13 replies to this topic

[cygee]

I would like to ask some help how would i deploy our IP Telephony:

where planning to using Avaya IP Office Version 2 (Essential Edition)

everything is working fine when Avaya IP Office(Voice Gateway) is connected to Cisco 3560 (as core switch)

configured the assigned ports under VLAN 100(not actual VLAN as implemented)

IP Phone connected directly to Core Switch can retrieved IP from Voice Gateway.

problem is on the SFE2000P-G5 (Access Switch)

the IP Phone connected on it's end cannot retrieved an IP from the Voice Gateway, instead it's getting the IP intended for the DATA Connection.

but the PC connected to the IP Phone can retrieved DATA IP.

each access switch is on different Subnet and Data VLANs.

how will i configured the SFE2000P-G5 so that it can accept both Voice and Data Vlan on the same ports?

i saw this discussion: https://supportforum.../thread/2023505 but somehow i hope it wont be the same as it that i have to configure voice vlan on SFE2000P-G5 switch.


Please see attached PKT file to explain the scenario I have,

Attached Files

•  Scenario 1.JPG   42.26K   6 downloads

Edited by cygee, 17 October 2011 - 02:02 PM.

[chrcel]

well you need to configure the connection between the two switches as an trunk, than it might work

[cygee]

well you need to configure the connection between the two switches as an trunk, than it might work

I had configured the link between two switches as trunk mode. but the problem now is that:

1. the subnet IP for Data that was configured on the Firewall was bypassed. and the Local IP pool of the firewall was transmitted towards the access switch Desktop pc's. the IP Phone is working great now.

what im trying to achieve are the following:

ALL subnet will be able to communication thru 1 Voice Vlan via DHCP Pool of the Voice Gateway while the Data DHCP Poll is still observed.

DATA_VLAN_1 + VOICE_VLAN_100
DATA_VLAN_2 + VOICE_VLAN_100
DATA_VLAN_3 + VOICE_VLAN_100

something like that.

Edited by cygee, 17 October 2011 - 11:46 PM.

[chrcel]

1. the subnet IP for Data that was configured on the Firewall was bypassed. and the Local IP pool of the firewall was transmitted towards the access switch Desktop pc's. the IP Phone is working great now.

what im trying to achieve are the following:

ALL subnet will be able to communication thru 1 Voice Vlan via DHCP Pool of the Voice Gateway while the Data DHCP Poll is still observed.

DATA_VLAN_1 + VOICE_VLAN_100
DATA_VLAN_2 + VOICE_VLAN_100
DATA_VLAN_3 + VOICE_VLAN_100

something like that.

sorry I have no idea what you're trying to say. could you rephrase?

[cygee]

let me rephrase it:

each access switch is belong to different subnet.

[DATA_VLAN 100] core sw (port 1) <=>(port 24) access sw1 [192.168.1.x]

[DATA_VLAN 101] core sw (port 2) <=>(port 24) access sw2 [192.168.2.x]

[Voice_VLAN 200] [192.168.0.x] must be visible on global network for us to communicate 1 department to another.

my firewall[UTM] is the one giving out the dhcp pool of every vlan/department. default dhcp pool of firewall [192.168.100.x] my computer is directly connected its LAN port utilzing this pool for me to have no restrictions and for me to be able to access different switch in the entire network range.

my avaya ip office is the one giving out the dhcp pool for ip phones.

core sw[192.168.1.2] and access sw[192.168.1.3] link under static ip, mode access.

problem: when i configure mode trunk between core sw port and access switch port. the avaya dhcp pool can pass thru thus the ip phone on the client side can retrieve its IP from the voice gateway, BUT instead getting the VLAN100 IP range[192.168.1.x] for the computers/laptops, its getting the ip range [192.168.100.x]. isolation of the said department is now bypassed thus if i will continue the said config on the rest of the core ports and access switched connected on it. they will all meet up on 1 IP pool.

what should i do?

[cygee]

Addtional info:

i just found out that connection between firewall[UTM] LAN port <=>TRUNK MODE<=>3650 that's why they passed the said IP range 192.168.1.x, not the configured subnet/vlan range.

