1861 switch and F0/0 interface/VLAN config

Unanswered Question
Dec 18th, 2008

I have 1861 being used for small sites.

I have the 8 port switch configured in a vlan with an SVI and three devices pluged in.

All this is working with no problem. I can communicate from the main office via BGP to all remote sites using these 1861s.

At the moment the F0/0 interface is configured with an address in a different subnet altogether.

This will be the default gateway of a Video Phone, The device can uplink directly to the etherent port and communicate. I have tested this with a laptop.

There is never any reason for the phone traffic to communicate with anything other than the main site, and in fact would be better to isolate this traffic from getting to the other devices.

Any thoughts on what I have done and if there is a better way to do it?

!

!

crypto ipsec transform-set company esp-3des esp-md5-hmac

!

crypto map company_Crypt local-address Loopback0

crypto map company_Crypt 10 ipsec-isakmp

set peer 172.16.254.1

match address 115

!

no ip source-route

ip cef

!

!

ip dhcp relay information option

no ip dhcp use vrf connected

ip dhcp excluded-address 10.1.0.0 10.1.40.0

ip dhcp excluded-address 10.1.40.100 10.1.255.255

!

ip dhcp pool DHCP

network 10.13.0.0 255.255.0.0

default-router 10.1.70.1

dns-server 10.1.10.8 10.1.10.9

domain-name company.mycompanycu.com

!

!

no ip domain lookup

!

multilink bundle-name authenticated

!

voice-card 0

no dspfarm

!

username @ministr80r privilege 15 secret 5 $1$th99$wToILe65w3eaoLtR900By.

archive

log config

hidekeys

!

!

controller T1 0/2/0

framing esf

linecode b8zs

cablelength long 0db

channel-group 0 timeslots 1-24

!

!

class-map match-all DATA-Priority

match access-group 111

class-map match-all VOICE

match access-group 110

!

!

policy-map company-QoS

class VOICE

priority 512

set dscp ef

class DATA-Priority

bandwidth 256

set dscp af31

class class-default

set dscp default

fair-queue

random-detect

!

interface Loopback0

description 172.16.254.113 Loopback Interface

ip address 172.16.254.113 255.255.255.255

!

interface FastEthernet0/0

description 10.21.70.1 Uplink to Tandberg Utility Phone

ip address 10.21.70.1 255.255.0.0

shutdown

duplex auto

speed auto

!

interface FastEthernet0/1/0

switchport access vlan 70

!

interface FastEthernet0/1/1

switchport access vlan 70

!

interface FastEthernet0/1/2

switchport access vlan 70

!

interface FastEthernet0/1/3

switchport access vlan 70

!

interface FastEthernet0/1/4

switchport access vlan 70

!

interface FastEthernet0/1/5

switchport access vlan 70

!

interface FastEthernet0/1/6

switchport access vlan 70

!

interface FastEthernet0/1/7

switchport access vlan 70

!

interface FastEthernet0/1/8

switchport access vlan 70

!

interface Serial0/2/0:0

no ip address

encapsulation frame-relay IETF

no fair-queue

frame-relay traffic-shaping

frame-relay lmi-type cisco

hold-queue 256 in

hold-queue 256 out

!

interface Serial0/2/0:0.400 point-to-point

ip address 1.1.8.186 255.255.255.252

ip nbar protocol-discovery

ip flow ingress

ip flow egress

frame-relay interface-dlci 400 IETF

class company-class

crypto map company_Crypt

!

interface Vlan1

no ip address

!

interface Vlan70

ip address 10.1.70.1 255.255.0.0

!

router bgp 65013

no synchronization

bgp log-neighbor-changes

network 10.1.0.0 mask 255.255.0.0

network 10.21.0.0 mask 255.255.0.0

network 1.1.8.184 mask 255.255.255.252

network 1.6.254.113 mask 255.255.255.255

neighbor 1.1.8.185 remote-as 65000

neighbor 1.1.8.185 version 4

neighbor 1.1.8.185 soft-reconfiguration inbound

no auto-summary

!

!

!

ip http server

no ip http secure-server

ip tacacs source-interface Loopback0

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
John Blakley Fri, 12/19/2008 - 07:27

This is almost an identical configuration for the one that I use at my house. I have a ROKU box that I use to stream video, and it has a dedicated VLAN. It works fine.

On your ports F0/1/x, if you are only going to have video phones attached to that port, then you'll be fine. Otherwise, if a user connects a PC into that port, your video quality may suffer. You want to make sure that you don't have anything connected to these ports for other than what they were intended.

HTH,

John

Actions

This Discussion