Protocols / Routing :: SIP Trunk Port Range (VOIP)
Aug 14, 2012
I've recently set up a PC-based IP PBX in our small business which uses a SIP Trunk for up to 3 simultaneous voice calls. Ports needed to operate include 5060 (SIP-UDP) and then a huge range of high-number UDP ports which I believe is for the 'media' or audio. Let's call the range UDP 49,152 to 64,512. I only know a little about the SIP protocol but my understanding is that each call will randomly use a few ports from this range across which will pass audio, Is there a need to have such a wide range of ports open? If my SIP trunk is only capable of 3 simultaneous calls then it seems only 9 or so of those open ports could get used at once. Could I not just open, say a range of 100 ports and be fine, thereby reducing the security risk?
View 4 Replies
ADVERTISEMENT
May 17, 2011
I just inherited a network and feel like.I am missing something. We use ATT&T Opt-E-Man which limits the MAC address to 50 for the connection or you have to pay.Hence the routing VLAN is the only access across the two sites.I have a VoIP vendor who insists on using the same VLAN for all sites. Upon exam the VLAN is at the remote site but it does not work.
View 2 Replies
View Related
Aug 19, 2011
In a bit of a predicament. We're from Ireland and we've two houses on the farm that are exactly 108m as the crow flies. The main house is where we live and the other is more of an office type small house. We've no phone line or internet connection in it and the location is in a dip where we've bad mobile/cell connection. We're don't want to pay an extra55 a month for phone line and internet just to use the internet maybe twice a week. We have a wireless connection in the main home house and want to extend it to the other. I know there are ways but confuesed as to which to use.
View 3 Replies
View Related
Feb 18, 2013
I have a 3750g connected to a "core" switch stack of 7 other 3750g's via 2 GigE ports in a trunk. This is currently in a switchport mode access port- channel so only the default vlan data is sent over. Now we have a need due to physical location of these switches, to allow vlan20 (DMZ) from this 3750g to the switch stack. I will configure a few ports on the switch stack for vlan20 and they need to be able to talk to the stand alone 3750g.To do this I will change the port channel on both endpoints to
-switchport trunk ecapsulation dot1q
-switchport mode dynamic desirable
also making the appropriate change on the interfaces belonging to this trunk.My question is, now that its a trunk port that carries multiple VLANs, how much is the bandwidth reduced on that 2gbps link?I have a very active VLAN (10) on the stand alone switch, but on the core I'm not going to be assigning VLAN 10 to any ports. So does traffic from VLAN10 even come across the trunk (wasting bandwidth) if no ports on the core side are assigned to it? I really just need vlan 1 and 20 (for now).
View 11 Replies
View Related
Apr 11, 2013
Is there really any reason why you wouldn't use spanning-tree portfast on a trunk port other than a trunk between two switches? We have it enabled on all ports except for the fiber trunk between two non-stacked switches and the trunk ports connected to our Astaro firewall.I'd like to enable it on the ports to the firewall unless that would cause issues.
View 9 Replies
View Related
Apr 22, 2012
I have 2 Cisco 6509 switches linked together via single Fibre as a trunk.I want to change this to a port channel where I will add another 3 fibre ports to the port channel but what order do I do this to minimise any disruption.
1-Configure PortChannel and add the 3 new ports, this will bring up the Port Channel but what effect will this have on traffic currently going over the single Trunk link? Will spanning tree go mad, how will switches react?
2-Convert existing Trunk link to Portchannel then add in new ports to PortChannel, I guess in doing this there will be a small hit on traffic as it changes to a port channel.
View 2 Replies
View Related
Dec 6, 2012
can i have 4 links from an ESX server to 6500 , each link represents a trunk link carries each the same 2 VLAN , 100 and 101 , keep port-channel out of the picture , does it work well?
