06-13-2001 08:32 AM - edited 03-12-2019 11:43 AM
Hi,
We have an application were we provide voice over IP services to a customer with a centralized Call Manager. We want the PC's of the customer to be connected to IP phones and we want to have a different VLAN for the phones and the PC's. One of our concern is that we don't want the customer to access the voice VLAN. Is there a security issue here, if the customer use a PC equipped with a 802.1Q network card and by any chance he knows the voice VLAN ID, can he access the VLAN dedicated to voice and by the same time have access to the Call Manager, or any other servers on the same VLAN??
06-13-2001 09:08 AM
No security risk , what type of switch are you using?
06-13-2001 09:39 AM
A 3524XL-PWR.
When you say no security risk, can you be more specific?
Thanks!
06-13-2001 11:29 AM
A VLAN maps to a subnet (Layer 3) as a broadcast domain, such that a VLAN is equivalent to a subnet. VVID is the voice VLAN that the switch assigns to the IP phone inside the CDP message. It allows the IP phone to get its VLAN ID automatically when it is plugged into the switch if a VLAN is configured for the phone. If no VLAN is configured for the IP phone, the phone resides in the native VLAN (data subnet) of the switch.so if you set up VVID there is no way for the PC to reside in the phone space.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide