Digium phones don't support 802.1X passthru authentication

Community based support for the Digium Phone Application Programming Interface (API).

Moderators: jwitt, sruffell, malcolmd, Moderator

Digium phones don't support 802.1X passthru authentication

Postby jdquigley » Thu May 01, 2014 1:43 pm

We ran into a wall with a large health care customer who is deploying a NAC to apply policy at the switchport.

Digium phones do not allow 802.1X authentication to devices connected to the PC port. In all fairness, per the RFC, it isn't supposed to. But other phone mfg's such as Cisco, Avaya, Polycom and Shoretel make the exception and have the ability to allow this 802.1X pass through to occur.

Has anyone else ran into this problem? I have the feature request submitted. NAC is becoming more typical in the Enterprise, and the BYOD world is having more and more SMBs looking at dynamic policy at the switchport (or access point) for security and management.

I want to get this out there as a warning to others and hopefully get some traction to put this on the development roadmap for phone firmware.
jdquigley
Newsterisk
 
Posts: 21
Joined: Tue Mar 21, 2006 8:31 am

Re: Digium phones don't support 802.1X passthru authentication

Postby brumar59 » Thu Feb 26, 2015 11:03 am

We are in the same boat. We use Cisco Identity Services Engine to lock down the edge and in the few cases where walljacks are lacking and computers are connected to the PC port of a Digium phone, passthru auth isn't working, so we have to disable ISE on those switch ports. Which, of course, we don't want to do.

I hope Digium changes this but in the mean time, we'll just have to run additional cabling with wall jacks.
brumar59
Newsterisk
 
Posts: 4
Joined: Wed Apr 09, 2014 7:24 pm


Return to Digium Phone API

Who is online

Users browsing this forum: No registered users and 3 guests