Manualshelf

Installation guide

ManualsBrandsAastra ManualsComputer equipment6700i Series
31323334353637383940
AASTRA 6700I SIP TERMINALS FOR MX-ONE
32 26/1531-ANF 901 14 Uen E10 2014-01-22
eap type: 1
identity: Phone1
md5 password: Anypass
LAN switch
Below is an example how to configure a Cisco switch to enable
IEEE802.1x:
aaa authentication dot1x default group radius
dot1x system-auth-control
radius-server host X.X.X.X auth-port 1812 acct-port 1813
radius-server key XXX
Configuration of an access port for IP telephony:
interface FastEthernetx/0/x
description Aastra accessport
switchport mode access
switchport voice vlan 150
authentication host-mode multi-domain
authentication port-control auto
authentication periodic
authentication timer reauthenticate 120
authentication violation protect
dot1x pae authenticator
auto qos voip trust
mls qos trust dscp
spanning-tree portfast
Radius server
In the Radius server the certificate matching the one in the phones must
be available (when EAP-TLS is used). It is also important to configure
the port to enable the telephony VLAN otherwise the telephone will try to
use the data LAN.
In the example below the settings for enabling of telephony VLAN in the
configuration file for a Radius server from FreeRadius is shown when
using a Cisco LAN switch:
Phone_Floor1 Cleartext-Password := "GJM"
cisco-avpair == "device-traffic-class=voice"
In combination with the examples above (parameters marked with red)
this will mean the telephones with the identity Phone_Floor1 will use
VLAN 150.
For more information about how to set up IEEE802.1x in the phones, see
Administrator Guide for Aastra Models 6700i and 9000i Series IP SIP
Phones.