JesusFreak42
asked on
CIsco 3560 with Polycom vvx 400
Hello,
We have setup a Cisco 3560 on our VoIP network which also plugs into an Edgemarc 4550. Everything is defaulting to VLAN 1, which is fine (running config below). Our Polycom Soundpoint 331's are working fine. They get a DHCP address, pickup the provisioning server url from DHCP as well, and register with the SIP server. However, the VVX 400's will not communicate AT ALL on the network. They will not get a DHCP address, and if set statically, they cannot be logged into, or even pinged. We have reset the VVX's to factory default and started from scratch several times, with no luck. What are we missing here?
We have setup a Cisco 3560 on our VoIP network which also plugs into an Edgemarc 4550. Everything is defaulting to VLAN 1, which is fine (running config below). Our Polycom Soundpoint 331's are working fine. They get a DHCP address, pickup the provisioning server url from DHCP as well, and register with the SIP server. However, the VVX 400's will not communicate AT ALL on the network. They will not get a DHCP address, and if set statically, they cannot be logged into, or even pinged. We have reset the VVX's to factory default and started from scratch several times, with no luck. What are we missing here?
!
no aaa new-model
clock timezone UTC -5
clock summer-time UTC recurring
system mtu routing 1500
!
!
!
!
!
auto qos srnd4
!
!
!
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
!
!
interface FastEthernet0/1
switchport mode access
switchport voice vlan 1
switchport port-security maximum 2
switchport port-security
switchport port-security aging time 2
switchport port-security violation restrict
switchport port-security aging type inactivity
mls qos trust dscp
auto qos voip cisco-phone
macro description cisco-phone
spanning-tree portfast
spanning-tree bpduguard enable
!
interface FastEthernet0/2
switchport mode access
switchport voice vlan 1
--More-- switchport port-security maximum 2
switchport port-security
switchport port-security aging time 2
switchport port-security violation restrict
switchport port-security aging type inactivity
auto qos voip cisco-phone
macro description cisco-phone
spanning-tree portfast
spanning-tree bpduguard enable
!
interface FastEthernet0/3
switchport mode access
switchport voice vlan 1
switchport port-security maximum 2
switchport port-security
switchport port-security aging time 2
switchport port-security violation restrict
switchport port-security aging type inactivity
auto qos voip cisco-phone
macro description cisco-phone
spanning-tree portfast
spanning-tree bpduguard enable
!
interface FastEthernet0/4
switchport mode access
switchport voice vlan 1
switchport port-security maximum 2
switchport port-security
switchport port-security aging time 2
switchport port-security violation restrict
switchport port-security aging type inactivity
auto qos voip cisco-phone
macro description cisco-phone
spanning-tree portfast
spanning-tree bpduguard enable
!
interface FastEthernet0/5
switchport mode access
switchport voice vlan 1
switchport port-security maximum 2
switchport port-security
switchport port-security aging time 2
switchport port-security violation restrict
switchport port-security aging type inactivity
auto qos voip cisco-phone
macro description cisco-phone
spanning-tree portfast
spanning-tree bpduguard enable
!
interface FastEthernet0/6
switchport mode access
switchport voice vlan 1
switchport port-security maximum 2
switchport port-security
switchport port-security aging time 2
switchport port-security violation restrict
switchport port-security aging type inactivity
auto qos voip cisco-phone
macro description cisco-phone
--More-- spanning-tree portfast
spanning-tree bpduguard enable
!
interface FastEthernet0/7
switchport mode access
switchport voice vlan 1
switchport port-security maximum 2
switchport port-security
switchport port-security aging time 2
switchport port-security violation restrict
switchport port-security aging type inactivity
auto qos voip cisco-phone
macro description cisco-phone
spanning-tree portfast
spanning-tree bpduguard enable
!
interface FastEthernet0/8
switchport mode access
switchport voice vlan 1
switchport port-security maximum 2
switchport port-security
switchport port-security aging time 2
switchport port-security violation restrict
switchport port-security aging type inactivity
auto qos voip cisco-phone
macro description cisco-phone
spanning-tree portfast
spanning-tree bpduguard enable
!
