free future releases when you subscribe now! http://p.sf.net/sfu/learndevnow-d2d _______________________________________________ Packetfence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
