sid20vt
asked on
VoIP and VLANs on Procurve 2524
Hi All,
We use VoIP at on our network and I have tried to use Vlans to seperate broadcasts.
What I have is 3 HP Procurve 2524 switches. Each port on each switch is a member of Vlan 20 and vlan 40 as well as the default vlan 1.
Vlan 20 = data
vlan 40 = voice
What I want to do is have every port a member of vlan 20 and 40 only and not use vlan 1.
But when I do this the IP phones work fine but no client on vlan 20 can connect to another. I've tried connecting a client machine on a port which is vlan 20 only to a server on another port which is vlan 20 only. They cant even ping each other.
But when reverting back to vlan 1 (default) they work fine.
Anyone tell me what it is I am doing wrong or what needs changing?
We use VoIP at on our network and I have tried to use Vlans to seperate broadcasts.
What I have is 3 HP Procurve 2524 switches. Each port on each switch is a member of Vlan 20 and vlan 40 as well as the default vlan 1.
Vlan 20 = data
vlan 40 = voice
What I want to do is have every port a member of vlan 20 and 40 only and not use vlan 1.
But when I do this the IP phones work fine but no client on vlan 20 can connect to another. I've tried connecting a client machine on a port which is vlan 20 only to a server on another port which is vlan 20 only. They cant even ping each other.
But when reverting back to vlan 1 (default) they work fine.
Anyone tell me what it is I am doing wrong or what needs changing?
Perhaps disable vlan1 when using the others.
You need something to route between VLANs. Vlan 1 should remain in the config and alway be used as a management VLAN. If the procurve switches are layer three you can route between them.
ASKER
They are layer 2 switches. How do I route between them?
Have a couple of routers which are used to connect to other sites and the Internet. i could use them to do the routing for the Vlans.
What local configuration/connections would I need to make before I use the routers? Any chance of a sample router config script on how to acheive this?
I am guessing the switches would need to be linked before I connect one of them to a router?
Have a couple of routers which are used to connect to other sites and the Internet. i could use them to do the routing for the Vlans.
What local configuration/connections would I need to make before I use the routers? Any chance of a sample router config script on how to acheive this?
I am guessing the switches would need to be linked before I connect one of them to a router?
Do you work with a make of phones able to split a mix of tagged and untagged packets going in and pass the tagged packets to the phone and letting untagged packets go on to a PC?
My guess is your Vlan 1 is Untagged, Vlan 20 TAGGED! and vlan 40 tagged on all ports.
Please post your running config here.
My guess is your Vlan 1 is Untagged, Vlan 20 TAGGED! and vlan 40 tagged on all ports.
Please post your running config here.
ASKER
you are right.
Vlan1 is Untagged
Vlan 20 is tagged on all ports.
Vlan 40 is tagged on all ports except one.
What should it be?
Phones are Nortel NTDU91 models.
I am not sure about the passing of untagged packets.
Which Vlans should be tagged and which untagged?
Vlan1 is Untagged
Vlan 20 is tagged on all ports.
Vlan 40 is tagged on all ports except one.
What should it be?
Phones are Nortel NTDU91 models.
I am not sure about the passing of untagged packets.
Which Vlans should be tagged and which untagged?
If it worked vith untagged vlan1 and you want to use vlan20 instead, then use vlan20 untagged.
Remember on one port you can have many tagged vlans but only one untagged.
So just remove vlan1 from the ports going to phones first.
Normaly a PC is running untagged.
Remember on one port you can have many tagged vlans but only one untagged.
So just remove vlan1 from the ports going to phones first.
Normaly a PC is running untagged.
