Enable Auto-sense LLDP Authentication of IP Phones
Before you begin
-
You must enable Extensible Authentication Protocol over LAN (EAPoL) globally.
About this task
Perform this procedure to enable Link Layer Discovery Protocol (LLDP) authentication of IP phones. The switch authenticates the phone after it receives LLDP packets from the phone if EAP/NEAP is enabled.
Auto-sense LLDP authentication applies to Auto-sense ports in the VOICE state. Auto-sense LLDP authentication does not require a global Auto-sense voice configuration.
The no auto-sense eapol voice lldp-auth command removes all Auto-sense LLDP sessions and removes the Auto-sense LLDP authentication configuration.
The system removes the LLDP session for the following reasons:
-
You disable EAPoL globally.
-
You disable Auto-sense on the port.
-
The LLDP neighbor is removed.
If the LLDP authentication configuration exists and one of the following situations occur, the LLDP session is recreated:
-
You renable EAPoL globally.
-
You renable Auto-sense on the port.
-
The LLDP neighbor is recreated.
Procedure
Example
Enabling LLDP authentication on the switch:
Switch:1>enable Switch:1#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Switch:1(config)#auto-sense eapol voice lldp-auth
Variable Definitions
The following table defines parameters for the auto-sense eapol voice command.
Variable |
Value |
---|---|
lldp-auth |
Enables Link Layer Discovery Protocol (LLDP) authentication of IP phones. By default, LLDP authentication of IP phones is disabled on the switch. |