Cisco :: Switchport Voice Vlan Command Not Putting Port In VLAN?
Feb 2, 2011
I have set up 2 DHCP pools and 2 VLANs (1 *the native* for data / 1 VLAN for voice). When I use the command "switchport voice vlan 20" the port disapear from the show vlan brief list. When I use the "switchport access vlan 20" it shows up in the show vlan brief in the correct VLAN and gives the phone an IP. I assume that using the access instead of the voice is wrong and the phones would not configure correctly. But when I use the access the phone goes to the next step and tells me the TFTP files are not found. Why does the port disapear from the VLAN list?
Any way to test in a lab what would happen if a tech mistakingly added "switchport voice vlan XX" to a trunk port? I am try to do some RCA on an issue and this has been identified as a possible cause by one of my techs.
The config is Switch1------Switch2--------Switch3 Each interswitch connection is configured as a dot1q trunk with all vlans allowed. The link between switch2 and 3 is where switchport voice vlan 10 was added. Switch1 is a 3750 and 2/3 are 3560's.
We are trying to config vlan 10 for data and vlan 20 for voice on the same port - port 1 of swtich SF300-24P to run both data and voice on different vlans.Do I have to add vlan 10 as an untagged vlan to port 1 and add vlan 20 as an tagged vlan to port 1?If I do not want to assign the native vlan 1 to port 1, how can I remove it ? The GUI page - assign VLAN to port does not allow to remove it.Aslo, what mode shall I set up on port 1? General, trunk or access ?
For many years we've had the following vlan and port security config on our 3560s: [code] This has worked great on 12.2(37)SE1, 12.2(40)SE and 12.2(46)SE. However since 12.2(50)SE, and I've tried all the versions since then, we have a problem with 7900 phones and ATA186s taking upwards of 20 minutes before they can get a valid IP number.The problem on the newer IOSes seems to be related to the inactivity aging.On the older IOS versions the mac address of the voice device appears on the voice vlan straight away.
On the newer IOS versions the mac address of the voice device appears on the DATA vlan and seems to be stuck there until the inactivity aging removes it. It then gets re-learned, sometimes on the voice vlan, and sometimes on the data vlan. If you're unlucky and it gets re-learned on the data vlan you've got to wait until the inactivity time ages the address out again. Repeat until the mac address eventually gets learned on the voice vlan. I don't want to be stuck on 12.2(46)SE forever.
I have a Cisco 2901 with the 4port gigabit ethernet switch module that I'm trying to get configured to have a seperate subnet for each port. So far I have it set up so each subnet is a vlan, then on each port I use the switchport access vlan command to tell it which subnet I want that port to be on. However, there is one port that I need to have 2 subnets on. The way I found to do that was to use switchport trunking on that port, but it doesn't seem to be working properly. how they would configure this? Right now I have vlan 101 as x.x.x.17/28 and vlan 103 as x.x.x.53/30. I think where I'm getting hung up is the proper association between the physical port and the vlan subnets.
One is the default GW 10.1.1.13 One is Jump Router for ATT 10.1.1.12 Both connected to HP Procurve L2 switch
The ATT Router is 10.1.1.2Want to replace GW and Jump with one 3750 L3 switch.icomplish this with only one port g0/1 connected to HP Procurve?Can I make the switchport 10.1.1.13 and then create a ip vlan999 10.1.1.12?route all to 10.1.1.2Or do I just connect two ports, and hardcode them with an ip?
Im trying to follow along documentation i see via train single videos and some online resources. I am trying to enable port security.I have a Catalyst 3546 XL when i type in "rtr1# switchport ?""port-security" is not only of the options to choose from. I have already set this as an access port.
I have this Cisco Switch: SRW2048-K9-NA. When I log into the Web GUI, I am provided the two options mentioned above for VLAN Management. I have fiddled with the two options and they seem identical to me. Is there really a difference, maybe better flexibility?
I'm planning to separate voice and data traffic with two vlans. I have a COR switch catalyst 3750, a UC560 for VOIP with SIP trunk and SGE2000P as access switches. The thing is i had configured VLAN1 (data vlan) and VLAN8 (voice vlan), i've created the vlan 8 in the database on 3750 and let pass those vlans through a TRUNK port. In the SGE2000P configuration i've created the VLAN8 and the the ports as trunk for letting pass the two vlans for the PC and the IP phone. This works but some phones aren't registering, and for example i've unplugged a register phone and plug and doesn't registering anymore.
