Solved

Help configuring VOIP VLANS on LAN & WAN  Using HP Layer 3 Switches, Avaya S8500 & S8300 on MPLS network

Posted on 2008-10-25
13
1,404 Views
Last Modified: 2012-05-05
I have 2 sites one in NJ and the other in CA that are connected via AT&T MPLS network with AT&T managed Cisco Routers.  Dual T1s in HSRP configuration both sites.  AT&T States that DSCP=48 is set.

NJ site has an HP 5308XL core switch and Avaya S8500 with 9620 IP phones.  2 VLANS: VLAN 1 for data (10.68.36.0/22); VLAN 10 for voice (192.168.2.0/24).   Working great for almost a year. OSPF is not being used (yet).

CA site has dual T1 in HSRP configuration with an HP 5406ZL core switch and will be installing an Avaya G530 gateway with S8300.  3 VLANS: VLAN 1 for data (10.222.82.0/24); VLAN 10 for voice (10.222.83.0/24); VLAN 20 (10.224. for transfer network.  Premium Edge License is installed for OSPF.  All VLAN seems to be working fine.  Phones are booting up into VLAN 20 and getting the proper address from the proper DHCP scope (10.222.82.0).



Situations:

I plug the G350 that is preconfigured with address 10.222.83.2 & 3/25 gw 10.222.83.1 into a VLAN 10 port with a crossover cable and cannot see it.  The switch shows link on Port C20.  No entry in ARP table.

I plug a PC with address 10.222.83.220/24 gw 10.222.83.1 into PORT C19 same thing.


I need to setup a pc in both NJ & CA to to VOIP network analysis.

I need to get the two VLAN 10s talking over the WAN.
0
Comment
Question by:paul_rigano
  • 7
  • 6
13 Comments
 
LVL 10

Expert Comment

by:kyleb84
ID: 22804154
Stupid question but are you sure the port's untagged?

config
vlan 10
  ip address 10.222.83.1/25
  untagged C19-C20

----------------

"VLAN 10 for voice (10.222.83.0/24); VLAN 20 (10.224. for transfer network."

"Phones are booting up into VLAN 20"

You mean 10?

------------------

"I need to get the two VLAN 10s talking over the WAN."

Since they're in different networks 10.222.83 + 10.222.82 you'll have to route.

HP config:
ip routing
router ospf
 area 0.0.0.0
 redistribute connected
vlan 10
 ip ospf area 0.0.0.0

You'll have to get the routers to match the OSPF config in your HP (and vice versa) or they won't talk.

0
 

Author Comment

by:paul_rigano
ID: 22804213
I meant they are booting into VLAN 10 :)

Here is my CA Switch config:


Running configuration:

; J8697A Configuration Editor; Created on release #K.13.25

hostname "NW42273PAT0001"
snmp-server contact "HelpDesk"
snmp-server location "PATterson"
module 1 type J8702A
module 2 type J8702A
module 3 type J8705A
module 4 type J8702A
interface B15
   name "SV42273PAT0210"
exit
interface A1
   name "USDEMTPCQCA03R"
   speed-duplex 100-full
   no power-over-ethernet
exit
interface A2
   name "USDEMTPCQCA04R"
   speed-duplex 100-full
   no power-over-ethernet
exit
interface C19
   name "PC42273PAT3220"
exit
interface C20
   name "Avaya G350"
   speed-duplex 100-full
exit
interface D24
   name "Dlink Access Point"
exit
ip routing
snmp-server community "public" Unrestricted
vlan 1
   name "DEFAULT_VLAN"
   untagged A3-A24,B1-B24,C1-C24,D1-D24
   ip address 10.222.82.1 255.255.255.0
   no untagged A1-A2
   exit
vlan 20
   name "Transfer-Network"
   untagged A1-A2
   ip address 10.224.15.114 255.255.255.240
   exit
vlan 10
   name "VoIP-Network"
   qos dscp 101110
   ip helper-address 10.222.82.210
   ip address 10.222.83.1 255.255.255.0
   tagged C1-C20
   voice
   exit
fault-finder bad-driver sensitivity high
fault-finder bad-transceiver sensitivity high
fault-finder bad-cable sensitivity high
fault-finder too-long-cable sensitivity high
fault-finder over-bandwidth sensitivity high
fault-finder broadcast-storm sensitivity high
fault-finder loss-of-link sensitivity high
fault-finder duplex-mismatch-HDx sensitivity high
fault-finder duplex-mismatch-FDx sensitivity high
no ip ssh
ip route 0.0.0.0 0.0.0.0 10.224.15.113
router ospf
   area 0.0.0.1
   no rfc1583-compatibility
   exit
spanning-tree
vlan 20
   ip ospf 10.224.15.114 area 0.0.0.1
   exit
0
 
LVL 10

Accepted Solution

by:
kyleb84 earned 500 total points
ID: 22804232
vlan 10
   name "VoIP-Network"
   qos dscp 101110
   ip helper-address 10.222.82.210
   ip address 10.222.83.1 255.255.255.0
   tagged C1-C20

Your tagging ports C19 and C20.

enter these commands:

config
vlan 10
 untagged C19-C20
end

Plug your PC in and the G350, try ping.

if it works, leave it.

If it doesn't try these commands:

config
vlan 10
 tagged C20
end

This will tag the G350 port, try pinging again.


