Wired 802.1x issue with Snom VoIP device

  • 1
  • Question
  • Updated 2 years ago
Hi all,

I am trying to set up wired 802.1x in our corporate network. We mainly use Macbooks as endpoints and Snom VoIP devices for our voice needs. RADIUS is being handled by a FreeRADIUS pair of servers.

I am using the Tunnel-Private-Group-Id attribute associated with certain users or devices on the FreeRADIUS server to communicate the VLAN they should be assigned back to the Aerohive switch (an SR2148P running 6.6r2a).

Authentication for the Macbook works fine and the user is properly being assigned to VLAN 102, which is the "data" VLAN. Not so with the Snom VoIP phone however, which should be assigned to VLAN 190 (Voice VLAN), but apparently is being mistaken for a "data" device, assuming I understand the message below correctly (this message is on the switch):
ah_auth: Try to deauth station 0004:1328:3708 from e01c:414b:5794(p20) because of VLAN(190) doesn't equal interface vlan(102)
In my network profile I have two local user (voice, data) groups, two user profiles (voice, data), and each is assigned respectively to the Auth OK (Voice) and Auth OK (Data) categories.

Any ideas as to what might be going on here would really be appreciated!
Photo of dreamer

dreamer

  • 10 Posts
  • 1 Reply Like
  • frustrated

Posted 2 years ago

  • 1

There are no replies.