View 12 Replies
View Related
Sep 21, 2012
We have 7 3560's in 7 different locations connected to our providor for wan access. Our provider has given us a copper cable at each point and we have connected it directly to our 3560 switch at each location. Each port is configured the same way at each location. Each switch is running eigrp.All of the switch ports on each switch are configured as a trunk and vlan 299 had the ip address for the eigrp connection: [code] This setup is working as each switch see's all of the other switches as an eigrp neighbor. We have also made sure that the switch at our head office has spanning tree priority for vlan 299.
So the problem is, if there is a change in the topology at one of the locations it usually causes one or more of the other connections to go down for some reason. We just cannot pinpoint what is causing this change. There are no log's or anything other than an eigrp hold time expired message.?
View 9 Replies
View Related
Jul 10, 2012
I have a pair of 3560's configured with dot1q trunks between them carrying a number of VLANs.
Once deployed there will be a requirement for these physical trunks to be disconnected from time to time. Knowing that this is inevitable I am trying to minimise the period of time for the trunks to recover once the physical connectivity is reinstated.
All of the VLANs on the switches are configured for Spanning Tree Rapid PVST. Current time for the trunks/VLANs to come up is around the 4 second mark.
View 11 Replies
View Related
Oct 3, 2012
Is it possible to rate limit on a L2 trunk port on a 3750?
current port config and ios are as follows;
interface GigabitEthernet1/0/50
description *** Connection to Fiber Link ***
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,172
switchport mode trunk
end
flash:c3750-advipservicesk9-mz.122-46.SE.bin
i was wondering if the "srr-queue bandwidth limit 10" command would work to limit the output from this interface to be 10 % of the port bandwidth and then the same command could be done on the other side.
View 1 Replies
View Related
Mar 15, 2012
we have a scenario that consists of a Cisco 4507 series core switch with more than 20 vlans which is connected to a C2960G switch( in a nearby building) using a trunk by a fiber connection. Up to this point everyhting is fine . VTP domain is configured on the core switch and we have all of the 20 vlans present correctly on the edge 2960G wich is part of course of this same VTP domain.the fiber connection goes from core switch to a "in the middle location" where we have a fiber patch panel that is connected in a jumper style to another fiber patch panel going to the destination building where the C2960G sits.
Now imagine that Fiber connection from this middle location to the destination C2960 edge switch is down for any possible reason meanwhile the fiber connection from Core switch 4507 to the middle location is still intact.In the same time, in this middle location , we do have a wireless connection which links 1 Cisco 3750G switche ( a different infrastructure and different VTP domain) to another C3560G switch which sits on the same Room in the nearby destination building where we have the edge C2960G, An idea came to me is to connect one of the fiber port (core) in the intact fiber patch panel coming from Core switch 4507 TO an access vlan configured switchport in the 3750G switch ( this switchport will belong to a vlan designed only to trasmit the vlans on the trunk coming from 4507 core switch say VLAN 10) then connect one VLAN 10 access switchport to the destination C2960 edge switch ( the switchport on the c2960G is still a trunk)Will this solution work and all of the 20- 4507 core switch vlans arrive to the destination C2960G ? Or we do need something that tags the 2 VLAN 10 switchports like switchport dot1q tunnel like QinQ
View 2 Replies
View Related
Jun 6, 2012
I have several closets with Cisco 3560 on the edge that I'd like to change the vlan that's used for the management vlan on each. In the core I have a Cisco 6509 with Sup720's.
I'd like to do this by changing the native vlan on the trunk port on the core 6509 interface that connects to the 3560. and leave the management vlan on the 3560 as vlan 1.
Seems trivial but what I tried didn't work and I didn't have the window to troubleshoot. I'll paste the simplified configs for the interfaces below
!
6509 configs:
!
interface Vlan50ip address 172.16.50.2 255.255.255.0!interface FastEthernet
[Code]....
View 5 Replies
View Related
Feb 6, 2013
So I took a laptop with wireshark and plugged it into a nexus 5000 port that is configured as a trunk with 3 vlans allowed on it. The laptop was seeing all kinds of traffic on the wire, most of it was not involving my laptop.
