Manuals / Avaya / Communications / Telephone

Avaya Comprehensive Guide to 802.1X Authentication and Features

Models: 9600

1 138
Download 138 pages 22.61 Kb
Page 99
Image 99

IEEE 802.1X

802.1X Pass-Through and Proxy Logoff

9600 Series SIP IP Telephones with a secondary Ethernet interface support pass-through of 802.1X packets to and from an attached PC. This enables an attached PC running 802.1X supplicant software to be authenticated by an Ethernet data switch.

The SIP IP Telephones support two pass-through modes:

pass-through and

pass-through with proxy logoff.

The DOT1X parameter setting controls the pass-through mode. In Proxy Logoff mode (DOT1X=1), when the secondary Ethernet interface loses link integrity, the telephone sends an 802.1X EAPOL-Logoff message on the Ethernet line interface to the data switch on behalf of the attached PC. The message alerts the switch that the device is no longer present. Proxy logoff occurs only after at least one EAPOL frame with the Port Access Entity (PAE) group multicast address as the destination MAC address was received on the secondary Ethernet interface. The destination MAC address of the proxy EAPOL-Logoff frame is the PAE group multicast address. The source MAC address of the proxy EAPOL-Logoff frame is the same as the source MAC address of the last frame received on the secondary Ethernet interface that had the PAE group multicast address as the destination MAC address.

Note:

When DOT1X = 0 or 2, the Proxy Logoff function is not supported.

802.1X Supplicant Operation

9600 SIP IP Telephones that support Supplicant operation also support Extensible Authentication Protocol (EAP), but only with the MD5-Challenge authentication method as specified in IETF RFC 3748 [8.5-33a] or with TLS.

If an EAP method in the configuration parameter DOT1XEAPS requires the authentication of a digital certificate, the standard authentication requirements apply, including matching the TLSSRVRID with that on the certificate.

If an EAP response requires an identity or a password, the values of the DOT1XID and DOT1XPSWD parameters will be used unless a new identity and/or password has been entered by the user via an 802.1X User Input interrupt screen, in which case the new values entered by the user will be used instead. The ID and password are not overwritten by telephone software downloads. For all EAP methods, if the Supplicant is unauthenticated, an 802.1X Waiting interrupt screen is displayed when a response is transmitted, unless an 802.1X User Input interrupt screen is already being displayed.

If an EAP-Failure frame is received after transmitting a response that contains an identity or a password, an 802.1X User Input interrupt screen is displayed, unless an 802.1X User Input interrupt screen is already being displayed. If an EAP-Failure frame is received after

Issue 2 December 2007 99

Page 98 Page 100
Page 99
Image 99
Avaya 9600 manual 802.1X Pass-Through and Proxy Logoff, 802.1X Supplicant Operation
Page 98 Page 100

9600 specifications

The Avaya 9600 series is a robust line of desktop phones designed to meet the needs of modern business communication. Tailored for users who require advanced functionalities, the 9600 series offers a rich set of features that enhance productivity and collaboration in the workplace.

One of the standout features of the Avaya 9600 series is its high-resolution graphical display. The intuitive interface with customizable menu options makes it easy for users to navigate through various functions and settings. The color screen enhances visibility and allows for clearer visual communication, essential for today’s fast-paced business environments.

In terms of audio quality, the Avaya 9600 series excels with high-definition voice technology. Users can benefit from crystal-clear audio, which minimizes misunderstandings during calls and enhances remote collaboration. The phones are equipped with full-duplex speakerphone functionality, ensuring that all parties can be heard clearly during conference calls.

Another significant characteristic of the Avaya 9600 series is its support for a wide range of communication protocols, including Voice over IP (VoIP) and SIP (Session Initiation Protocol). This versatility enables seamless integration with various communication systems, making the 9600 series suitable for companies of all sizes. The phones can connect to both cloud-based and on-premise solutions, allowing businesses to choose the best communication strategy for their needs.

User personalization is a key aspect of the 9600 series. The phones come with programmable function keys that allow users to customize their setup according to individual preferences and frequently used features. Additionally, the series supports Bluetooth and USB connectivity, enabling users to connect a variety of headsets and accessories for enhanced audio options.

Security is paramount in business communications, and the Avaya 9600 series addresses this with advanced security features. The phones support encryption protocols to protect sensitive information during calls, ensuring that businesses can communicate confidentially without the risk of eavesdropping.

Lastly, the Avaya 9600 series is designed for scalability. As organizations grow, the phones can easily be integrated into existing systems or expanded to accommodate additional users without requiring significant changes to the infrastructure.

In summary, the Avaya 9600 series is a powerful communication tool that combines advanced features, superior audio quality, and robust security to empower businesses. Its adaptability and user-friendly design make it a preferred choice for organizations aiming to enhance their communication efficiency and productivity.