04-07-2014 04:05 AM
Now I experience another problem with this switch.
I have an IP phone Yealink T19P which supports only LLDP protocol (no CDP)
I attach a PC to it in roder to get the follwoing configuration: Network --> Foundry FastIron --> Yealink (Phone) --> PC
I nterms of configuration I do the follwoing:
vlan 3 - DATA
tagged eth 1/1/3
vlan 10 - VOICE
tagged eth 1/1/3
int eth 1/1/3
dual-mode 3 (In order to make vlan 3 the untagged VLAN)
I start the LLDP service: lldp run
LLDP is enabled by default on the phone (this has been confirmed)
Then I apply the following commands on the switch in order to forcely put the phone in VLAN VOICE:
lldp med network-policy application voice tagged vlan 854 priority 7 dscp 48 ports ethe 1/1/1 to 1/1/48 ethe 1/2/1 to 1/2/2
lldp advertise vlan-name vlan 854 ports ethe 1/1/1 to 1/1/48 ethe 1/2/1 to 1/2/2
It was working fine a week ago. However, at present the phone is not put automatically in the proper VLAN and goes directly in the DATA one...
Where do I go wrong?
04-07-2014 04:58 AM
Do not add it as a tagged port to VLAN 3.
You only add the port a tagged to VLAN 10, then use the dual-mode command to add untagged VLAN 3.
04-07-2014 04:59 AM
Problem was solved by restarting the switch to factory defaults as for uknown reasons the LLDP malfunctioned...
For best troubleshooting just verify the content of the LLDP neighbor table by initiating this command: show lldp neighbors
If there is no output and you can verify that the LLDP is running, just restart your switch to factiry defautls. This worked for me, quite painful but at least rewarding...
04-07-2014 05:05 AM
This is impossible as the switch does not allow me to do so! I tried all possible ways to assign tagged and untagged ports and the only suitable is to have both VLANs (for VOCIE and for DATA) tagging the port needed.
Than dual-mode VLAN DATA ID must be initiated in oredr to specify that the port will carry both tagged and utagged traffic, where the untagged traffic will be the DATA one (according to the ID specified in the command).
After all it is up to CDP or LLDP whether the phone will pick the right VLAN.
-For CDP config simply assure that it is configured by issuing the cdp run command and then on the interface wanted type th voice-vlan X command.
-For LLDP equally make sure that it is enabled by issuing the lldp run command and then type the follwing:
lldp med network-policy application voice tagged vlan 854 priority 7 dscp 48 ports all/ or ports wanted (do not forget to select the trunk prot to the network, too!)
This sends the LLDP-MED network-policy attribute to the phone telling it in which VLAN to be assigned.
Thanks for the support, mate!
04-07-2014 05:07 AM
Now that might be a reason to upgrade of version 5 :) I am running LLDP on version 7.4 with out any issue.
Anyway glad you got it working.
04-07-2014 06:21 AM
Is there any way to authenticate a PC and a telephone connected in this way to the switch: Brocade --> Telephone --> PC
In Cisco it is the concept of multidomains. Is there anything equivalent to this in a Brocade language, as I found nothing on the net?
04-07-2014 06:26 AM
Check out Chapter 45 - Configuring Multi-Device Port Authentication of the maunal you asked me to update, I beleive this is what you are after.
04-07-2014 07:22 AM
Excuse me, I did not specify well my taks. I would like to authenticate multiple users, not machines. Apparently, this is not supported by these switches? If there is no other option I assume I will have to change the strategy and authenticate the machines themselves..
04-07-2014 07:27 AM
Ok, I think I got what you mean. So MAC auth for the voice and dot1x for the client? That will work. But no you can not do user auth for both as they are diffent VLAN's.
04-10-2014 02:16 AM
Apparently the LLDP keeps on making the problems. I assume that and upgrade will be the only way to figure out if this is a version bug. Do you have any suggestions???