For example: Server A VLAN 10= 10.10.10.1 Server B VLAN 20= 10.20.20.1 and wireshark laptop is plugged into a trunk port which is allowing those vlan's. The vlan's are routable.
10.10.10.3 is seeing the entire conversation when 10.10.10.1 backs up 10.20.20.1 even though it has no reason to see it. It is as if the trunk is spanning traffic to the laptop port. No span is setup however. It's really weird. This is not just broadcast traffic, but actual tcp taffic between Server A and B. Why would a trunk port see traffic between 2 other servers talking to each other on the vlan.
Trunk port configuration below:
Interface Ethernet 141/1/3
switchport mode trunk
switchport trunk allowed vlan 10, 20
View 5 Replies
View Related
Jan 20, 2012
I need adding a vlan to the trunks bundled in port channel. I know how to add v lans to a port channel with Cisco IOS but with CAT OS.
I have 2 ports bundled to form ether channel in switch which is running CAT OS. There are already few v lans allowed in the trunk of each interface. now I need to add one more v lan.
For Example:-
v lan 135 needs to be added in addition to the existing v lans.
clear trunk1/2 1-112,115,117-134,136-4094
set trunk 1/2 on dot1q 113-114,116,135
and similarly on the 2nd interface
so if I add vlan135 to the trunk one after another will it cause any service disruption?
View 3 Replies
View Related
Aug 15, 2012
I need to find out what is killing my Ethernet wan circuit urgently, It is a Ethernet trunk port with v lans tagged across it.
its a 3560x switch.
I configured span with the replicate keyword, but I'm not seeing all the traffic I'm sure.
I'm using wire shark.
Is there anything I can do to find what is causing this?
View 2 Replies
View Related
May 17, 2012
We had a core switch (Cisco 4503), distribution switches(Cisco 3750) and access switches in our network and consists of many vlans. Almost all vlans uses DHCP Pools. But for few vlans DHCP is not yet configured due to initial design poblems. Recently one of the rogue user in vlan 1 connected to one of the access switch send rogue arp packets to the network (suspecting arp packet with interface vlan 1 ip of core switch with wrong mac-address (gateway ip of vlan 1)) and resulted in a prolonged network outage for the vlan 1. Any way we are going to seggregate vlan 1 into different vlans, but before that we need a temporary plan to block such kinds of attack like enabling DAI in the switch. I have checked the DAI implemenation feasibility with my knowledge and found that it is not possible to configure to the access switches(Cisco 2960) in which the user directly connected. But found that Distribution switch connected to that particular access switch seems to be able to configure since DAI commands are available to configure in switch.
Is it possible to block ARP packets with the interface vlan 1 IP Address with rogue mac-address by configuring DAI in the above mentioned Distribution switch and the port connected to the mentioned access switch?
View 2 Replies
View Related
May 2, 2013
We've been configuring our swtichports as follows for our 7945 and 6941 type VoIP Phones, but are having problems witht the 6901.
VLANS
Vlan 900 is a VoIP VLAN
Vlan 999 is a NULL VLAN and is shut down:
interface g0/1
switchport access vlan 999 {VLAN to direct data traffic to the bit bucket becuase a PC shouldn't be connected to this port}
switchport mode access
switchport voice vlan 900
mls qos trust cos
spanning-tree portfast
The 6901 phone doesn't support multiple VLANs, so our configuration above does not work unless vlan 999 is turned on (not good security wise). We got the phones to work also by removing vlan 999 and switchport mode access.
switchport voice vlan 900
mls qos trust cos
spanning-tree portfast
solution that provides the discarding of data for the access VLAN, while supporting the VoIP vlan for this phone?
