Re: [Packetfence-users] Serious issues with VOIP ports

Fri, 04 Jun 2010 15:25:09 -0700 

Forget the previous post. I did some testing by adding the line back to
the interface "switchport port-security maximum 1 vlan access" every
time it gets wiped out by plugging in a different device and the results
are looking great. If there was a way to either prevent that line from
being removed or to script it back in as PF is changing the port config
that the whole issue would probably work and it won't matter whether a
phone is unplugged and a workstation plugged in directly after.

 

Here is what is happening : Start with a phone and an unregistered
device plugged into the phone.

<1

interface FastEthernet0/24

 switchport access vlan 101

 switchport mode access

 switchport voice vlan 200

 switchport port-security

 switchport port-security maximum 2

 switchport port-security violation restrict

 switchport port-security mac-address 00a0.d1a4.5a44

 switchport port-security maximum 1 vlan access

> 

<2

then unplug the first device from the IP phone and replace it with a new
device (in this case registered)

interface FastEthernet0/24

  switchport mode access

 switchport voice vlan 200

 switchport port-security

 switchport port-security maximum 2

 switchport port-security violation restrict

 switchport port-security mac-address 00a0.d1a4.5a44

 

the port has changed to vlan1 and wiped out the line switchport
port-security maximum 1 vlan access. This causes a problem if you now
unplug the phone and plug a device directly to this port in that no port
security trap is sent, therefore the vlan stays the same.  If this can
be prevented or scripted back in to the port config, I believe that all
ports in the enterprise (using 3560 switches because that is all I have
to test with) could be configured as VOIP ports whether you have or
intend to have phones or not.

 

 

 


------------------------------------------------------------------------------
ThinkGeek and WIRED's GeekDad team up for the Ultimate 
GeekDad Father's Day Giveaway. ONE MASSIVE PRIZE to the 
lucky parental unit.  See the prize list and enter to win: 
http://p.sf.net/sfu/thinkgeek-promo
_______________________________________________
Packetfence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Reply via email to