[chrcel]

so the FW-core switch connection is in which vlan? how are the DHCP pools configured on the UTM. you have ip helpers configured correctly on vlan interfaces? maybe sharing the config of the core switch would be faster

[cygee]

so the FW-core switch connection is in which vlan? how are the DHCP pools configured on the UTM. you have ip helpers configured correctly on vlan interfaces? maybe sharing the config of the core switch would be faster

CORE Config:

no aaa new-model
system mtu routing 1500
ip subnet-zero
no ip domain-lookup
ip dhcp excluded-address 10.10.0.250
!
!
!
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
!
interface GigabitEthernet0/10
switchport access vlan 100
switchport mode access
switchport voice vlan 200
spanning-tree portfast
!
interface GigabitEthernet0/21
switchport trunk encapsulation dot1q
switchport mode trunk
switchport voice vlan 200
spanning-tree portfast
!
interface GigabitEthernet0/22
!
interface GigabitEthernet0/23
switchport voice vlan 200
spanning-tree portfast
!
interface GigabitEthernet0/24
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface Vlan1
description *** MIS ***
ip address 192.168.1.2 255.255.255.0
no ip route-cache
no ip mroute-cache
!
interface Vlan100
description *** ADMIN ***
ip address 10.10.2.2 255.255.255.128
no ip route-cache
no ip mroute-cache
!
interface Vlan200
description *** IPTEL ***
ip address 10.10.0.254 255.255.254.0
!
ip default-gateway 192.168.1.99
ip classless
ip http server

gig0/21 = simulating trunk port thus MIS VLAN1 and Voice passthru

gig0/10 = data vlan 100 is working properly, i want the voice_vlan_200 to passthru the same Port.

gig0/24 = trunk port going to FW

gig0/23 = access port going to Avaya voice gateway


FW = DHCP Server/Gateway
CW = VLAN assignement
AW = vlan Sub network

Attached Files

•  1.JPG   29.04K   7 downloads
•  2.JPG   14.82K   8 downloads
•  3.JPG   46.03K   5 downloads

Edited by cygee, 18 October 2011 - 04:28 PM.

[chrcel]

okay, so you AVAYA vgw assigns addresses to phone? your FW assigns address to users in vlan 100? and who do you want to assign address to users in vlan 200?

[cygee]

okay, so you AVAYA vgw assigns addresses to phone? your FW assigns address to users in vlan 100? and who do you want to assign address to users in vlan 200?

VLAN 100 = Data Vlan going to subnet "administration office"
VLAN 200 = Voice Vlan going to all subnet "admin, sales, logistics, etc" fgw should assign addresses on this voice vlan.

[chrcel]

what's fgw now? could answer the 3 questions I have asked before?
1) AVAYA vgw assigns addresses to phone?
2) FW assigns address to users in vlan 100?
3) who do you want to assign address to users in vlan 200?

and perhaps what's vlan 1?
and who is assigning address in vlan 1?

[cygee]

what's fgw now? could answer the 3 questions I have asked before?
1) AVAYA vgw assigns addresses to phone?
2) FW assigns address to users in vlan 100?
3) who do you want to assign address to users in vlan 200?

and perhaps what's vlan 1?
and who is assigning address in vlan 1?

firewall gateway: 192.168.1.1(static IP)
1. Avaya VGW assign addresses to IP Phones via DHCP/ Analog phones via STATIC


2. FW assigns address to users in vlan 100 = " YES"
Admin gateway "10.10.2.1/25" (STATIC)
CSW port 10 "10.10.2.2/25" (STATIC)
ASW port 24 "10.10.2.3/25" (STATIC)

3. who do you want to assign address to user in vlan 200 = "the AVAYA IP Office",
under DHCP, device ip "10.10.0.250"
usable Phone IP: 10.10.0.100 - 10.10.0.110


DEVICE IP ADDRESSES:

VLAN 1 in CSW: 192.168.1.2
VLAN 1 in ASW: 10.10.2.3

[chrcel]

okay so you need to keep your VLANs and IP address consistent across devices. that is VLAN1 on all devices will have the same addresses (192.168.1.x), vlan 100 (10.10.2.x) and vlan 200 (10.10.0.0/23). than it might start working.

[cygee]

okay so you need to keep your VLANs and IP address consistent across devices. that is VLAN1 on all devices will have the same addresses (192.168.1.x), vlan 100 (10.10.2.x) and vlan 200 (10.10.0.0/23). than it might start working.

FW(data dhcp server) Core SW Access SW
10.10.2.1 10.10.2.2 10.10.2.3


Avaya IP Office(Voice dhcp Server)
10.10.0.250

Core SW
ALL IP Phones working properly while connected on this switch (10.10.0.100 - 10.10.0.110)

Access SW
ALL IP Phones are getting the Data DHCP SERVERIP (10.10.2.x)


ACCESS Sw SFE-2000P
Vlan 1 on this switch was used to pass-on the DATA USABLE IP. because when i configured it before, using VLAN 100. its not working.

Please see attachement photos: (im using a dummy switch with the same configuration as actual one)

or view this said link: http://www.cisco.com...Admin_Guide.pdf

Attached Files

•  11.JPG   84.43K   6 downloads
•  12.JPG   62.97K   7 downloads
•  13.jpg   253.91K   5 downloads
•  14.jpg   249.83K   2 downloads