Rainverse
asked on
Configure Cisco 3560E and 7945G for seperate VoIP and PC VLAN's
I'm trying to configure a 3560E with three VLANs (voice, data, management) with the voice and data riding one cable into the phone.
Everything is configured upstream for the phone and PC to work. If I set a port in pure access mode for either one they work fine, but as soon as I try to trunk both VLANs to the phone, the PC will no longer work. If I set the port mode to trunk, the phone works... if I set it to access, the PC works... but I can't get both of them on at the same time.
My config is:
--------------------------
Current configuration : 3165
!
version 12.2
no service pad
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname 3560e
!
enable secret xxxx
!
no aaa new-model
!
system mtu routing 1500
!
vtp mode transparent
!
ip subnet-zero
!
ip routing
!
!
!
!
no file verify auto
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
vlan 1234
name PCs
!
vlan 1999
name VoIP
!
vlan 2400
name mgmt
!
!
interface FastEthernet0
no ip address
!
interface GigabitEthernet0/1
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1234,1999,2400
switchport mode trunk
!
interface GigabitEthernet0/2
!
interface GigabitEthernet0/3
!
interface GigabitEthernet0/4
switchport access vlan 1234
switchport trunk encapsulation dot1q
switchport trunk native vlan 1999
switchport mode {tried both trunk and access here}
switchport voice vlan 1999
mls qos trust device cisco-phone
mls qos trust cos
macro description cisco-phone
auto qos voip cisco-phone
spanning-tree portfast
spanning-tree bpduguard enable
!
------------------
no other ports configured
------------------
interface Vlan1
no ip address
!
interface Vlan1234
ip address xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx
!
interface Vlan1999
ip address xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx
ip helper-address xxx.xxx.xxx.xxx
!
interface Vlan2400
ip address xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx
!
ip classless
ip route 0.0.0.0 0.0.0.0 xxx.xxx.xxx.xxx
ip http server
!
!
!
control-plane
!
!
line con 0
logging syncronous
line vty 0 4
password xxxx
login
length 0
line vty 5 15
password xxxx
login
length 0
!
end
--------------------------
Any help would be greatly appreciated. Is there anything on the phone that has to be manually setup to pass the data VLAN to the PC?
Everything is configured upstream for the phone and PC to work. If I set a port in pure access mode for either one they work fine, but as soon as I try to trunk both VLANs to the phone, the PC will no longer work. If I set the port mode to trunk, the phone works... if I set it to access, the PC works... but I can't get both of them on at the same time.
My config is:
--------------------------
Current configuration : 3165
!
version 12.2
no service pad
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname 3560e
!
enable secret xxxx
!
no aaa new-model
!
system mtu routing 1500
!
vtp mode transparent
!
ip subnet-zero
!
ip routing
!
!
!
!
no file verify auto
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
vlan 1234
name PCs
!
vlan 1999
name VoIP
!
vlan 2400
name mgmt
!
!
interface FastEthernet0
no ip address
!
interface GigabitEthernet0/1
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1234,1999,2400
switchport mode trunk
!
interface GigabitEthernet0/2
!
interface GigabitEthernet0/3
!
interface GigabitEthernet0/4
switchport access vlan 1234
switchport trunk encapsulation dot1q
switchport trunk native vlan 1999
switchport mode {tried both trunk and access here}
switchport voice vlan 1999
mls qos trust device cisco-phone
mls qos trust cos
macro description cisco-phone
auto qos voip cisco-phone
spanning-tree portfast
spanning-tree bpduguard enable
!
------------------
no other ports configured
------------------
interface Vlan1
no ip address
!
interface Vlan1234
ip address xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx
!
interface Vlan1999
ip address xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx
ip helper-address xxx.xxx.xxx.xxx
!
interface Vlan2400
ip address xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx
!
ip classless
ip route 0.0.0.0 0.0.0.0 xxx.xxx.xxx.xxx
ip http server
!
!
!
control-plane
!
!
line con 0
logging syncronous
line vty 0 4
password xxxx
login
length 0
line vty 5 15
password xxxx
login
length 0
!
end
--------------------------
Any help would be greatly appreciated. Is there anything on the phone that has to be manually setup to pass the data VLAN to the PC?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Did you have your DHCP server to setup correctly for the phone to reach communication manager?
ASKER
GuruChiu,
Yes. If the port is in access mode for the phone VLAN, the phone works perfectly.
Yes. If the port is in access mode for the phone VLAN, the phone works perfectly.
try this:
interface GigabitEthernet0/4
no switchport trunk encapsulation dot1q
no switchport trunk native vlan 1999
switchport mode auto
If it still doesn't work, pls post the output of:
sh cdp nei
sh int g0/4 trunk
interface GigabitEthernet0/4
no switchport trunk encapsulation dot1q
no switchport trunk native vlan 1999
switchport mode auto
If it still doesn't work, pls post the output of:
sh cdp nei
sh int g0/4 trunk
I mean you need to have option 150 setup at the DHCP ser ver for BOTH vlan 1234 & 1999. When the phone first connected, it is connected to the native VLAN 1234 where it get the DHCP configuration. Some user only configure optin 150 at the voice VLAN and it won't work.