We are about to install a new VoIP system (Allworx, which I did not select) and need to set up a new VLAN with QOS quickly for my SG 300 and SG 200 switches. I have the default VLAN1 at 10.0.0.0/24 and will be setting up VLAN10 at 10.1.0.0/24 for voice. There are a few other VLANS on the switches as well. I really don’t get the particulars of using a Voice VLAN vs. Smartport, but is one better than the other for this and what would be some good default settings to start with. I have command line and VLAN experience; I just haven’t set up a VLAN for voice from scratch.
I am having a problem with 6941 phones on a SG300.When connected Smartport assignes the native and tagged voice vlan correctly, however the phone connects to the native vlan. After running a few tests I have found it only happens when the voice vlan is also the default vlan, though this has only been tested with the default left as VL1.I can get to the phone on the native vlan, it picks up an address via dhcp, and the Operational VLAN ID is shown as 4095.Manually configuring the port as a trunk with the native and tagged voice vlans gives the same result.CDP properties for the ports show the voice vlan as correctly advertised.This happens on multiple phones/ports.The 7962 phones on the same switch work as expected.If I set the voice vlan to be something other than the default vlan 1, a vlan with dhcp available, the phone uses the configured, tagged vlan as expected and the Operational vlan shown on the phone is correct.The switch is running 1.2.7.76 I have a test setup with a number of 7900 and 6900 series phones running on a SF300 and have tested all phones as working if the voice vlan is not on the default. I intend to test with the voice vlan as the default shortly to confirm it is not an issue with the specific switch and discover if it occurs on more than just the 6941.
I have a question its posible to authenticate an cisco phone and PC with the same vlan(voice and data)when i do this configuratión , the phone and pc dont work. The phone display registering and never finished.interface FastEthernet0/5 switchport mode access switchport voice vlan 1 authentication event fail action authorize vlan 11 authentication event no-response action authorize vlan 11 authentication host-mode multi-domain authentication port-control auto authentication periodic authentication violation protect mab dot1x pae authenticator dot1x timeout tx-period 10 dot1x max-reauth-req 3 spanning-tree portfastend.
Critical voice vlan feature, used to place a newly authenticating phone when radius server is dead into appropriate voice vlan, seems to be a new feature and I find the documentation to be incomplete. Do the following switches support this feature in any IoS versions? WS-C4510R, 4506, 3560, 3550,2960s.
I'm using CISCO 3524 switch as access switch and trying to enable voice vlan in fast eth ports as below.
L3 vlans are created in core switches which is cisco 6509 vlan 1 - data vlan vlan 2 - voice vlan in cisco 3524
[code]....
if i use the above configs, the phone which is connected to interface fa0/1 is not taking ip from dhcp server. even it didn't work with static configs.while troubelshooting, i have configured as below and it's started working..
int fa0/1 switchport acces vlan 2 speed 100 duplex full.
in this case i can't use this port for data connectivity where as it's required for data too.
I am having a problem with 6941 phones on a SG300.
When connected Smartport assignes the native and tagged voice vlan correctly, however the phone connects to the native vlan. After running a few tests I have found it only happens when the voice vlan is also the default vlan, though this has only been tested with the default left as VL1.
I can get to the phone on the native vlan, it picks up an address via dhcp, and the Operational VLAN ID is shown as 4095.Manually configuring the port as a trunk with the native and tagged voice vlans gives the same result.
CDP properties for the ports show the voice vlan as correctly advertised.This happens on multiple phones/ports.The 7962 phones on the same switch work as expected.
If I set the voice vlan to be something other than the default vlan 1, a vlan with dhcp available, the phone uses the configured, tagged vlan as expected and the Operational vlan shown on the phone is correct.
The switch is running 1.2.7.76 I have a test setup with a number of 7900 and 6900 series phones running on a SF300 and have tested all phones as working if the voice vlan is not on the default. I intend to test with the voice vlan as the default shortly to confirm it is not an issue with the specific switch and discover if it occurs on more than just the 6941.
I have CME on Router 2800 series, and switch 2960 PoE connected to this router.On 2960 switch, there is existing 7945 IP Phone that already work properly and get IP 14.x.x.x from voice vlan 2.
Problem is when I add cisco 6921 IP Phone connect to 2960 switch, it get data vlan 10.x.x.x, not voice Vlan 14.x.x.x I have check CDP and it use CDP v2
Config on 2960:
interface GigabitEthernet1/0/34 <--- this is connected to IP Phone 7945 switchport mode access switchport voice vlan 2 spanning-tree portfast
[code]....
