Not sure we can do that quickly.

What we are seeing is the phones (8841) are profiled properly sometimes, but 
then other times, they get profiled as a wireless device.  We also have WAPs on 
the network being profiled.  I am wondering if the issue is profiling based on 
MAC address since both the WAPs and phones are Cisco.

From: Eric Pedersen [mailto:peders...@bennettjones.com]
Sent: Monday, September 19, 2016 4:01 PM
To: Hendrix, Bill W. - US <george.hend...@caci.com>; 
'cisco-voip@puck.nether.net' <cisco-voip@puck.nether.net>
Subject: RE: dot1x multi domain phones prompt for login

We have ISE deployed and didn't find phone profiling to be 100% successful. We 
deployed LSCs to all our phones and use those for 802.1x authentication.

From: cisco-voip [mailto:cisco-voip-boun...@puck.nether.net] On Behalf Of 
Hendrix, Bill W. - US
Sent: 18 September 2016 11:52 AM
To: 'cisco-voip@puck.nether.net' 
<cisco-voip@puck.nether.net<mailto:cisco-voip@puck.nether.net>>
Subject: Re: [cisco-voip] dot1x multi domain phones prompt for login

We are also seeing the phones get disconnected with multi auth enabled and when 
computers are connected or disconnected from the phone PC port (docking 
station).

From: Hendrix, Bill W. - US
Sent: Saturday, September 17, 2016 2:00 PM
To: 'cisco-voip@puck.nether.net'
Subject: dot1x multi domain phones prompt for login

Guys,

  We have some ports where we applied multi-domain authentication on ports with 
Cisco phones connected for phone profiling.  We are using ISE.  However, the 
phones prompt for username and password.  Do the phones require any dot1x 
configuration to do this?  Or is this a setting in ISE causing this?

Thanks,
Bill Hendrix


The contents of this message may contain confidential and/or privileged subject 
matter. If this message has been received in error, please contact the sender 
and delete all copies. Like other forms of communication, e-mail communications 
may be vulnerable to interception by unauthorized parties. If you do not wish 
us to communicate with you by e-mail, please notify us at your earliest 
convenience. In the absence of such notification, your consent is assumed. 
Should you choose to allow us to communicate by e-mail, we will not take any 
additional security measures (such as encryption) unless specifically requested.

If you no longer wish to receive commercial messages, you can unsubscribe by 
accessing this link: http://www.bennettjones.com/unsubscribe
_______________________________________________
cisco-voip mailing list
cisco-voip@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-voip

Reply via email to