Not sure we can do that quickly. What we are seeing is the phones (8841) are profiled properly sometimes, but then other times, they get profiled as a wireless device. We also have WAPs on the network being profiled. I am wondering if the issue is profiling based on MAC address since both the WAPs and phones are Cisco.
From: Eric Pedersen [mailto:peders...@bennettjones.com] Sent: Monday, September 19, 2016 4:01 PM To: Hendrix, Bill W. - US <george.hend...@caci.com>; 'email@example.com' <firstname.lastname@example.org> Subject: RE: dot1x multi domain phones prompt for login We have ISE deployed and didn't find phone profiling to be 100% successful. We deployed LSCs to all our phones and use those for 802.1x authentication. From: cisco-voip [mailto:cisco-voip-boun...@puck.nether.net] On Behalf Of Hendrix, Bill W. - US Sent: 18 September 2016 11:52 AM To: 'email@example.com' <firstname.lastname@example.org<mailto:email@example.com>> Subject: Re: [cisco-voip] dot1x multi domain phones prompt for login We are also seeing the phones get disconnected with multi auth enabled and when computers are connected or disconnected from the phone PC port (docking station). From: Hendrix, Bill W. - US Sent: Saturday, September 17, 2016 2:00 PM To: 'firstname.lastname@example.org' Subject: dot1x multi domain phones prompt for login Guys, We have some ports where we applied multi-domain authentication on ports with Cisco phones connected for phone profiling. We are using ISE. However, the phones prompt for username and password. Do the phones require any dot1x configuration to do this? Or is this a setting in ISE causing this? Thanks, Bill Hendrix The contents of this message may contain confidential and/or privileged subject matter. If this message has been received in error, please contact the sender and delete all copies. Like other forms of communication, e-mail communications may be vulnerable to interception by unauthorized parties. If you do not wish us to communicate with you by e-mail, please notify us at your earliest convenience. In the absence of such notification, your consent is assumed. Should you choose to allow us to communicate by e-mail, we will not take any additional security measures (such as encryption) unless specifically requested. If you no longer wish to receive commercial messages, you can unsubscribe by accessing this link: http://www.bennettjones.com/unsubscribe
_______________________________________________ cisco-voip mailing list email@example.com https://puck.nether.net/mailman/listinfo/cisco-voip