View 3 Replies
View Related
Feb 12, 2012
we recently aquired a managed services job and have to do a overhaul of the vlan configs and have a whole dozen WC2948G's trunk between a set of ports as well as trunk out a LAG channel setup to non cisco equipment. the deal is the lacp-channel works properly on both ends but no routing of vlans between ports and between the lag trunk are working.
theres alot of settings in the config and im planning on clearing it and starting from scratch but before i do i want to know where my problem lies.
[code]...
View 6 Replies
View Related
Feb 15, 2012
I'm trying to trace a host and I'm getting stuck at the port channel mac addresses. I need to find out where the server is connected to and the switch it lives on.
Please read below:
Step 1) Log into the core (MSFC): Code...
How do I find out where this physical server lives? I keep getting the mac for the trunk ports which is being used for all VLANs.
The server is hanging off some switch but I need to track it down to the last end.
View 1 Replies
View Related
Aug 27, 2012
I have a Cisco Wireless LAN Controller WCL2112 model. It's currently plugged into an HP Procurve switch on a trunk port. That HP switch is plugged into my Cisco stack on a trunk port. I can reach the WCL just fine through the LAN. But when I plug the WCL directly into the Cisco stack on a trunk port, I can't reach the WCL at all, unless I connect to it over wireless. The interface shows it's conneccted and up/up. But no communications are sent across the line. I did a wireshark and can see only ARP request from the WCL. The trunk port on the stack is set to:
interface GigabitEthernet1/0/1
switchport trunk encapsulation dot1q
switchport mode trunk
The WCL has 3 VLAN's on it and the SSID of VLAN 1 is our office wireless. If that matters. .The Cisco Stack is 4 switches. cisco WS-C3750X-48P
View 3 Replies
View Related
Oct 11, 2010
Any way to test in a lab what would happen if a tech mistakingly added "switchport voice vlan XX" to a trunk port? I am try to do some RCA on an issue and this has been identified as a possible cause by one of my techs.
The config is Switch1------Switch2--------Switch3 Each interswitch connection is configured as a dot1q trunk with all vlans allowed. The link between switch2 and 3 is where switchport voice vlan 10 was added. Switch1 is a 3750 and 2/3 are 3560's.
View 8 Replies
View Related
Jun 16, 2012
I am trying to port forward for Vuze and I am having a problem understanding the concepts at [URL] for working within two routers. I have a Zoom 5241 cable modem connected through a Motorola VT2442-VD for Vonage VOIP, then connected through my Netgear RangeMax WPN824v3 wireless router, to my computer. I am also running AVG internet security. Here is a look at my ipconfig /all:
C:Users
ex>ipconfig /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : MarekFamily
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
[code]....
However, I do not understand where to setup the static ips and where to drop DHCP to be able to port forward successfully. I have tried in Vuze to set up acceptable ports 51600 for TCP and UDP, but they continue to get this error: "NAT Error - Connect attempt to 67.60.124.173:51600 (your computer) timed out after 20 seconds. This means your port is probably closed." I do know that the Ip present is from my Vonage with my external IP address. I even tried to establish rules for TCP and UDP within AVG Firewall settings for the Vuze program.
View 6 Replies
View Related
Apr 5, 2011
I've been having trouble signing into the PSN and Sony have given me some TCP and UDP ports to enter, I presume they're the ports for PSN.
TCP Ports: 80, 443, 5223, and 10070 - 10080
UDP Ports: 3478, 3479, 3658, and 10070,
When you want to open new ports on the BT HomeHub you have to fill out this form, and I don't know whereabouts I enter these ports I've been given.
View 1 Replies
View Related
Jul 19, 2012
im trying to set up my cctv so i can watch it from my iphone outside my network and it says to open ports 80, 9000 and 15961. ive successfully opened ports 80 and 9000 but cant seem to get 15961 to open. i have an att 2wire.
