asked on
VOIP VLAN on Cascaded SG300-xx Switches
I'm adding VOIP on an existing site that uses either Cisco SRW20xx or SG300-xx switches. I'd like you to comment on my plan for doing this:
The VOIP will be coming in from the internet on it's own connection / firewall and will be using a separate local area subnet.
It will generally be distributed through all the switches unless there's no phone at all, just computers or network devices.
There is a central LAN switch that feeds into other switches in cascade. I will refer to this as the TOP switch here.
My plan for the downstream switches is this:
Assign VOIP VLAN 100 to all the switch ports along with the Default VLAN 1.
Trunk all the switch ports.
Tag VOIP VLAN 100.
My plan for the TOP switch is this (there being only Default VLAN 1 and VOIP VLAN 100):
Trunk all the switch ports that feed downstream switches.
Trunk any switch ports that directly feed a VOIP phone.
Leave any other ports on Default VLAN 1 in Access Mode.
Assign VOIP VLAN 100 to a single switch port that goes to the firewall.
Make this a General Mode port joined to VOIP VLAN 100.
Manually tag this port <<< is that right?
![Internet Port Setting / Tagged]()
The VOIP firewall won't have any VLANs set up, just a generic LAN.
Since I've never done this before, I'm a bit unclear as to whether the VOIP firewall port needs to be tagged or not BUT the port sure needs to be part of the VOIP VLAN 100 ONLY with no interVLAN routing / connection. I want the traffic on the two VLANs to be completely separate so it looks like this:
Main Firewall > TOP LAN Switch > Computers, etc. using Default VLAN 1
VOIP Firewall> TOP LAN Switch<>Trunked Ports<> Phones using VOIP VLAN 100 and related computers using Default VLAN 1.
Does this look OK or are there suggestions / cautions?
The VOIP will be coming in from the internet on it's own connection / firewall and will be using a separate local area subnet.
It will generally be distributed through all the switches unless there's no phone at all, just computers or network devices.
There is a central LAN switch that feeds into other switches in cascade. I will refer to this as the TOP switch here.
My plan for the downstream switches is this:
Assign VOIP VLAN 100 to all the switch ports along with the Default VLAN 1.
Trunk all the switch ports.
Tag VOIP VLAN 100.
My plan for the TOP switch is this (there being only Default VLAN 1 and VOIP VLAN 100):
Trunk all the switch ports that feed downstream switches.
Trunk any switch ports that directly feed a VOIP phone.
Leave any other ports on Default VLAN 1 in Access Mode.
Assign VOIP VLAN 100 to a single switch port that goes to the firewall.
Make this a General Mode port joined to VOIP VLAN 100.
Manually tag this port <<< is that right?
The VOIP firewall won't have any VLANs set up, just a generic LAN.Since I've never done this before, I'm a bit unclear as to whether the VOIP firewall port needs to be tagged or not BUT the port sure needs to be part of the VOIP VLAN 100 ONLY with no interVLAN routing / connection. I want the traffic on the two VLANs to be completely separate so it looks like this:
Main Firewall > TOP LAN Switch > Computers, etc. using Default VLAN 1
VOIP Firewall> TOP LAN Switch<>Trunked Ports<> Phones using VOIP VLAN 100 and related computers using Default VLAN 1.
Does this look OK or are there suggestions / cautions?
CiscoNetworkingVoice Over IP
Last Comment
Aaron Tomosky