Solved

Extreme Summit 250E-48p Voice VLAN Config

Posted on 2014-07-25
2
69 Views
Last Modified: 2016-02-01
Hi all,

Hoping someone can help, I am no expert with Extreme.

We have an Extreme Summit 250E switch with multiple VLAN's setup. These VLAN's all work as expected only they can all talk to one another meaning anyone with some networking knowledge could easily bypass the security.

I believe this behavior is due to the Voice VLAN (ID 100) being tagged on all ports meaning the devices on the individual VLAN's can also access and communicate across VLAN 100. My problem here is that the phone system provides the DHCP addressing for the networks so therefore all devices need to communicate with this network.

Am i right in thinking I only need to tag the port that the phone system is connected to into each VLAN and that having VLAN 100 tagged for all ports is the cause of the issue?

Sorry if that is a bit vague, pickled head at the moment.
0
Comment
Question by:Hallidays
2 Comments
 
LVL 38

Accepted Solution

by:
Aaron Tomosky earned 500 total points
ID: 40220874
I'm also no extreme expert but I know a few things about layer 2 and 3 switching.

I'll assume you have a subnet for each vlan, if not let me know. At l2 a vlan/subnet can go all over the subnet. To leave the subnet/vlan you need a gateway/layer3/router. If the gateway of your workstation knows about the servers vlan, it will allow workstations to talk to the servers.

There are only 3 scenerios:
1. There is no known route, can't talk
2. There is a known route, all can talk
3. There is a known route but you have setup an acl (access control list) that blocks the traffic.

So it's probably not that vlan100 is on all ports, it's probably that your gateway has all the vlans setup and doesn't have any acl stopping traffic. Try a tracert and see what hops are involved and you will see for sure.
0
 
LVL 1

Author Comment

by:Hallidays
ID: 40255275
Sorry for not replying, i didn't know anything had been written. Thanks for the advice, i will take a look.
0

Featured Post

Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

Join & Write a Comment

Suggested Solutions

I see many questions here on Experts Exchange regarding switch port configurations and trunks. This article is meant for beginners in the subject to help to get basic knowledge about Virtual Local Area Network (VLAN (http://en.wikipedia.org/wiki/Vir…
This tutorial will go through the steps required to write a script that will back up the configuration settings of a HP-ProCurve switch. You will need to get the following things to follow this tutorial: Telnet Scripting Tool e.g. TST10.exe …
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now