VLAN With 3COM 2426-PWR Switch & Juniper SSG5-Serial Router
I am working a VOIP provider install a replacement VOIP system. I am not familiar with both Juniper Networks routers and 3COM switches as well VLANs. The existing VOIP setup does not use separate VLANs, but has certain ports tagged for VOIP VLAN access. I believe the existing VOIP System, IP phones, and host servers & PCs reside on the 10.1.0.0 subnet. The IP phones use static IPs 10.1.0.200 - 10.1.0.207.
We will be installing a new VOIP system, but this time we will implement separate VLANs (Vlan=1, Vlan=2). VLAN 2 is for all VOIP services. We'll want to still take advantage of the extra port on the IP phones to connect PCs as well. The VOIP installer wants to implement a separate VLAN using 10.2.0.0, but still be able to forward data to VLAN-1 (10.1.0.0) and Internet access. The reason why VLAN-2 needs to acces VLAN-1 is because the VOIP system will need to access an Exchange Server and implement unified messaging.
3Com switch port-24 is connected to the Juniper router. I believe this port is currently setup as Port State: Enabled, PVID: 1, Flow Control: Disabled, Speed: Auto(100), Duplex: Auto(Full). This switch has VLAN-10 established with ports: 2,5-8,19,22-23 as tagged members. IP phones are connected to ports 2,5,6,7,8,19,22,23. I do not know what IP(s) are reserved for the existing VOIP Server.
The Juniper router has bgroup0.1 with Tag-2 10.2.0.1/24, Trust, Layer3.
How do I update both the switch port 24 as a trunk to the router, and setup the router with the correct vlan for VOIP to our mail server 10.1.0.2. PCs connected to the IP phones shouls also be granted access to the 10.1.0.0 network. The VOIP Vlan-2 also needs Internet access so the VOIP installer can access it remotely.
The confusion is the switch appears to have a VLAN-10 setup, and the router has VLAN-2, but I do not think this is all working. I am not sure, that's why I am asking for advice.
I assume both the switch and the router should refer to the same VLAN ID: 2 or 10, and a trunk should be defined on port-24 on the router to allow traffic between the VLANs, etc. There is confusion as to how the router and switch are currently configured.
We will be installing a new VOIP system, but this time we will implement separate VLANs (Vlan=1, Vlan=2). VLAN 2 is for all VOIP services. We'll want to still take advantage of the extra port on the IP phones to connect PCs as well. The VOIP installer wants to implement a separate VLAN using 10.2.0.0, but still be able to forward data to VLAN-1 (10.1.0.0) and Internet access. The reason why VLAN-2 needs to acces VLAN-1 is because the VOIP system will need to access an Exchange Server and implement unified messaging.
3Com switch port-24 is connected to the Juniper router. I believe this port is currently setup as Port State: Enabled, PVID: 1, Flow Control: Disabled, Speed: Auto(100), Duplex: Auto(Full). This switch has VLAN-10 established with ports: 2,5-8,19,22-23 as tagged members. IP phones are connected to ports 2,5,6,7,8,19,22,23. I do not know what IP(s) are reserved for the existing VOIP Server.
The Juniper router has bgroup0.1 with Tag-2 10.2.0.1/24, Trust, Layer3.
How do I update both the switch port 24 as a trunk to the router, and setup the router with the correct vlan for VOIP to our mail server 10.1.0.2. PCs connected to the IP phones shouls also be granted access to the 10.1.0.0 network. The VOIP Vlan-2 also needs Internet access so the VOIP installer can access it remotely.
The confusion is the switch appears to have a VLAN-10 setup, and the router has VLAN-2, but I do not think this is all working. I am not sure, that's why I am asking for advice.
I assume both the switch and the router should refer to the same VLAN ID: 2 or 10, and a trunk should be defined on port-24 on the router to allow traffic between the VLANs, etc. There is confusion as to how the router and switch are currently configured.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
When you have computers on a different subnet that are joined to a domain you have to be very careful with DNS resolution and IP schemes. Newer versions of windows server are much better at handling this, but if you have server 2003 or earlier you must be extra vigilant
ASKER
Sangamc provided all the answers I need. Thank you.
ASKER