locked
Issues with NAP with Cisco Phone via Cisco Switch.. RRS feed

  • Question

  • Hello Geek,

    I am working with a client LAN upgrade and had an issues but latter on was resolve without a viable explanation so I need help to be able to explain what happen to my client.

    The scenario is detail below:

    1. Client is using NAP for network access control for their Domain machines (Workstation, Laptops) all windows. This domain machine authenticate using 802.1x.

    2. The phones are not 802.1x capable but were granted access. While I look over the switch console I notice that authentication request fail.

    3. In the client initial setup, non domain machine fail authentication and authorization. Also Phone fail authentication but were authorized into the network.

    4. When we upgrade the switches with new hardware cisco switch with latest recommended stable IOS we observed that the phone fail both authentication and authorization.

    5. Upon discovering this we downgraded the cisco sw IOS to machine the old sw IOS and phone was authorized through fail authentication.

    6. Now here the strangest path: After a day we decided to upgrade the new switch back to the new IOS only to discover that the phone is now authorized but authentication still fail base on the console log.

    Now the question client is asking is why did the phone fail authorization when the new switch was installed and latter after downgrading and upgrading.

    I was thinking may be DHCP base enforcement could be the reason but I need someone to help with what could have happen.

    Thanks,

    Wednesday, February 17, 2016 8:17 AM

Answers

  • Hi CownAD,

    How could client fail authentication but can still authorized into the network?

    I guess your customer configured an additional NPS policy for the phones, and the phones could match that policy so that phone clients could access the network. 

    If not, could you explain how you customer do that?

    Besides, when the first time you upgrade switch, and phones fail both authentication and authorized to the network, what is the error log on NPS server?

    Best Regards,

    Anne


    Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact tnmff@microsoft.com.

    Friday, February 19, 2016 6:13 AM