Hello Geek,
I am working with a client LAN upgrade and had an issues but latter on was resolve without a viable explanation so I need help to be able to explain what happen to my client.
The scenario is detail below:
1. Client is using NAP for network access control for their Domain machines (Workstation, Laptops) all windows. This domain machine authenticate using 802.1x.
2. The phones are not 802.1x capable but were granted access. While I look over the switch console I notice that authentication request fail.
3. In the client initial setup, non domain machine fail authentication and authorization. Also Phone fail authentication but were authorized into the network.
4. When we upgrade the switches with new hardware cisco switch with latest recommended stable IOS we observed that the phone fail both authentication and authorization.
5. Upon discovering this we downgraded the cisco sw IOS to machine the old sw IOS and phone was authorized through fail authentication.
6. Now here the strangest path: After a day we decided to upgrade the new switch back to the new IOS only to discover that the phone is now authorized but authentication still fail base on the console log.
Now the question client is asking is why did the phone fail authorization when the new switch was installed and latter after downgrading and upgrading.
I was thinking may be DHCP base enforcement could be the reason but I need someone to help with what could have happen.
Thanks,