View 17 Replies
View Related
Feb 2, 2013
So I need to forward certain ports to play/log-in game:
TCP: 80, 443, 2099, 5222, 5223, 8393-8400
UDP: 5000:5500
I did forward them in my router and checked them with PFPortChecker, every port seems to open except 2099, I don't understand why.Note that I disabled Windows Firewall, Router's Firewall, and I'm using Kaspersky Internet Security which I disable while checking ports/logging to game
View 19 Replies
View Related
Sep 15, 2011
I have a 4510R-E chassis with SUP7-E running IOS XE version 3.01.01.SG. I am unable to create a port-channel and apply auto-qos for VOIP.If I configure auto-qos on the physical interfaces, I get this message when I try adding them to the port channel:
"The attached policymap is not suitable for member either due to non-queuing actions or due to type of classmap filters."
Auto-qos is not an available command in the port-channel interface configuration, but if I try adding the service policies that were created by auto-qos to the port channel manually, it lets me apply the input policy but on the output policy I get this message:
"A service-policy with queuing actions can be attached in output direction only on physical ports."
With the input policy applied to the port-channel interface, I tried addign the output policy to the physical ports and I got this message:
"A service-policy with non-queuing actions should be attached to the port-channel associated with this physical port."
Is there a way to get the auot-qos policies applied to the port-channel properly?
View 3 Replies
View Related
Jan 24, 2013
force something such as a Telnet client to use a particular outbound port when opening the TCP connection?
View 3 Replies
View Related
Apr 17, 2012
I am trying to setup my lab so I purchased 3 cisco 2501 to study for my CCNA, my question is? I have 2 serial interfaces and 1 AUI for ethernet on each router. How can I configure the Ethernet interface, if I don't see it on the configuration. From the CLI command I issue the command show ip int brief. But It only shows the 2 serials but no E0 interface.
PS. I do have an Ethernet Transceiver connected to the AUI port on the router with a straight through cable going into a 2950 switch.
View 6 Replies
View Related
Aug 15, 2011
I'm trying to forward ports for game connections. For this particular game, I'm trying to forward port 7777My ports aren't forwarding according to: Open Port Check Tool - Test Port Forwarding on Your Router and Open Port Check Tool[CODE]
View 13 Replies
View Related
Dec 22, 2012
So I am working on a website with MySQL/PHP that I have been developing on my Linux box. I wanted to show a friend my progress so I temporarily opened up port 80. So he was able to just type in my public IP and it brought him to my localhost index.
My question is, when I type in my IP address in the URL bar, does the web browser automatically just assume port 80? What happens if I want to have 2 different servers from the same local network and one is running through port 80 and the other is running through port 90? In this case, would I have to type ":90" to access the machine running on port 90?
View 1 Replies
View Related
Jul 15, 2012
I have my internet through CenturyLink which is a DSL connection running on an Actiontec Q1000 on a Windows 7 set up. I'm trying to run a subsonic server on my computer to stream my music collection. It was all working beautifully until I had to switch to this modem from my previous. Now, when I go to canyouseeme.org, it can't see that 4040 and 8080 are open. They need to be for subsonic to work? I've tried to set it up as portforwarding
View 5 Replies
View Related
Oct 9, 2012
I want to be able to use port 1-80 for all outgoing traffic. I have a VPS outside my home, which can redirect the packets to the prober ports.Is it possible with an application on the computer and VPS? Or is it impossible?
View 1 Replies
View Related
May 13, 2012
At first I tried to port forward 25565 on my D-Link Router account, but that didn't work for anyone trying to connect through the External IP.
People can connect locally over my network and I can connect to the game via localhost, but like I said, no friends from abroad.
I've checked my External IP and that doesn't work, I've tried resetting my router to factory default and then reinstalling the firmware for the model, that didn't work. I tried removing the firewall altogether, and also just allowing 25565, but that didn't work. I also got my friend to take their firewall off as well.
(Also, it should be known, when I'm port forwarding I'm allowing access, and have 25565 set in both TCP and UDP. I tested to see if the port was open on Open Port Check Tool, but it said it was closed (connection timed out) even though I had it forwarded)
View 4 Replies
View Related