With same config and condition on port 2960, why the IP Phone 6921 can't get voice vlan 14.x.x.x, whereas IP Phone 7945 can get voice vlan 14.x.x.x
If we configure a Voice and Data VLAn on a switch. And connect EX90 on voice VLAN and PCwith EX90 terminals. Than can we able to share a presentation or data with EX90 or not?
How can I configure Cisco 200 (SG200-08P) to learn Voice VLAN and CoS/DSCP from upstreamCatalyst 2960?
The Cat 2960 is today used together with LLDP-MED to announce config to Aastra IP Telephones. In some cases I need to use a small switch inbetween and plan to use the Cisco SG200-08P for this. However, I would like to avoid manual config of the Cisco 200 switch.
i am facing a strange issue on cisco 2950 .IOS (tm) C2950 Software (C2950-I6K2L2Q4-M), Version 12.1(22)EA9, RELEASE SOFTWARE (fc1) suddenly my phone stopped working for DTMF tone, i mean when i dial a conference bridge lets say 6565 and then it ask for conference bridge code lets say 12345, it doesnt recognize the code and says code is invalid, SIP Proxy is Asterisk in this case.Currently my cisco switch port is configured for dual data + voice vlan, where DTMF dont work, sample config below [code]
At our office we use seven Cisco 300 Series Small Business Switches. One main switch in the server room and one in each room. They work great! But I’m having difficulties getting the Auto Voice VLAN to work correctly. In fact, it seems to works straight away on a PoE model, but not on the non-PoE models.
All these switches use firmware v1.1.1.8. The switches in each room are connected to the central switch by Link Aggregation. The main switch is configured in Layer 3 mode and all the others in Layer 2 mode. We have a lot of VLAN’s configured. For this problem allow me to describe only the two that are relevant.
VLAN 102 - Internal Network (Clients)VLAN 104 - Internal Network (Voice) The switches on each room are mainly used for clients, printers and IP phones. The clients and printers should operate in VLAN 102. The IP phones should operate in VLAN 104. For this to work I have the 10 port switches configured as following.
GE1 – Trunk – 102U;104TGE2 – Trunk – 102U;104TGE3 – Trunk – 102U;104TGE4 – Trunk – 102U;104TGE5 – Trunk – 102U;104TGE6 – Trunk – 102U;104TGE7 – Trunk – 102U;104TGE8 – Trunk – 102U;104TGE9 – Trunk – 1P (LAG 1, with 1U;102T;104T)GE10 – Trunk – 1P (LAG 1, with 1U;102T;104T) The network is fully routable. A DHCP Server is available. Each VLAN uses DHCP relaying. If we statically assign a VLAN to a port, that just works fine. Auto Voice VLAN is enabled with VLAN ID 104. All switches are configured the same. But this is what occurs…
When I connect an IP phone on the SG300-10P the IP phones are assigned to the Voice VLAN ID 104. If I would connect a desktop to that same port it is assigned to VLAN ID 102. Exactly as it should.But when I connect an IP phone on a SG300-10 the IP it is assigned to VLAN ID 102. But I also noticed that in some cases they are assigned to VLAN ID 1 and don’t get an IP Address. That depends in which order I change settings. The port its VLAN membership is then even changed to 1P. Although the port is recognized as an “IP Phone” by the smartport feature. I have noticed it does make difference if I modify the smartport macro and change the native_vlan paramater from "1" to "let's" say "102". That seems to affect it. Of course it may be just coincidence. What am I doing wrong? How should it work?How should you actually configure each port on a switch? (trunk?, Tagged/Untagged VLAN?)If you do not use Telephony OUI. Do you still need to configure the macros on the smartport defenitions?
I have tried about everything. I have also tried Telephony OUI, but it doesn't make any difference. I just can't get it to work properly on the non-PoE switch.
im working in a new enviroment and want to makes some design changes to the environment. I wanted to bounce my ideas some of you folks to see if my thinking is on the right path or maybe i could do things better.
Setup:
Currently the setup that i manage includes and Sonic Wall (also dishes out dhcp), HP 1810 "Core Switch" and 3 SG 300-28P cisco managed switches. (all cisco switches tie back into the HP) The router is managed by the isp. There is only one vlan with all traffic going across it.