ASKER
Still no joy. PC is working, phone is not. Output is:
---------------------
sh cdp nei:
Device ID Local Intrfce Holdtme Capability Platform Port ID
sw1 Gig 0/1 170 S I WS-C2960G Gig 0/2
sw1 Gig 0/1 140 S I WS-C2960G Gig 0/1
sh int gi0/4 tru:
Port Mode Encapsulation Status Native vlan
Gi0/4 auto negotiate not-trunking 1
Port Vlans allowed on trunk
Gi0/4 1234,1999
Port Vlans allowed and active in management domain
Gi0/4 1234,1999
Port Vlans in spanning tree forwarding state and not pruned
Gi0/4 1234,1999
-------------------------
sw1 is showing twice on CDP because of an LACP link to the core.
---------------------
sh cdp nei:
Device ID Local Intrfce Holdtme Capability Platform Port ID
sw1 Gig 0/1 170 S I WS-C2960G Gig 0/2
sw1 Gig 0/1 140 S I WS-C2960G Gig 0/1
sh int gi0/4 tru:
Port Mode Encapsulation Status Native vlan
Gi0/4 auto negotiate not-trunking 1
Port Vlans allowed on trunk
Gi0/4 1234,1999
Port Vlans allowed and active in management domain
Gi0/4 1234,1999
Port Vlans in spanning tree forwarding state and not pruned
Gi0/4 1234,1999
-------------------------
sw1 is showing twice on CDP because of an LACP link to the core.
ASKER
DHCP is only for voice vlan.
PC is static IP'd
There's no need for option 150 on 1234 then, right?
PC is static IP'd
There's no need for option 150 on 1234 then, right?
Without DHCP to give option 150 on 1234, the phone is not able to get communication manager parameters. This is why it is not working.
try this
default interface GigabitEthernet0/4
interface GigabitEthernet0/4
sw acc v 1234
sw voic vl 1999
DONT play with the port mode.
and make sure that the phone has default settings for PC Port.
Hussam
default interface GigabitEthernet0/4
interface GigabitEthernet0/4
sw acc v 1234
sw voic vl 1999
DONT play with the port mode.
and make sure that the phone has default settings for PC Port.
Hussam
hus1984 is correct. That is all you need on the switch.
interface GigabitEthernet0/4
sw acc v 1234 (sets the vlan for the PC)
sw voic vl 1999 (sets the vlan for the phone)
Make sure you have your phone plugged into the data jack on the phone's port 10/100 sw. Then plug the PC into the other 10/100 port. You will also need to set option 150 for DHCP for the phones. Option 150 assigns a TFTP server. The phone needs to know the TFTP ip address in order to go through the process of connecting.
interface GigabitEthernet0/4
sw acc v 1234 (sets the vlan for the PC)
sw voic vl 1999 (sets the vlan for the phone)
Make sure you have your phone plugged into the data jack on the phone's port 10/100 sw. Then plug the PC into the other 10/100 port. You will also need to set option 150 for DHCP for the phones. Option 150 assigns a TFTP server. The phone needs to know the TFTP ip address in order to go through the process of connecting.
ASKER
I'm not exactly sure what I'm supposed to have the DHCP Admin set option 150 to...
I control my local network. It is static IP'd and running on VLAN 1234. There is no DHCP server on my network. 1999 is the VoIP VLAN, and has a helper-address that points to the DCHP server for the phones (which resides outside my network). Routing is all properly configured. If Gi0/4 is set to access 1999 the phone contacts the DHCP and TFTP server fine.
My current port config (after everyone's help and suggestions yesterday) is this:
--------------------------
interface GigabitEthernet0/4
switchport access vlan 1234
switchport voice vlan 1999
mls qos trust device cisco-phone
mls qos trust cos
macro description cisco-phone
auto qos voip cisco-phone
spanning-tree portfast
spanning-tree bpduguard enable
--------------------------
I also added the helper address to VLAN 1234's interface.
I control my local network. It is static IP'd and running on VLAN 1234. There is no DHCP server on my network. 1999 is the VoIP VLAN, and has a helper-address that points to the DCHP server for the phones (which resides outside my network). Routing is all properly configured. If Gi0/4 is set to access 1999 the phone contacts the DHCP and TFTP server fine.
My current port config (after everyone's help and suggestions yesterday) is this:
--------------------------
interface GigabitEthernet0/4
switchport access vlan 1234
switchport voice vlan 1999
mls qos trust device cisco-phone
mls qos trust cos
macro description cisco-phone
auto qos voip cisco-phone
spanning-tree portfast
spanning-tree bpduguard enable
--------------------------
I also added the helper address to VLAN 1234's interface.
with it setup this way, can you check the network settings of the phone itself to make sure it is even getting an IP Address. Check the following fields.....Option 150 would point to the CM server that is running TFTP.
ip address
Subnet Mask
DG
TFTP Server
Call Manager
If all the fields are populated as expected then you know it is at least reaching the DHCP server.
Do you have any phones working (on other switches) or is this a new setup? Also, I have assumed you are working with a Cisco Call Manager for the phone server. Is that correct?
ip address
Subnet Mask
DG
TFTP Server
Call Manager
If all the fields are populated as expected then you know it is at least reaching the DHCP server.
Do you have any phones working (on other switches) or is this a new setup? Also, I have assumed you are working with a Cisco Call Manager for the phone server. Is that correct?
the helper address should be for vlan 1999 not 1234 because you said that the dhcp is for voice vlan only which is 1999 not 1234.
after the configuration that i gave what happened what was the result.
also the phone should have admin vlan 1999 if you have CDP enabled if not enable the cdp for this interface.
Hussam
after the configuration that i gave what happened what was the result.
also the phone should have admin vlan 1999 if you have CDP enabled if not enable the cdp for this interface.
Hussam
ASKER
Thank you for the quick response!
I changed the mode to trunk, and changed the native vlan to 1234... now the PC works, but the phone does not.