SRW224G4P : voice vlan problem

Unanswered Question
Nov 14th, 2009

Hi guys ,
i've a problem with tagged vlan with my SRW224G4P.
I,ve got following scenario:

one cisco 2801-CCME/k9 router
one cisco small business SRW224G4P layer 2 managed switch
ten cisco IP phone 7940 and 7931
ten personal computer


I need to use the embedded switch on the phone to connect computer . I need to

have 2 separated vlan for data and voice traffic.

I configured srw224g4p first 12 ports as follows


interface ethernet 1/x
switchport allowed vlan add 199 untagged
switchport native vlan 199
switchport allowed vlan remove 1
switchport mode hybrid
switchport allowed vlan add 150 tagged
spanning-tree cost 100000
spanning-tree edge-port


where vlan 199 is for data and vlan 150 is for voice .

I set following dhcp pool on 2801

ip dhcp pool phones
network 192.168.150.0 255.255.255.0
default-router 192.168.150.1
domain-name cmedeis.local
option 150 ip 192.168.150.1

ip dhcp pool PC
network 192.168.199.0 255.255.255.0
default-router 1982.168.199.1


and configured router on a stick as follows

interface FastEthernet0/0.150
description CME interface
encapsulation dot1Q 150
ip address 192.168.150.1 255.255.255.0

interface FastEthernet0/0.199
encapsulation dot1Q 199
ip address 192.168.199.1 255.255.255.0


My problem is that phones connected to the switch ports doesn't recognize tagged

traffic and doesn't take ip of the corrected dhcp pool of 150 vlan.

With a cisco 2960 poe switch i configured switchport voice vlan 150 and

switchport access vlan 199 and all is fine but this small business switch don't

handle switchport voice attribute and i can't separate voice and data vlan .

Someone have idea how to avoid this problem?

Need some help , please.

Bye

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
chrcoope Mon, 11/16/2009 - 11:48

I reset an SRW224g4p and configured port g1 (interface ethernet 1/25) to uplink to an ESW520-48 PoE switch. port e1 and e4 are phones. here is the resulting configuration file. I believe you can find the "CLI" commands you require from it. The 7942s booted and downloaded all just fine. I placed my call from one extension to the other on my UC540. If you have any questions or require clarification, please do not hesitate to ask.

*snip*

VLAN database
VLAN 1 name DefaultVlan media ethernet state active
VLAN 100 media ethernet state active
!

*snip*

spanning-tree MST configuration
!

*snip*

interface ethernet 1/1
switchport mode trunk
switchport allowed vlan add 1 untagged
switchport native vlan 1
switchport allowed vlan add 100 tagged
!
interface ethernet 1/2
switchport allowed vlan add 1 untagged
switchport native vlan 1
!
interface ethernet 1/3
switchport allowed vlan add 1 untagged
switchport native vlan 1
!
interface ethernet 1/4
switchport mode trunk
switchport allowed vlan add 1 untagged
switchport native vlan 1
switchport allowed vlan add 100 tagged
!

*snip*

interface ethernet 1/25
switchport mode trunk
switchport allowed vlan add 1 untagged
switchport native vlan 1
switchport allowed vlan add 100 tagged
!
interface ethernet 1/26
switchport allowed vlan add 1 untagged
switchport native vlan 1
!
interface ethernet 1/27
switchport allowed vlan add 1 untagged
switchport native vlan 1
!
interface ethernet 1/28
switchport allowed vlan add 1 untagged
switchport native vlan 1
!
!
!
interface VLAN 1
IP address 192.168.10.3 255.255.255.0
!

*snip*

Hope this helps,

Christopher

chrcoope Mon, 11/16/2009 - 11:51

Sorry, I just realized you may need a general port configuration. Give me a few minutes and I will prepare that example.

Chris

chrcoope Mon, 11/16/2009 - 14:51

Here we have native vlan VLAN 1, data VLAN 10 and phone VLAN 100. Port ether1/1 is set up to tether a pc through a phone.

VLAN database
VLAN 1 name DefaultVlan media ethernet state active
VLAN 10 media ethernet state active
VLAN 100 media ethernet state active
!
!
!
!
!
spanning-tree MST configuration
!
!
!
!
!
!
!
!
!
!
!
interface ethernet 1/1
switchport mode hybrid
switchport allowed vlan add 10 untagged
switchport native vlan 10
switchport allowed vlan remove 1
switchport allowed vlan add 100 tagged
!

Chris

hallerup.net Tue, 11/24/2009 - 03:03

Did you find a solution to this? I have the same problem after i changed my switch from a CISCO 3550 to the Linksys SRW224G4P.

On the Linksys i have the foll port conf:

VLAN database
VLAN 1 name DefaultVlan media ethernet state active
VLAN 5 name VLAN0005 media ethernet state active
!
spanning-tree MST configuration
!
interface ethernet 1/1
switchport mode hybrid
switchport allowed vlan add 1 untagged
switchport native vlan 1
switchport allowed vlan add 5 tagged

!

I have tried all other combinations too and I can either have the phone working or the pc working, but not both. However I tried to connect a cable to the old Cisco switch (which has no other connections) and this makes everything work.

The port conf for the Cisco is as follows:

interface FastEthernet0/35
switchport trunk encapsulation dot1q
switchport mode trunk
switchport voice vlan 5
spanning-tree portfast trunk

Is there a way to copy this portconfiguration to the linksys?

chrcoope Tue, 11/24/2009 - 08:39

Guys,

I did not have registration problems. You only need a hybrid/general port if your data VLAN is different than your management VLAN. When data and management share a VLAN, a regular trunk will suffice.

With a trunk configured, I would create an access port for the phone VLAN. Plug a pc in and see if it can ping the PBX over the trunk. This will test if the trunk is what is at fault. If it can ping from the phone VLAN access port, over the trunk uplink, and to the PBX, I would then set my phones admin VLAN manually. If the phone registers this way, I would then suspect that CDP is not propagating. IGMP snooping is usually the culprit with that. The next step after this would be some packet captures from the trunk link itself, then the port that the phone is plugged into. We would be looking for What is tagged with what, what isn't tagged, and wether or not CDP is present.

Hope this helps,

Christopher

alissitz Tue, 11/24/2009 - 09:33

Good posts as always Christopher!

As Christopher mentions you will need to hard code the voice vlan on all of the phones.  The phones will send the voice traffic via this vlan, and the PCs will send untagged traffic. 

I hope you do not mind a tangent and I hope this is not too great of a distraction, but the thought of QoS and security came to my mind as I read this post.

Besides the vlan problems, which I am sure we can get through, there is also a concern.

Any chance you would consider a 3560 for this deployment?  You have quite a few Cisco phones, a Cisco router, and many PCs. The Cisco switch would give you CDP, which would be useful for the voice vlan and power settings, as well as the important automatic QoS and security settings.

On my 3560, I applied a smart port macro.  A smart port macro is a series of best practices / command sets put into a simple to use command.  The one I applied is called cisco-phone.  Here is the output before and after:

c3560(config)#do sho run int f0/18
interface FastEthernet0/18
end

c3560(config)#int f0/18
c3560(config-if)#macr app cisco-phone

c3560(config-if)#sw voice vlan 5
c3560(config-if)#sw ac vl 1


c3560(config-if)#do sho run int f0/18
interface FastEthernet0/18
switchport mode access
switchport voice vlan 5
switchport port-security maximum 2
switchport port-security
switchport port-security aging time 2
switchport port-security violation restrict
switchport port-security aging type inactivity
srr-queue bandwidth share 10 10 60 20
srr-queue bandwidth shape  10  0  0  0
mls qos trust device cisco-phone
mls qos trust cos
macro description cisco-phone
auto qos voip cisco-phone
spanning-tree portfast
spanning-tree bpduguard enable
end

The switch automatically globally enabled mls qos and configured the many class-maps, policy-maps, and applied them all accordingly.  As you know, it is important to establish the trust boundaries when doing voice and QoS.  These switches also uses SRR which is a very good way of applying shaping.

Does this help?  I hope so.  Please fire back any thoughts or questions you may have.

Andrew Lee Lissitz

deissrl2009 Tue, 11/24/2009 - 09:39

Hi ,

linksys srw224g4p doesn't support CDP protocol and you have to set voice vlan manually on every phone.

when booting up phone you have to reset nework configuration and then manually specify telephony vlan in amministrative vlan parameter of phone network setting.

If you have cisco 7900 serie phone you have to unlock network setting by pressing sequence   **#     , then edit amm. vlan parameter specifying your telephony vlan.

Bye

thanks for help

chrcoope Tue, 11/24/2009 - 12:09

CDP multicasts pass right through my SRW224G4P firmware version 1.3.1 from my ESW520-48 port PoE switch and my UC540 If it is directly connected.

If I connect my UC500 to my ESW and that ESW to my SRW, I only see CDP from the ESW via wireshark. The UC500 does not appear. The 7942 also shows up but it is directly connected to the SRW. Like this:

UC500---ESW---SRW---PC&Phone (no tether)

When I connect my 7942 to my UC500, and my UC500 to my ESW, and that ESW to my SRW, I only see the ESW multicast CDP. Like this:

7942---UC500---ESW---SRW---PC

I performed some other tests as well. With this testing, and some information on page page 43 of the CCNP BCMSN 4th edition, I discovered that the bottom line is that Cisco equipment does not forward CDP multicasts. This leads me to believe that you are not advertising CDP out of the uplink port on your Cisco Classic equipment that you have your SRW plugged into. It may also be possible that IGMP snooping is enabled on the SRW when there is no rendezvous point, or MRouter, available. This will cause the SRW to NOT forward multicasts of any type.


Hope this clears things up,

Christopher

hallerup.net Mon, 11/30/2009 - 00:46

Thanks for all the good answers. The phones are working now, but I had to set up the admin VLAN on every phone as described by deissrl2009.

I also tried to disable IGMP Snooping Status, but I couldn't get it to work this way. Maybe the problem lies somewhere else (static router ports maybe?).

alissitz Mon, 11/30/2009 - 07:17

Good morning,

This has been my experience as well; you have to hard code the phones, create the VLANs, and make the ports into trunking mode.  There is limited visibility doing this, and troubleshooting can be difficult; not impossible, just more difficult.

If you see my post above, there are more concerns than just the correct VLANs, Security and QoS have be top of mind ... A network with VoIP should not ever go down, and as such QoS and security need to be addressed as well.

Cisco VoIP with Cisco switches really works well, and with smart ports you can have a network up and going in minutes ... and have all the industry best practices implemented.

BTW, the Lan-Lite 2960 POE switches also support smart ports, so if cost savings are a major contributor to your buying decisions, these switches might help.

Another very good option, lower priced and fully featured switch is the ESW series switches.  Have you considered these?

I hope this helps, kindest regards,

Andrew Lee Lissitz

Javed.Bundhoo_2 Fri, 04/02/2010 - 15:14

Hi,

I have a small IP address problem / native vlan problem with 521S linksys ip phone. I have an UC500, being the VTP server, distributing VLANS onto a 2960 switch (LAN-lite, with only 8 POE ports), connected onto the 8th port (expansion slot) onto the UC.

I have got VLAN 10 as Mgt VLAN, VLAN 20 as Voice VLAN and VLAN 30 as Data VLAN.

I am using 521S phones and 7931 phones, 7941 phones.

When i connect any of these phones on the UC, i don't get any problem. They register correctly. However, if i connect a 521 S phone onto the switch, the IP phone does not get an IP address and keeps on displaying this message "Initializing network..".  While i don't have any registering, or IP problem with a 7931 phone or a 7941 phone when they are connected, whether they are connected onto the switch or onto the UC.

if i change the default VLAN to 20, the 521s phone registers correctly,

Part of the config for the UC and the switch are as shown below:

The 1st 8 ports on the switch has been configured as follows:

switchport access vlan 30
switchport trunk native vlan 30
switchport mode trunk
switchport voice vlan 20
priority-queue out
mls qos trust cos
spanning-tree portfast

The Uplink for the switch & the UC are as follows:

switchport trunk native vlan 10
switchport mode trunk

Option 150 and Voice DHCP has been configured on interface VLAN 20.

Is there any problem with these linksys 521S phones regarding default vlan ID or IP  address?

Should i fix the Default VLAN ID onto the phone hardcorded to work around this issue? are there not any fix for that?

Will i be able to connect a PC behind the 521S phone if i fix the Default VLAN ID?


Thanks for your help! Its really appreciated..

David Hornstein Sat, 04/03/2010 - 01:23

Hi Javed,

I just turned on my SPA524  which i guess is almost identical in terms of operation when compared to the SPA 521.

If I had to connect to a specific Tagged VLAN, I select settings then network settings , press **# to unlock the setting  and enter the appropriate VLAN ID against the Administration VLAN option.

Never tried seeing if I can set the data port on a seperate tagged VLAN, it would mean that untagged packets from the PC would be converted to tagged frames as it transits through the SPA541..hmmmm interesting.

regards Dave

Javed.Bundhoo_2 Sat, 04/03/2010 - 09:55

Hi Dave,

The problem when i untagged the voice vlan on a particular port, if another network equipment is connected to that port other than an IP phone, it gets an address in the Voice VLAN.

My real issue is, why when plugged in the UC it works fine, i dont have to set the VLAN ID on the 521 phone network settings? why the other phones work well, with the same phone settings when plugged onto the switch?

The thing is that, i cant really check the work around you suggesting me, since am not at the site and we shall do a commissioning during the week, then i would be able to test this.

Ja v ed