Before I ask my question, I would like to know if it's OK to ask questions regarding both Cisco and Linksys products in this forum, or if this forum is just for Cisco OR Linksys? I just want to make sure before I ask my question.
The devices we are talking about are UC520, Catalyst Express 520 Switch, and 2 Linksys SRW224P Switches.
The products listed at cisco.com/smallbusiness should be appropriate for this site. They include the Cisco Pro family (UC500, CE500) and the Linksys Small Business line (SRW224P). Currently not all engineers at all locations have access to all the equipment listed there but that will change as time goes by.
Thanks for your response, I can now describe my problem....
We are using the UC520 as a PBX System, VPN Server, and what-have-you. On the expansion port, we connected the CE520 Switch, and we have many phones, and some other devices connected to it. Now, on ports 5 and 6 of the UC520, we connected the 2 Linksys Switches we've had for a couple of years now. Anyway, on these switches we have a few computers connected, but what I am having problems is 8 IP Cameras (PVC2300 also by Linksys). What we wanted to do was to create a new VLAN (2) on the UC520 to house these IP Cameras (all of which have static IP addresses in the subnet 192.168.0.1/24). We need the office manager's laptop to be able to see the cameras, but this laptop is in VLAN 1 (192.168.10.1/24). I opened up at case with TAC and they helped me create the VLAN and all this, and now they said it should all be working OK, except it's not, and they said it has to do with the Linksys switches (which they can't provide support for). I am not a networking wizard, I consider myself a very basic IT guy when it comes to this, so I am not sure what I'm supposed to do on the switches to have them communicate correctly with the UC520 and VLAN 1 and 2. Right now, the computers connected to the Linksys Switches are actually in VLAN 1, and can access the IP Phones Web GUI, so I don't know why this new VLAN is not visible by the Data VLAN.
I hope I am clear, and if you have any questions I will be glad to answer them.
Thanks for any help provided!!
Our topology is something like this:
CE520 on Expansion port ------ Mostly phones and a few computers
Internet---UC520 ----- SRW224P Switch on UC520 port 5 ------ IP Cameras and a bunch of computer/network devices
SRW224P Switch on UC520 port 6 -------- IP Cameras and a couple of computers
You have a few options here, and we will help you in trying to make it work, but first a few questions:
1) On the newly created VLAN, what device will be providing DHCP, if any? The UC500?
2) Would it be acceptable to have all the devices behind your Linksys switches in VLAN 2 EXCLUSIVELY? The reason why I ask is that by doing that, you avoid having to create a trunk port between those switches and the UC500.
1) No device will be providing DHCP, but if we had to pick one, yes it would be the UC520. We really want to keep static ip addresses on these cameras so we can track them better, but I guess we could set up DHCP and change the scope.
2) It's not possible to do that as we have very little resources and it seems such a waste to have a 24 port switch just so we can use 8 or 9 ports. Why not put the cameras in the data VLAN? We want to keep them separate from the computers and stuff.
OK, so on the network handled by the Linksys switches you have static IP's. That's OK.
Going back to your issue, what procedure did you follow to create VLAN 2? Did you use CCA? What happens if you do a traceroute to the camera's IP from a computer behind a Linksys switch? Can you also please post your full configuration (UC500)? Don't forget to remove the passwords.
Well I wouldn't put it as a network being handled by the Switches, but yeah... the cameras that go in VLAN 2 are all connected to both Linksys switches with static ip's
The way I created the VLAN (With help from Cisco TAC) was to go into the CLI and do something like:
- config t
- int vlan 2 (can't recall)
- ip address x.x.x.x subnet x.x.x.x (again, don't recall)
- description IP Cameras
However, when I went into CCA I did not see it listed and when I did a "show int vlan 2" it said the protocol is down, so I tried what I read in another forum:
- vlan database
- The next steps were something like create vlan 2, and apply... it's Friday so my memory is not really good
Anyway, after doing this I was able to see the VLAN in CCA and the protocol was UP
I haven't tried to do a tracert from one of the PC's so I will have to do that next week (probably Wednesday because I am not onsite often) and I will post my config (EDITED) on Monday
Thanks Marcos!! Everyone have a nice weekend
Yes, "served" would have been more accurate. Do not forget to add the 192.168.0.0/24 entry to the Access-List applied to your voice and LAN interfaces. I am pretty sure that's the problem.
OK, let us know how it goes.
I have attached my EDITED configuration. I will try to apply that to the ACLs.. it's funny how the TAC engineer did not mention that, and I guess you're right, if traffic is not being allowed then it's being denied as far as I understand.