ASKER
hostname "HP ProCurve Switch 2524"
cdp run
interface 1
no lacp
exit
interface 2
no lacp
exit
interface 3
no lacp
exit
interface 4
no lacp
exit
interface 5
no lacp
exit
interface 6
no lacp
exit
interface 7
no lacp
exit
interface 8
no lac
exit
interface 9
no lacp
exit
interface 10
no lacp
exit
interface 11
no lacp
exit
interface 12
no lacp
exit
interface 13
no lacp
exit
interface 14
no lacp
exit
interface 15
no lacp
exit
interface 16
no lacp
exit
interface 17
no lacp
exit
interface 18
no lacp
exit
interface 19
no lacp
exit
interface 20
no lacp
exit
interface 21
no lacp
exit
interface 22
no lacp
exit
interface 23
no lacp
exit
interface 24
no lacp
exit
interface 25
no lacp
exit
interface 26
no lacp
exit
snmp-server community "public" Unrestricted
vlan 1
name "DEFAULT_VLAN"
untagged 1-26
ip address dhcp-bootp
exit
vlan 40
name "VOICE"
tagged 1-26
exit
vlan 20
name "DATA"
tagged 1-26
exit
no aaa port-access authenticator active
cdp run
interface 1
no lacp
exit
interface 2
no lacp
exit
interface 3
no lacp
exit
interface 4
no lacp
exit
interface 5
no lacp
exit
interface 6
no lacp
exit
interface 7
no lacp
exit
interface 8
no lac
exit
interface 9
no lacp
exit
interface 10
no lacp
exit
interface 11
no lacp
exit
interface 12
no lacp
exit
interface 13
no lacp
exit
interface 14
no lacp
exit
interface 15
no lacp
exit
interface 16
no lacp
exit
interface 17
no lacp
exit
interface 18
no lacp
exit
interface 19
no lacp
exit
interface 20
no lacp
exit
interface 21
no lacp
exit
interface 22
no lacp
exit
interface 23
no lacp
exit
interface 24
no lacp
exit
interface 25
no lacp
exit
interface 26
no lacp
exit
snmp-server community "public" Unrestricted
vlan 1
name "DEFAULT_VLAN"
untagged 1-26
ip address dhcp-bootp
exit
vlan 40
name "VOICE"
tagged 1-26
exit
vlan 20
name "DATA"
tagged 1-26
exit
no aaa port-access authenticator active
I have not been very successfull googling for your IP-phone.
To make a config you need to know how the netw. is supposed to work in greater detail, so this is only some aspects of a broader picture.
The vlan-config should be identical in both ends of link
port 1->managementPC [untagged vlan 1]
port 2 -> phoneServer [untagged vlan 40]
port 3-13->PC' [untagged vlan 20]
port 14-22->phones [tagged vlan 40]
port 23 -> either PC OR Phone [untagged vlan 20 + tagged vlan 40]
port 24 -> phone with mini-vlan-switch ->PC [untagged vlan 20 + tagged vlan 40]
port 25 -> link to other switch [tagged vlan 1+ tagged vlan 20 + tagged vlan 40]
port 26 -> dataserver [untagged vlan 20]
at some point I guess you would like to make a static IP and
no snmp-server community "public" Unrestricted
snmp-server community "MyVeryOwn-secret" Unrestricted
To make a config you need to know how the netw. is supposed to work in greater detail, so this is only some aspects of a broader picture.
The vlan-config should be identical in both ends of link
port 1->managementPC [untagged vlan 1]
port 2 -> phoneServer [untagged vlan 40]
port 3-13->PC' [untagged vlan 20]
port 14-22->phones [tagged vlan 40]
port 23 -> either PC OR Phone [untagged vlan 20 + tagged vlan 40]
port 24 -> phone with mini-vlan-switch ->PC [untagged vlan 20 + tagged vlan 40]
port 25 -> link to other switch [tagged vlan 1+ tagged vlan 20 + tagged vlan 40]
port 26 -> dataserver [untagged vlan 20]
at some point I guess you would like to make a static IP and
no snmp-server community "public" Unrestricted
snmp-server community "MyVeryOwn-secret" Unrestricted
ASKER
So if I have the site server on vlan 1 untagged (management PC) and a client on another port on the same switch on vlan 20 untagged they should be able to ping each other right?
Wouldnt work.
How would you google for an IP phone?!
Wouldnt work.
How would you google for an IP phone?!
ASKER
And thanks for the help so far! Helping my understanding of it at least!
'So if I have the site server on vlan 1 untagged (management PC) and a client on another port on the same switch on vlan 20 untagged they should be able to ping each other right?'
No ,
you can ping WITHIN vlans - not across vlans (as you have no routing betw. the vlans)
No ,
you can ping WITHIN vlans - not across vlans (as you have no routing betw. the vlans)
I am not sure about the Nortel NTDU91, can it operate with tagged vlans?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks for the help and sorry for not coming back sooner!