Below is our list of Cisco phones they are in separate VLANS, but as the workstations sit behind them connected via the port on the phone they do need to be added to the exception list:
00:04:F2:* IP Phones - 7936's 00:0A:B8:* IP Phones - 7912's 00:18:18:* IP Phones - 7060's 00:18:19:* IP Phones - 7060's 00:1C:58:* IP Phone 7960 00:1A:2F:* IP Phone 7960 00:18:73:* IP Phone 7912 00:1A:6C:* IP Phone 7920 00:0E:84:* IP Phone 7960 00:0F:90:* IP Phone 7960 00:12:7F:* IP Phone 7960 00:12:D9:* IP Phone 7960 00:14:69:* IP Phone 7960 00:14:A9:* IP Phone 7960 00:14:A8:* IP Phone 7960 00:15:2B:* IP Phone 7960 00:15:62:* IP Phone 7960 00:15:63:* IP Phone 7960 00:15:64:* IP Phone 7960 00:16:46:* IP Phone 7960 00:16:47:* IP Phone 7960 00:17:59:* IP Phone 7960 00:17:94:* IP Phone 7960 00:18:BA:* IP Phone 7960 00:1A:6D:* IP Phone 7960 00:1A:E2:* IP Phone 7960 00:AB:82:* IP Phone ATA's 00:19:AA:* IP Phone 7960 You could probably get less granular if it suits you. I chose to err on the side of restriction. (eg a Cisco Aironet a,b,g wireless card starts out 00:04). -Jay ---- ________________________________________ From: Cisco Clean Access Users and Administrators [mailto:[EMAIL PROTECTED] On Behalf Of Osborne, Bruce W. (NS) Sent: Tuesday, August 26, 2008 7:58 AM To: [email protected] Subject: Re: Game boxes Actually, I am talking about wires IP phones on CCA out-of-band switches. From: Cisco Clean Access Users and Administrators [mailto:[EMAIL PROTECTED] On Behalf Of Joyce, Todd N Sent: Tuesday, August 26, 2008 7:29 AM To: [email protected] Subject: Re: [CLEANACCESS] Game boxes We have a separate ssid for the phones that drops into a different vlan. We did this when we first put in wireless. It is on a 10 dot network that is not natted so you can only get to internal stuff if you "sniff" and find the SSID since it is not broadcasted. todd Todd Joyce Network Engineering Team Lead Radford University [EMAIL PROTECTED] (540) 831-7777 Keep your boots and ChapStick and ice hotels. Give me shorts and sandals and a thirty-blocker. Temperance Brennan - Monday Mourning From: Cisco Clean Access Users and Administrators [mailto:[EMAIL PROTECTED] On Behalf Of Osborne, Bruce W. (NS) Sent: Tuesday, August 26, 2008 5:20 AM To: [email protected] Subject: Re: Game boxes Thanks, Todd. I am wondering if there is interest in sharing a list of Cisco phones. They must be filtered to ignore in Clean Access. I am concerned that I may be missing some mac prefixes from newer phones. I know my prefixes overlap with Aironet APs, but that is OK as long as the APs are not managed on your untrusted network. Any interest here? Bruce Osborne Liberty University From: Cisco Clean Access Users and Administrators [mailto:[EMAIL PROTECTED] On Behalf Of Joyce, Todd N Sent: Monday, August 25, 2008 9:59 PM To: [email protected] Subject: [CLEANACCESS] Game boxes It is time to update the list - here is what I have anyone else got anything to add 00:0D:3A:* Microsoft-XBox 00:12:5A:* Microsoft-XBox 00:50:F2:* Microsoft-XBox 00:01:4A:* Sony-PS2-PSP 00:02:C7:* Sony-PS2-PSP 00:04:1F:* Sony-PS2-PSP 00:13:15:* Sony-PS2-PSP 00:09:BF:* Nintendo 00:17:AB:* Nintendo-Wii 00:17:FA:* Microsoft-XBOX 00:15:C1:* Sony Playstation 3 00:11:D9:* TiVo 00:19:C5:* Sony Playstation3 00:1D:D8:* Microsoft - Xbox 00:1C:BE:* Nintendo - Wii 00:1B:EA:* Nintendo - Wii 00:1E:35:* Nintendo - WII 00:1B:7A:* Ninetndo - Wii Todd Joyce Network Engineering Team Lead Radford University [EMAIL PROTECTED] (540) 831-7777 Keep your boots and ChapStick and ice hotels. Give me shorts and sandals and a thirty-blocker. Temperance Brennan - Monday Mourning
