Filter
Top Products
Administering Telephone Options
100 9600 Series SIP IP Telephones Administrator Guide SIP Release 2.0
transmitting a response that did not contain an identity or a password, an 802.1X Failure
interrupt screen is displayed.
When a telephone is installed for the first time and 802.1x is in effect, the dynamic address
process prompts the installer to enter the Supplicant identity and password. The IP telephone
does not accept null value passwords. See “Dynamic Addressing Process” in the Avaya
one-X™ Deskphone Edition for 9600 Series SIP IP Telephones Installation and Maintenance
Guide. The telephone stores 802.1X credentials when successful authentication is achieved.
Post-installation authentication attempts occur using the stored 802.1X credentials, without
prompting the user for ID and password entry.
An IP telephone can support several different 802.1X authentication scenarios, depending on
the capabilities of the Ethernet data switch to which it is connected. Some switches may
authenticate only a single device per switch port. This is known as single-supplicant or
port-based operation. These switches typically send multicast 802.1X packets to authenticating
devices.
These switches support the following three scenarios:
● Standalone telephone (Telephone Only Authenticates) - When the telephone is
configured for Supplicant Mode (DOT1X=2), the telephone can support authentication
from the switch.
● Telephone with attached PC (Telephone Only Authenticates) - When the telephone is
configured for Supplicant Mode (DOT1X=2), the telephone can support authentication
from the switch. The attached PC in this scenario gains access to the network without
being authenticated.
● Telephone with attached PC (PC Only Authenticates) - When the telephone is
configured for Pass-Through Mode or Pass-Through Mode with Logoff (DOT1X=0 or 1),
an attached PC running 802.1X supplicant software can be authenticated by the data
switch. The telephone in this scenario gains access to the network without being
authenticated.
Some switches support authentication of multiple devices connected through a single switch
port. This is known as multi-supplicant or MAC-based operation. These switches typically send
unicast 802.1X packets to authenticating devices. These switches support the following two
scenarios:
● Standalone telephone (Telephone Only Authenticates) - When the telephone is
configured for Supplicant Mode (DOT1X=2), the telephone can support authentication
from the switch. When DOT1X is "0" or "1" the telephone is unable to authenticate with the
switch.
● Telephone and PC Dual Authentication - Both the telephone and the connected PC can
support 802.1X authentication from the switch. The telephone may be configured for
Pass-Through Mode or Pass-Through Mode with Logoff (DOT1X=0 or 1). The attached
PC must be running 802.1X supplicant software.