Obviously the glaring issue here is that voice and data all reside on the same vlan. Correct me if i am thinking incorrectly but the first step would be to create a separate vlan for the phones with its own IP scheme. currently phones are issued addresses from the 150-200 range and everything else is left for pc's, printers etc. To my knowledge the HP switch does layer 3 but i do not know much about it. There are vpn tunnels to remote offices that are used for sharepoint, email and to access other services. Trying to wrap my mind around the environment as a whole so i may be missing something obvious i could do design wise to improve.
The SRP547W supports creating both Wifi Voice and Data vlans.Can I configure a Wifi IP Phone to connect to the SRP547W Voice Wifi Vlan and have the SRP associate it with Line 1 (in lieu of a standard phone connected to the Line 1 FXO port - without additional hardware)?
I am trying to write an extended ACL for the voice vlan.My scenario is the following:I have two PBXs with two Catalyst 4505 L3 switches.The C4505 are connected trough a trunk link.I have a VTP domain configured.
Voice VLANs are Vlan 100 and Vlan 101 with networks 10.2.0.0/16 and 10.4.0.0/16 Voip telephones are communicating between them self and everything is working fine.I want to secure both voice VLANs with an ACL to allow only couple of IPs to administer the phones.The PCs are connected trough a integrated switch via VOIP telephone.Here is the sample configuration of the dhcp pool for the PC VLAN:
ip dhcp pool PCs network 10.1.0.0 255.255.0.0 default-router 10.1.1.1 dns-server 10.10.10.1 option 43 hex 010a.5369.656d.656e.7300.0000.0204.0000.0064.0000.0000.00ff
I had to implement the 43 hex option because the PCs did not get the ip from the DHCP because of the vendor specific information.The thing that worries me is will the DHCP forward the ACKs for the PCs if I implement this test ACL:
ip access-list extended VLAN100 permit ip 10.2.0.0 0.0.255.255 10.4.0.0 0.0.255.255 permit ip 10.4.0.0 0.0.255.255 10.2.0.0 0.0.255.255 permit ip 192.168.2.0 0.0.0.255 10.2.0.0 0.0.255.255 permit ip 192.168.2.0 0.0.0.255 10.4.0.0 0.0.255.255 permit udp host 0.0.0.0 eq bootpc host 255.255.255.255 eq bootps (this I am not sure do I need) permit udp host 255.255.255.255 eq bootps host 0.0.0.0 eq bootpc (also this) deny ip any any
I only want to allow the network 192.168.2.0/24 and maybe some other hosts to access the web based http gui to adiminister the IP phones.All PCs are connected trough the VOIP terminals. I do not want to deny the traffic to PCs.
I have a Cisco 6509 with IOS "s222-ipservicesk9_wan-mz.122-18.SXF16.bin"I need to enable dot1x on user's ports on the switch. each user is connected to the switch through the IP phone.
I just found out that I can not enabled dot1x on trunk port. I have tried to use "switchport voice vlan " but I got:
I created new VDCs. Since I have done so, there is not switchport command under the interface configuration.
The interesting this is that it is available on the admin VDC, but not the new VDC I created. I cannot create a peer VPC Peer link between my 2 Nexus switches. I did allocate ports to the new VDC and I did verify the enabled feature are the same.
recently i just connected a non cisco ip phone(from panasonic) to Cisco 2960 POE switch at site A. The PABX system is located at site B,Site A and site B are connected using MetroE Point to point.I would like to apply QoS for voice vlan. I want to assign 2MB to the point to point connection for voice vlan.
I cant find the v LAN-membership command on my 3700 layer 3 switch, I've searched Google on whether the command has upgraded to a new syntax to no avail, I'm using GNS3 and the IOS is c3725-adventerprisek9-mz.124-25d.bin
Im trying to simulate a switch in Gns3 and i use 16ESW module in a cisco 3700 router. why im getting this record after i try to filter which vlans pass through my trunk port:Router(config-if)#switchport trunk allowed vlan 2,3,4 Command rejected: Bad VLAN allowed list. You have to include all default vlans, e.g. 1-2,1002-1005.
my environment: IE-3000-8TC industry-switch ios: ies-ipservicesk9-mz.150-2.SE2
if i do
vlan 12 name NextVLAN state active
in putty, everything is ok. but if i set this lines in a config-file and use them by config net or copy tftp: running-config, then this commands are completely ignored.how to setup VLAN so that this are funktional. i dont need a "interface vlan xx"! in addition manually configured vlan are shown in show vlan command but there are no entries inside a sh running-config output even i user show running-config all.