Do the Cisco 7941's act as a switch? It has 2 ports, one says PC and one says switch. Does it actually have switching capability and can pass vlans? I have a PC plugged in to the PC port and the switch port plugged into a 2940 switch.
Yes, the 7941G does have a built-in 10/100 switch. here is a clip;
The internal 2-port Cisco Ethernet switch allows for a direct connection to a 10/100BASE-T Ethernet network through an RJ-45 interface with single LAN connectivity for both the phone and a co-located PC. The system administrator can designate separate VLANs (802.1Q) for the PC and Cisco Unified IP phones, providing improved security and reliability of voice and data traffic.
So do I place all the ports on the 2940 switch the phone is connected to in trunk mode?
I have an asa with 2 vlan interfaces assigned on the inside (physical interface e0/5) connected to a 2940 switch which has a 7941 voip phone plugged into a random port. I trunk to the ASA from the 2940 and do I also trunk the port from the 2940 to the phone and set up trunking on the phone?
The switchport mode trunk method was the only way to go with "older" switches like the 3500XL, but on all newer versions (like the 2960/2970/3750)the need for Switchport mode Trunk is not necessary..
I do know that it is unnecessary to configure the switchport in Trunk mode because when you use the Voice VLAN (with a native vlan) command a "special" dot1q trunk is automatically setup. The reasons I have seen to support this setup are many and vary from minimizing Trunking overhead to ease of configuration and everything in between :)
Here is one of the better threads I have ever read on this issue (with some Tac links as well). There are some great answers from Mahesh,Paolo Sankar and others here.
Here is the first line of the SRND for Voice Design;
When you deploy voice, Cisco recommends that you enable two VLANs at the access layer: a native VLAN for data traffic and a voice VLAN under Cisco IOS or Auxiliary VLAN under CatOS for voice traffic.
Separate voice and data VLANs are recommended for the following reasons:
â¢Address space conservation and voice device protection from external networks
Private addressing of phones on the voice or auxiliary VLAN ensures address conservation and ensures that phones are not accessible directly via public networks. PCs and servers are typically addressed with publicly routed subnet addresses; however, voice endpoints should be addressed using RFC 1918 private subnet addresses.
â¢QoS trust boundary extension to voice devices
QoS trust boundaries can be extended to voice devices without extending these trust boundaries and, in turn, QoS features to PCs and other data devices.
â¢Protection from malicious network attacks
VLAN access control, 802.1Q, and 802.1p tagging can provide protection for voice devices from malicious internal and external network attacks such as worms, denial of service (DoS) attacks, and attempts by data devices to gain access to priority queues via packet tagging.
â¢Ease of management and configuration
Separate VLANs for voice and data devices at the access layer provide ease of management and simplified QoS configuration.
To provide high-quality voice and to take advantage of the full voice feature set, access layer switches should provide support for:
â¢802.1Q trunking and 802.1p for proper treatment of Layer 2 CoS packet marking on ports with phones connected
â¢Multiple egress queues to provide priority queuing of RTP voice packet streams
â¢The ability to classify or reclassify traffic and establish a network trust boundary
â¢Inline power capability (Although inline power capability is not mandatory, it is highly recommended for the access layer switches.)
â¢Layer 3 awareness and the ability to implement QoS access control lists (These features are required if you are using certain IP telephony endpoints, such as a PC running a softphone application, that cannot benefit from an extended trust boundary.)
You have reached the Cisco Logistics Support Center.. To Check Status of
your RMA, visit Product Returns & Replacements (RMA). Need help? Contact
us by Phone or Email. North Americas Phone: 1800 553 2447 Option 4
Email: email@example.com Europe Phone: +3...
The short answer is that you don't.... That isn't entirely true while at
the same time it kind of is, but for the most part you don't configure
the softkeys. You enable or disable them via TCL. Here is the long
answer. Be sure to read the whole thing or e...
Topology: IP Phone > Switches > Microsoft NPS setup to forward 802.1x
proxy to > ISE 2.1 patch 3 Authentication: EAP-TLS using Cisco MIC SANs
Phone Models 802.1X support? 802.1x flavor Addtl Comment EAP-MD5 EAP-TLS
Cisco 3905 Y Y N Cisco 6911 Y Y N Cisco ...