interface FastEthernet0/9
switchport mode access
switchport voice vlan 1
switchport port-security maximum 2
switchport port-security
switchport port-security aging time 2
switchport port-security violation restrict
switchport port-security aging type inactivity
auto qos voip cisco-phone
macro description cisco-phone
spanning-tree portfast
spanning-tree bpduguard enable
!
interface FastEthernet0/10
switchport mode access
switchport voice vlan 1
switchport port-security maximum 2
switchport port-security
switchport port-security aging time 2
switchport port-security violation restrict
switchport port-security aging type inactivity
auto qos voip cisco-phone
macro description cisco-phone
spanning-tree portfast
spanning-tree bpduguard enable
!
interface FastEthernet0/11
switchport mode access
switchport voice vlan 1
switchport port-security maximum 2
--More-- switchport port-security
switchport port-security aging time 2
switchport port-security violation restrict
switchport port-security aging type inactivity
auto qos voip cisco-phone
macro description cisco-phone
spanning-tree portfast
spanning-tree bpduguard enable
!
interface FastEthernet0/12
switchport mode access
switchport voice vlan 1
switchport port-security maximum 2
switchport port-security
switchport port-security aging time 2
switchport port-security violation restrict
switchport port-security aging type inactivity
auto qos voip cisco-phone
macro description cisco-phone
spanning-tree portfast
spanning-tree bpduguard enable
!
interface FastEthernet0/13
switchport mode access
switchport voice vlan 1
switchport port-security maximum 2
switchport port-security
switchport port-security aging time 2
switchport port-security violation restrict
switchport port-security aging type inactivity
auto qos voip cisco-phone
macro description cisco-phone
spanning-tree portfast
spanning-tree bpduguard enable
!
interface FastEthernet0/14
switchport mode access
switchport voice vlan 1
switchport port-security maximum 2
switchport port-security
switchport port-security aging time 2
switchport port-security violation restrict
switchport port-security aging type inactivity
auto qos voip cisco-phone
macro description cisco-phone
spanning-tree portfast
spanning-tree bpduguard enable
!
interface FastEthernet0/15
switchport mode access
switchport voice vlan 1
switchport port-security maximum 2
switchport port-security
switchport port-security aging time 2
switchport port-security violation restrict
switchport port-security aging type inactivity
auto qos voip cisco-phone
macro description cisco-phone
spanning-tree portfast
--More-- spanning-tree bpduguard enable
!
interface FastEthernet0/16
switchport mode access
switchport voice vlan 1
switchport port-security maximum 2
switchport port-security
switchport port-security aging time 2
switchport port-security violation restrict
switchport port-security aging type inactivity
auto qos voip cisco-phone
macro description cisco-phone
spanning-tree portfast
spanning-tree bpduguard enable
!
interface FastEthernet0/17
switchport mode access
switchport voice vlan 1
switchport port-security maximum 2
switchport port-security
switchport port-security aging time 2
switchport port-security violation restrict
switchport port-security aging type inactivity
auto qos voip cisco-phone
macro description cisco-phone
spanning-tree portfast
spanning-tree bpduguard enable
!
interface FastEthernet0/18
switchport mode access
switchport voice vlan 1
switchport port-security maximum 2
switchport port-security
switchport port-security aging time 2
switchport port-security violation restrict
switchport port-security aging type inactivity
auto qos voip cisco-phone
macro description cisco-phone
spanning-tree portfast
spanning-tree bpduguard enable
!
interface FastEthernet0/19
switchport mode access
switchport voice vlan 1
switchport port-security maximum 2
switchport port-security
switchport port-security aging time 2
switchport port-security violation restrict
switchport port-security aging type inactivity
mls qos trust dscp
auto qos voip cisco-phone
macro description cisco-phone
spanning-tree portfast
spanning-tree bpduguard enable
!
interface FastEthernet0/20
switchport mode access
switchport voice vlan 1
switchport port-security maximum 2
--More-- switchport port-security
switchport port-security aging time 2
switchport port-security violation restrict
switchport port-security aging type inactivity
auto qos voip cisco-phone
macro description cisco-phone
spanning-tree portfast
spanning-tree bpduguard enable
!
