How to create a Vlan allowing only NBX100 traffic Through

Posted on 2007-08-01
Last Modified: 2010-05-19
I have a 3 Com NBX 100  Phone system integrated into our network (building A). The system is connected to a 3com 2226 pwr plus switch. I have another building (building B) on a different subnet and that network has a 3 Com 2226 Plus switch. The two buildings are connected through fiber, and plugged into ports on the 3com switches at both buildings. Because there are no Vlans setup between the buildings, traffic from building A is in B. I want to create a vlan between to the two buildings only allowing NBX traffic through. I am not familiar with 3com switches so detailed information on creating the Vlan would be great.
Question by:raygraham
    LVL 53

    Expert Comment

    by:Will Szymkowski
    Here is a PDF document that explains how to setup a vlan using your 3com switch. I believe the Creating Vlans starts on page 35.

    Hope this helps
    LVL 27

    Accepted Solution

    Off hand, I don't think you can do it.  If I understand you right, you're wanting to filter traffic based on the type of traffic - which is at least layer 4 the Transport layer - where TCP/UDP live.  There are layer 4 and up switches, but your 3com 2226's don't appear to be layer 4 switches (I just glanced over the spec sheets).

    You could put firewalls on one side of the link to seperate it from the two buildings.

    I don't know your switches, so I could be wrong on this ....

    Author Comment

    Thanks for the Vlan document. I guess real question would be, how do I keep subnet a and b seperated, because the phone system  originates on subnet A (building A). From what I understand about this phone system it does not use IP addresses. It is mac address based.  I need a way to allow only the phone protocol through and not allow anything else through.
    LVL 27

    Expert Comment

    By design, vlans seperate layer 2 networks.  A device on A should NOT be able to communicate with a device on B.  That's the whole idea about vlans.

    You could do MAC based Access Control Lists on Cisco gear.  It would be a PITA, but you could do it.

    Author Comment

    I think pseudocyber is right. I monitored the traffic on the Subnet A with ethereal and it uses protocol 0x8868, And under "info" ethreal says ethernet II.  If I have to use a firewall between the segments, I need to find one that supports this protocol. Anyone know?

    Author Comment

    tried using a managed switch and using acl's to allow the phone though, but the 3com 2226's seem to be proprietary. So were are having the phones changed to IP based which I can deal with.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    How your wiki can always stay up-to-date

    Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
    - Increase transparency
    - Onboard new hires faster
    - Access from mobile/offline

    I eventually solved a perplexing problem setting up telnet for a new switch.  I installed a new Cisco WS-03560X-24P switch connected to an existing Cisco 4506 running a WS-X4013-10GE Sup II-Plus. After configuring vlans and trunking,  I could no…
    I recently purchased a Bluetooth headset called the Music Jogger (model BSH10). The control buttons on it look like this: One of my goals is to use it as the microphone and speakers for Skype calls. In that respect, it works well. However, I …
    After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
    This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor ( If you're looking for how to monitor bandwidth using netflow or packet s…

    761 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    8 Experts available now in Live!

    Get 1:1 Help Now