One of those solutions should work for the PC -> G350 part, next is routing the whole thing :P
0
 
LVL 10

Expert Comment

by:kyleb84
ID: 22804235
Make sure you use the C19 port for the PC, and C20 for the G350
0
 

Author Comment

by:paul_rigano
ID: 22804377
No problem with using the proper ports, Im doing this all remotely from NJ!

OK So now I have untagged C19-C20

vlan 1
   name "DEFAULT_VLAN"
   untagged A3-A24,B1-B24,C1-C18,C21-C24,D1-D24
   ip address 10.222.82.1 255.255.255.0
   no untagged A1-A2,C19-C20
   exit
vlan 20
   name "Transfer-Network"
   untagged A1-A2
   ip address 10.224.15.114 255.255.255.240
   exit
vlan 10
   name "VoIP-Network"
   untagged C19-C20
   qos dscp 101110
   ip helper-address 10.222.82.210
   ip address 10.222.83.1 255.255.255.0
   tagged C1-C18
   voice
   exit

I can now remote desktop to the PC, which I could not do before.
   I can ping all around the network and the 83.1 thru 83.3

I do ping from the router and get:  Cant ping 10.222.83.220, yet it seems to work!

NW42273PAT0001# ping 10.222.83.1
10.222.83.1 is alive, time = 1 ms
NW42273PAT0001# ping 10.222.83.2
10.222.83.2 is alive, time = 1 ms
NW42273PAT0001# ping 10.222.83.3
10.222.83.3 is alive, time = 1 ms
NW42273PAT0001# ping 10.222.83.220
Request timed out.

From my PC here at home (VPN connection to network)  I get:

Microsoft Windows [Version 6.0.6001]
Copyright (c) 2006 Microsoft Corporation.  All rights reser

C:\Users\Paul>ping 10.222.83.1

Pinging 10.222.83.1 with 32 bytes of data:
Reply from 10.222.83.1: bytes=32 time=151ms TTL=60
Pinging 10.222.83.2 with 32 bytes of data:
Reply from 10.222.83.2: bytes=32 time=168ms TTL=59
Pinging 10.222.83.3 with 32 bytes of data:
Reply from 10.222.83.3: bytes=32 time=152ms TTL=59
Pinging 10.222.83.220 with 32 bytes of data:
Request timed out.
0
 
LVL 10

Expert Comment

by:kyleb84
ID: 22806096
"I can now remote desktop to the PC, which I could not do before."
"I do ping from the router and get:  Cant ping 10.222.83.220, yet it seems to work!"

Looks like your PC is blocking pings, maybe remote desktop to it and disable the firewall.

OK, so now we establish routing between the two site for VLAN 10, since you can't touch the Leased Cisco Routers we'll just add static routes....

For CA's HP add:

ip route 192.168.2.0 255.255.255.0 [IP ADDRESS OF THE LOCAL CISCO]

For NJ's HP add:

ip route 10.222.83.0 255.255.255.0 [IP ADDRESS OF THE LOCAL CISCO]


=HOPEFULLY= the Cisco's know about the other end's networks. If you can ping from switch to switch, your done. If not, you'll probably have to request for those routes to be added to the Cisco's as well.

0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 

Author Comment

by:paul_rigano
ID: 22807035
Hey man,

The routes are already there.

I can do a show ip route from the CA Switch since OSPF is enabled there
 192.168.2.0/24     10.224.15.115   20   ospf      External1  101        110
I cant from NJ because OSPF is not going there.

There is nothing else that needs to be done on the NJ Switch?
I think I read that OSPF must be going on the NJ side as well.  I need to make sure that the DSCP=46 thing is working.
0
 
LVL 10

Expert Comment

by:kyleb84
ID: 22807071
OSPF needs to be used on both switches...

Is there VLAN 10 connectivity yet? can you ping the VLAN 10 ip of one switch from the alternate switch?
0
 

Author Comment

by:paul_rigano
ID: 22807310
Yes I can ping each other.

from CA:
NW42273PAT0001# ping 192.168.2.1
192.168.2.1 is alive, time = 150 ms
NW42273PAT0001#

From NJ:
NW42273NVL0020# ping 10.222.83.1
10.222.83.1 is alive, time = 75 ms
NW42273NVL0020#
0
 
LVL 10

Expert Comment

by:kyleb84
ID: 22809194
So what's next? You want to confirm QoS?
0
 

Author Comment

by:paul_rigano
ID: 22809423
yeah, but I dont think that OSPF is setup in Jersey yet.  After I confirm what should I do?
0
 
LVL 10

Expert Comment

by:kyleb84
ID: 22809467
"After I confirm what should I do?"

Is there anything that's not working now?
0
 

Author Comment

by:paul_rigano
ID: 22809486
Dont know the AVAYA G350 is not configured yet.  I am concerned about the DSCP=46 working.  I asked AT&T to put in COS2.  I will set up two PCs on my Monday morning to commence the VOIP testing between the sites.  Hang tight while I gather more information, OK?

0

Featured Post

Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

Join & Write a Comment

I recently purchased a Bluetooth headset called the Music Jogger (model BSH10). The control buttons on it look like this: One of my goals is to use it as the microphone and speakers for Skype calls. In that respect, it works well. However, I …
Skype is a P2P (Peer to Peer) instant messaging and VOIP (Voice over IP) service – as well as a whole lot more.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now