[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

How to create a Vlan allowing only NBX100 traffic Through

Posted on 2007-08-01
6
Medium Priority
?
805 Views
Last Modified: 2010-05-19
I have a 3 Com NBX 100  Phone system integrated into our network (building A). The system is connected to a 3com 2226 pwr plus switch. I have another building (building B) on a different subnet and that network has a 3 Com 2226 Plus switch. The two buildings are connected through fiber, and plugged into ports on the 3com switches at both buildings. Because there are no Vlans setup between the buildings, traffic from building A is in B. I want to create a vlan between to the two buildings only allowing NBX traffic through. I am not familiar with 3com switches so detailed information on creating the Vlan would be great.
0
Comment
Question by:raygraham
  • 3
  • 2
6 Comments
 
LVL 53

Expert Comment

by:Will Szymkowski
ID: 19614192
Here is a PDF document that explains how to setup a vlan using your 3com switch. I believe the Creating Vlans starts on page 35.

http://support.3com.com/infodeli/tools/switches/baseline/DUA1649-0AAA02.pdf

Hope this helps
0
 
LVL 27

Accepted Solution

by:
pseudocyber earned 375 total points
ID: 19615894
Off hand, I don't think you can do it.  If I understand you right, you're wanting to filter traffic based on the type of traffic - which is at least layer 4 the Transport layer - where TCP/UDP live.  There are layer 4 and up switches, but your 3com 2226's don't appear to be layer 4 switches (I just glanced over the spec sheets).

You could put firewalls on one side of the link to seperate it from the two buildings.

I don't know your switches, so I could be wrong on this ....
0
 

Author Comment

by:raygraham
ID: 19615946
Thanks for the Vlan document. I guess real question would be, how do I keep subnet a and b seperated, because the phone system  originates on subnet A (building A). From what I understand about this phone system it does not use IP addresses. It is mac address based.  I need a way to allow only the phone protocol through and not allow anything else through.
0
NFR key for Veeam Agent for Linux

Veeam is happy to provide a free NFR license for one year.  It allows for the non‑production use and valid for five workstations and two servers. Veeam Agent for Linux is a simple backup tool for your Linux installations, both on‑premises and in the public cloud.

 
LVL 27

Expert Comment

by:pseudocyber
ID: 19615987
By design, vlans seperate layer 2 networks.  A device on A should NOT be able to communicate with a device on B.  That's the whole idea about vlans.

You could do MAC based Access Control Lists on Cisco gear.  It would be a PITA, but you could do it.
0
 

Author Comment

by:raygraham
ID: 19616032
I think pseudocyber is right. I monitored the traffic on the Subnet A with ethereal and it uses protocol 0x8868, And under "info" ethreal says ethernet II.  If I have to use a firewall between the segments, I need to find one that supports this protocol. Anyone know?
0
 

Author Comment

by:raygraham
ID: 19645324
tried using a managed switch and using acl's to allow the phone though, but the 3com 2226's seem to be proprietary. So were are having the phones changed to IP based which I can deal with.
0

Featured Post

Transaction-level recovery for Oracle database

Veeam Explore for Oracle delivers low RTOs and RPOs with agentless transaction log backup and transaction-level recovery of Oracle databases. You can restore the database to a precise point in time, even to a specific transaction.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article will show you step-by-step instructions to build your own NTP CentOS server.  The network diagram shows the best practice to setup the NTP server farm for redundancy.  This article also serves as your NTP server documentation.
In this article I will be showing you how to subnet the easiest way possible for IPv4 (Internet Protocol version 4). This article does not cover IPv6. Keep in mind that subnetting requires lots of practice and time.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

829 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question