Cisco CME Setup

1techtrekker
1techtrekker used Ask the Experts™
on
I'm attempting to configure the Call Manager Express 4.1 on a 2901 router.  I have 2 Cisco IP Phone 7961G's.  My connection to the network backbone is via a Catalyst 3560-X-Series switch hosting the local DHCP and NAT'ing to the network backbone.  My question is concerning VLAN's and DHCP hosting.  Will I have better success with the router hosting the local DHCP and/or will creating a voice-VLAN on the designated ports for the phones back to the dedicated port on the router?
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®

Author

Commented:
This is the router config:

Current configuration : 3918 bytes
!
! Last configuration change at 15:27:09 UTC Wed Apr 11 2012 by router
!
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname router
!
boot-start-marker
boot-end-marker
!
!
logging buffered 51200 warnings
!
no aaa new-model
!
no ipv6 cef
ip source-route
ip cef
!
!
!
!
!
no ip domain lookup
ip domain name yourdomain.com
multilink bundle-name authenticated
!
!
!
!
!
!
!
voice-card 0
!
!
!
voice service voip
 allow-connections sip to sip
 fax protocol t38 version 0 ls-redundancy 0 hs-redundancy 0 fallback none
 sip
  registrar server expires max 1200 min 300
!
!
voice register global
 mode cme
!
!
!
!
license udi pid CISCO2901/K9 sn XXXXXXXXXXXXXXXXX
hw-module pvdm 0/0
!
!
!
!
redundancy
!
!
!
!
!
!
interface Loopback1
 no ip address
!
interface GigabitEthernet0/0
 description $ETH-LAN$$ETH-SW-LAUNCH$$INTF-INFO-GE 0/0$
 ip address XXX.XXX.XXX.XXX 255.0.0.0
 ip nat inside
 ip virtual-reassembly in
 duplex auto
 speed auto
!
interface GigabitEthernet0/1
 description $ES_LAN$
 ip address XXX.XXX.XXX.XXX 255.255.255.0
 ip nat outside
 ip virtual-reassembly in
 duplex auto
 speed auto
!
ip forward-protocol nd
!
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
ip nat inside source static XXX.XXX.XXX.XXX XXX.XXX.XXX.XXX
ip nat outside source static XXX.XXX.XXX.XXX XXX.XXX.XXX.XXX
ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/0
ip route XXX.XXX.XXX.XXX 255.255.255.0 XXX.XXX.XXX.XXX
!
access-list 23 permit XXX.XXX.XXX.XXX 0.0.0.255
access-list 100 permit ip host XXX.XXX.XXX.XXX any
!
!
!
control-plane
!
!
!
!
mgcp profile default
!
!
!
!
!
gatekeeper
 shutdown
!
!
!
line con 0
 login local
line aux 0
line vty 0 4
 access-class 23 in
 exec-timeout 0 0
 privilege level 15
 password XXXXXXXXXXXXXX
 login
 transport input telnet ssh
line vty 5 15
 access-class 23 in
 exec-timeout 0 0
 privilege level 15
 password XXXXXXXXXXXXXXX
 login
 transport input telnet ssh
!
scheduler allocate 20000 1000
end

router#

Author

Commented:
This is the switch config:

Building configuration...

