Enable Auto-sense LLDP Authentication of IP Phones

Before you begin

  • You must enable Extensible Authentication Protocol over LAN (EAPoL) globally.

About this task

Perform this procedure to enable Link Layer Discovery Protocol (LLDP) authentication of IP phones. The switch authenticates the phone after it receives LLDP packets from the phone if EAP/NEAP is enabled.

Auto-sense LLDP authentication applies to Auto-sense ports in the VOICE state. Auto-sense LLDP authentication does not require a global Auto-sense voice configuration.

The no auto-sense eapol voice lldp-auth command removes all Auto-sense LLDP sessions and removes the Auto-sense LLDP authentication configuration.

The system removes the LLDP session for the following reasons:

  • You disable EAPoL globally.

  • You disable Auto-sense on the port.

  • The LLDP neighbor is removed.

If the LLDP authentication configuration exists and one of the following situations occur, the LLDP session is recreated:

  • You renable EAPoL globally.

  • You renable Auto-sense on the port.

  • The LLDP neighbor is recreated.

Procedure

  1. Enter Global Configuration mode:

    enable

    configure terminal

  2. Enable LLDP authentication:

    auto-sense eapol voice lldp-auth

Example

Enabling LLDP authentication on the switch:

Switch:1>enable
Switch:1#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Switch:1(config)#auto-sense eapol voice lldp-auth

Variable Definitions

The following table defines parameters for the auto-sense eapol voice command.

Variable

Value

lldp-auth

Enables Link Layer Discovery Protocol (LLDP) authentication of IP phones. By default, LLDP authentication of IP phones is disabled on the switch.