interface FastEthernet0/21
switchport mode access
switchport voice vlan 1
switchport port-security maximum 2
switchport port-security
switchport port-security aging time 2
switchport port-security violation restrict
switchport port-security aging type inactivity
auto qos voip cisco-phone
macro description cisco-phone
spanning-tree portfast
spanning-tree bpduguard enable
!
interface FastEthernet0/22
switchport mode access
switchport voice vlan 1
switchport port-security maximum 2
switchport port-security
switchport port-security aging time 2
switchport port-security violation restrict
switchport port-security aging type inactivity
auto qos voip cisco-phone
macro description cisco-phone
spanning-tree portfast
spanning-tree bpduguard enable
!
interface FastEthernet0/23
switchport mode access
switchport voice vlan 1
switchport port-security maximum 2
switchport port-security
switchport port-security aging time 2
switchport port-security violation restrict
switchport port-security aging type inactivity
auto qos voip cisco-phone
macro description cisco-phone
spanning-tree portfast
spanning-tree bpduguard enable
!
interface FastEthernet0/24
switchport mode access
switchport voice vlan 1
switchport port-security maximum 2
switchport port-security
switchport port-security aging time 2
switchport port-security violation restrict
switchport port-security aging type inactivity
auto qos voip cisco-phone
macro description cisco-phone
spanning-tree portfast
--More-- spanning-tree bpduguard enable
!
interface GigabitEthernet0/1
switchport mode access
switchport voice vlan 1
switchport port-security maximum 2
switchport port-security
switchport port-security aging time 2
switchport port-security violation restrict
switchport port-security aging type inactivity
auto qos voip cisco-phone
macro description cisco-phone
spanning-tree portfast
spanning-tree bpduguard enable
!
interface GigabitEthernet0/2
switchport mode access
switchport voice vlan 1
switchport port-security maximum 2
switchport port-security
switchport port-security aging time 2
switchport port-security violation restrict
switchport port-security aging type inactivity
auto qos voip cisco-phone
macro description cisco-phone
spanning-tree portfast
spanning-tree bpduguard enable
!
interface Vlan1
ip address 192.168.1.250 255.255.255.0
!
ip default-gateway 192.168.1.1
ip classless
ip http server
ip http secure-server
!
!
!
end
ASKER
All ports are up, and we have tried multiple ports.
Do you see phone mac addresses on the switch?
sh mac address-table | i xxxx.xxxx.xxxx
sh mac address-table | i xxxx.xxxx.xxxx
One configuration detail - you need to configure trust on all ports, otherwise switch do not trust dscp/cos markings coming from phones and will overwrite it.
It is also recommended to keep voice and other devices in separate VLANs.
And now to main problem.
Most of voice devices need specific settings on interface.
Plug device in interface and check link by issuing
# show interface fa0/x
if status on interface is notconnected change speed and duplex settings on port until you get
Port Name Status Vlan Duplex Speed Type
Fa0/x connected 1 xxx xxxx xxxxxx
there is no use of connecting VOICE device to Gig port.
To configure speed and duplex issue:
interface Fa0/x
speed <value> <--- 10 or 100
duplex <value> <--- half or full
Configure one, test it - if status is notconnected - try other settings ...
It is also recommended to keep voice and other devices in separate VLANs.
And now to main problem.
Most of voice devices need specific settings on interface.
Plug device in interface and check link by issuing
# show interface fa0/x
if status on interface is notconnected change speed and duplex settings on port until you get
Port Name Status Vlan Duplex Speed Type
Fa0/x connected 1 xxx xxxx xxxxxx
there is no use of connecting VOICE device to Gig port.
To configure speed and duplex issue:
interface Fa0/x
speed <value> <--- 10 or 100
duplex <value> <--- half or full
Configure one, test it - if status is notconnected - try other settings ...
ASKER
It is not in the mac address table.
ASKER
Predrag,
A couple of things:
1) This switch is for voice traffic ONLY. There will be no Data traffic plugged into this switch. There is another switch that is for Data Only. The Data only VLAN (50) has a designated port on the Edgemarc, This switch (VLAN 1) has a designated port on the Edgemarc as well. SO there is no need to worry about separating them out on the switch.
2) What do we need to do to configure trust?
A couple of things:
1) This switch is for voice traffic ONLY. There will be no Data traffic plugged into this switch. There is another switch that is for Data Only. The Data only VLAN (50) has a designated port on the Edgemarc, This switch (VLAN 1) has a designated port on the Edgemarc as well. SO there is no need to worry about separating them out on the switch.
2) What do we need to do to configure trust?
Did you plug the cable in ethernet or daisy chain port on the phone?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Sim,
The phone is the only thing plugged into the Ethernet port. We have also tried other ports as well as plugging directly into the switch.
The phone is the only thing plugged into the Ethernet port. We have also tried other ports as well as plugging directly into the switch.
I was talking about the phone. Is the cable on the phone plugged into the correct port? There are two ports on the back of phone, one is ethernet and other is for daisy chaining.
ASKER
Sim, Yes, it is plugged into the right port.
ASKER
Predrag,
I will make all those changes in a little bit. Quick question though, would the lack of the QOS trust setting interfere with basic networking protocols like DHCP? In other words, is this going to help the actual issue, or is it just best practice.
I will make all those changes in a little bit. Quick question though, would the lack of the QOS trust setting interfere with basic networking protocols like DHCP? In other words, is this going to help the actual issue, or is it just best practice.
No. It will be just better QoS configuration.
For DHCP server you can try to issue command (depending on device) you can configure to find next server in the boot process of a DHCP client. Or you need to add more options for DHCP server (like PXE boot - so phones can find configuration there etc).
If DHCP device is Cisco router (and more than one DHCP server is there) so you can point phones to another DHCP server...
# ip dhcp pool X
# next-server x.x.x.x y.y.y.y <--- two servers y.y.y.y is not subnet mask
If you don't have Cisco phones - this command will make you a lot of troubles. :
auto qos voip cisco-phone
and you have it configured there
For DHCP server you can try to issue command (depending on device) you can configure to find next server in the boot process of a DHCP client. Or you need to add more options for DHCP server (like PXE boot - so phones can find configuration there etc).
If DHCP device is Cisco router (and more than one DHCP server is there) so you can point phones to another DHCP server...
# ip dhcp pool X
# next-server x.x.x.x y.y.y.y <--- two servers y.y.y.y is not subnet mask
If you don't have Cisco phones - this command will make you a lot of troubles. :
auto qos voip cisco-phone
and you have it configured there
Can you please post sh int fa0/x with the phone connected?
ASKER
I'll post that in a few Sim.
The weird thing is, even when I put a static IP in I still cannot ping the phone.
The weird thing is, even when I put a static IP in I still cannot ping the phone.
# auto qos voip cisco-phone
is checking if Cisco phone is attached (by using CDP)... if it is not nothing should work, it is built in security portion of the command...
is checking if Cisco phone is attached (by using CDP)... if it is not nothing should work, it is built in security portion of the command...
ASKER
There seems to be some incompatibility with this phone and switch.
It is very unlikely. Most likely you need to configure it in that case as "old school" like regular trunk port, so traffic for phone is tagged traffic.
ASKER
Tried that. Reset the config on the switch to being "dumb". Took out VLANS and everything. Same thing. ALl other phones work that we use (Aastras, other Polycoms, and Yealink). The all work through a different switch with the same setup.
Here is Cisco manual for 6500 switch, but basics should be the same - Configuring Catalyst Switches for Polycom Conference Phones
Also try article - VoIP QoS on Cisco 3560 Switches with Polycom and Cisco IP Phones
There is always possibility that there is a problem, and from what you wrote above you are not easy quitter. Maybe it is a dead end. :(
Also try article - VoIP QoS on Cisco 3560 Switches with Polycom and Cisco IP Phones
There is always possibility that there is a problem, and from what you wrote above you are not easy quitter. Maybe it is a dead end. :(
ASKER
Yeah. I've spent HOURS on this. When every SIP phone works EXCEPT this model, with multiple configurations and factory default configs, it's the only answer I've got left.
Are all ports up? not err-disabled?