Current configuration : 6307 bytes
!
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname switch
!
boot-start-marker
boot-end-marker
!
enable secret XXXXXXXXXXX
enable password XXXXXXXX
!
!
!
no aaa new-model
clock timezone UTC -5
clock summer-time UTC recurring
system mtu routing 1500
no ip dhcp conflict logging
!
ip dhcp pool voice
   network XXX.XXX.XXX.XXX 255.255.255.248
!
!
no ip domain-lookup
!
!
crypto pki trustpoint TP-self-signed-494936704
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-494936704
 revocation-check none
 rsakeypair TP-self-signed-494936704
!
!
spanning-tree mode pvst
spanning-tree extend system-id
auto qos srnd4
!
!
!
!
vlan internal allocation policy ascending
!
!
!
interface FastEthernet0
 no ip address
 shutdown
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface GigabitEthernet0/3
!
interface GigabitEthernet0/4
!
interface GigabitEthernet0/5
!
interface GigabitEthernet0/6
!
interface GigabitEthernet0/7
!
interface GigabitEthernet0/8
!
interface GigabitEthernet0/9
!
interface GigabitEthernet0/10
!
interface GigabitEthernet0/11
!
interface GigabitEthernet0/12
!
interface GigabitEthernet0/13
 switchport access vlan 10
!
interface GigabitEthernet0/14
 switchport access vlan 10
!
interface GigabitEthernet0/15
 switchport access vlan 10
!
interface GigabitEthernet0/16
 switchport access vlan 10
!
interface GigabitEthernet0/17
 switchport access vlan 10
!
interface GigabitEthernet0/18
 switchport access vlan 10
!
interface GigabitEthernet0/19
 switchport access vlan 10
!
interface GigabitEthernet0/20
 switchport access vlan 10
!
interface GigabitEthernet0/21
 switchport access vlan 10
!
interface GigabitEthernet0/22
 switchport access vlan 10
!
interface GigabitEthernet0/23
 switchport access vlan 10
!
interface GigabitEthernet0/24
 switchport access vlan 10
!
interface GigabitEthernet1/1
!
interface GigabitEthernet1/2
!
interface GigabitEthernet1/3
!
interface GigabitEthernet1/4
!
interface TenGigabitEthernet1/1
!
interface TenGigabitEthernet1/2
!
interface Vlan1
 ip address XXX.XXX.XXX.XXX 255.255.255.0
!
interface Vlan10
 ip address XXX.XXX.XXX.XXX 255.0.0.0
!
interface Vlan20
 no ip address
!
ip http server
ip http secure-server
ip sla enable reaction-alerts
snmp-server community
snmp-server community
snmp-server location XXXXXX
snmp-server contact XXXXXXXXXXX
!
!
line con 0
 exec-timeout 1440 0
line vty 0 4
 exec-timeout 0 0
 password XXXXXXXXXXX
 login
line vty 5 15
 exec-timeout 0 0
 password XXXXXXXXXXX
 login
!
!
monitor session 1 source interface Gi0/12
monitor session 1 destination interface Gi0/23
end

switch#
Your problem is not clear to me.

Will I have better success with the router hosting the local DHCP

I assume the router you mention is higher on the network pyramid, maybe even the CME router, in such case why not just leave the DHCP scope configured in the switch? Are phones not getting IPs at all?

and/or will creating a voice-VLAN on the designated ports for the phones back to the dedicated port on the router?
Not sure what you mean.

It sounds a bit like the phones are not getting DHCP because the broadcast messages are being cut off somewhere.

Besides, the 3560 is missing 2 commands:

ip dhcp pool voice
 network XXX.XXX.XXX.XXX 255.255.255.248
 default-router x.x.x.x
 option 150 ip x.x.x.x
HTML5 and CSS3 Fundamentals

Build a website from the ground up by first learning the fundamentals of HTML5 and CSS3, the two popular programming languages used to present content online. HTML deals with fonts, colors, graphics, and hyperlinks, while CSS describes how HTML elements are to be displayed.

Author

Commented:
The 2901 is actually below the 3650.  The sole purpose for the 2901 is to provide the CME functionality.  The connection to the network backbone is via the 3650 as a layer 3 switch.  There are only 2 handsets on the local network but they do not receive an IP address from the DHCP server.  The default-gateway is the 3650 and the option 150 is pointed back to the 2901 router.
Ok, then the DHCP server needs an ip helper address because the router will stop the discovery broadcast sent by the IP Phones. Sounds like you better push the DHCP scop down to the CME router. In that case, you'll most likely need to configure an SVI:

interface vlan 10
 ip address x.x.x.x x.x.x.x
 no shut

Then configure the DHCP scope

Author

Commented:
I have convienced the project that the network structure needed to be changed and place multiple Vlan's on the network and allow the 2901 to perform the NAT'ing.  Problem solved.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial