Hi,
Clearpass 6.11.9
2930 WC.16.11.18
DUR applied to authenticated devices
Since enabling 802.1x/mac auth on our 2930 switches we have had issues with Polycom C60 devices disconnecting from our exchange server at some point in a 24 hour period.
Device fingerprinting detects its a polycom device and I apply a specific DUR when mac authenticating
DUR config is
aaa authentication user-role name cppmrole_....
vlan-id 2
vlan-id-tagged 801
reauth-period 3600
logoff-period 0
exit
So basically all im doing is assigning a taggedf/untaggedf set of vlans, a reauth period and. disabling the logoff period.
The phone connects to the untagged vlan and then switches to the tagged (voice) vlan and obtains an IP address.
Reauths occur every hour and the switch is enable to generate interim accounting packets.
On the switch everything looks fine, at no point does the link on the port drop.
There are no logs on the phone to say why its disconnected from exchange/skype, there appear to be n logs on the exchange side either.
Disabling authentication and. phone stays connected
Just to check, in switch I do an "sh port-access client" and "sh user-role down det" to check switch is getting the above user role, which it is.
Any ideas why phone might disconnect from. remote services when auth enabled on switch port?
A