讓 VLAN 在 Polycom VVX 電話和 Cisco SG300 交換機之間工作
我按照此處列出的說明進行操作-> https://community.polycom.com/t5/VoIP-SIP-Phones/FAQ-Utilizing-VLAN-s-with-Polycom-phones/td-p/38100。但是來不及了。
所以我有電腦(VLAN 1),這些更新檔安裝在 Polycom VVX 電話的底部,我希望將其分離到 VLAN 11 中。
我在 Cisco SG300-28PP 交換機上禁用了 CDP 和 LLDP。我定義了 VLAN 11,並將其作為允許的中繼添加到 Cisco SG300-28PP 交換機上的所有介面。我還在 Polycom VVX 上禁用了這兩個協議。我在 Polycom VVX 上啟用了選項 128 的固定發現。我為 VLAN-A=11 添加了選項 128;在 DHCP 伺服器上(在本例中為 Windows 2012 R2 機器)。雖然電腦通過 VLAN 1 聯網,但電話不會將 DHCP 地址作為 VLAN 11 網路的一部分。
這兩個網路從 Cisco SG300-28PP 進入 Cisco ASA 5505,一個介面用於 VLAN 1,另一個介面用於 VLAN 11。我在 Cisco ASA 5505 上設置了 DHCP 中繼,因此請求來自 VLAN 11 (10.4.4.0 /24) 被轉發到 VLAN 1 (10.0.4.0/24) 上的 10.0.4.5。
下面是開關配置。連同來自 ASA 配置的片段,以及已定義的 DHCP 範圍的螢幕截圖。有什麼想法我可能會錯過嗎?
轉變:
config-file-header switchae111f v1.3.5.58 / R750_NIK_1_35_647_358 CLI v1.0 set system mode switch file SSD indicator plaintext @ no cdp run vlan database vlan 11 exit voice vlan id 11 voice vlan state disabled voice vlan oui-table add 0001e3 Siemens_AG_phone________ voice vlan oui-table add 00036b Cisco_phone_____________ voice vlan oui-table add 00096e Avaya___________________ voice vlan oui-table add 000fe2 H3C_Aolynk______________ voice vlan oui-table add 0060b9 Philips_and_NEC_AG_phone voice vlan oui-table add 00d01e Pingtel_phone___________ voice vlan oui-table add 00e075 Polycom/Veritel_phone___ voice vlan oui-table add 00e0bb 3Com_phone______________ no lldp run hostname switchae111f management access-list All permit exit management access-list SSH permit service ssh exit management access-class All username cisco password encrypted ------ privilege 15 ip ssh server ip ssh password-auth ip ssh-client server authentication clock timezone " " -5 clock summer-time web recurring usa clock source sntp clock source browser sntp unicast client enable sntp unicast client poll sntp server 10.0.4.5 clock dhcp timezone ! interface vlan 11 name voip ! interface gigabitethernet1 switchport trunk allowed vlan add 11 ! interface gigabitethernet2 switchport trunk allowed vlan add 11 ! interface gigabitethernet3 switchport trunk allowed vlan add 11 ! interface gigabitethernet4 switchport trunk allowed vlan add 11 ! interface gigabitethernet5 switchport trunk allowed vlan add 11 ! interface gigabitethernet6 switchport trunk allowed vlan add 11 ! interface gigabitethernet7 switchport trunk allowed vlan add 11 ! interface gigabitethernet8 switchport trunk allowed vlan add 11 ! interface gigabitethernet9 switchport trunk allowed vlan add 11 ! interface gigabitethernet10 switchport trunk allowed vlan add 11 ! interface gigabitethernet11 switchport trunk allowed vlan add 11 ! interface gigabitethernet12 switchport trunk allowed vlan add 11 ! interface gigabitethernet13 switchport trunk allowed vlan add 11 ! interface gigabitethernet14 switchport trunk allowed vlan add 11 ! interface gigabitethernet15 switchport trunk allowed vlan add 11 ! interface gigabitethernet16 switchport trunk allowed vlan add 11 ! interface gigabitethernet17 switchport trunk allowed vlan add 11 ! interface gigabitethernet18 switchport trunk allowed vlan add 11 ! interface gigabitethernet19 switchport trunk allowed vlan add 11 ! interface gigabitethernet20 switchport trunk allowed vlan add 11 ! interface gigabitethernet21 switchport trunk allowed vlan add 11 ! interface gigabitethernet22 switchport trunk allowed vlan add 11 ! interface gigabitethernet23 switchport trunk allowed vlan add 11 ! interface gigabitethernet24 switchport trunk allowed vlan add 11 ! interface gigabitethernet25 switchport trunk allowed vlan add 11 ! interface gigabitethernet26 switchport trunk allowed vlan add 11 ! interface gigabitethernet27 switchport trunk allowed vlan add 11 ! interface gigabitethernet28 switchport trunk allowed vlan add 11 ! exit no macro auto processing cdp no macro auto processing lldp ip ssh-client key rsa key-pair
作為一個:
names ! interface Ethernet0/0 switchport access vlan 2 ! interface Ethernet0/1 ! interface Ethernet0/2 switchport access vlan 12 ! interface Ethernet0/3 switchport access vlan 11 ! interface Ethernet0/4 ! interface Ethernet0/5 ! interface Ethernet0/6 ! interface Ethernet0/7 ! interface Vlan1 nameif inside security-level 100 ip address 10.0.4.1 255.255.255.0 ! interface Vlan2 description time-warner-bc-static nameif outside security-level 0 ip address 74.143.200.234 255.255.255.248 ! interface Vlan11 nameif voip security-level 100 ip address 10.4.4.1 255.255.255.0 ! interface Vlan12 description Cisco RV110W VPN Firewall nameif wireless security-level 99 ip address 192.168.100.1 255.255.255.0 ! same-security-traffic permit inter-interface ! dhcprelay server 10.0.4.5 inside dhcprelay enable wireless dhcprelay enable voip dhcprelay timeout 60
電話會在 DHCP 提供消息中查找自定義選項 (128),以了解它們應該使用哪個 VLAN。必須在本地(未標記)VLAN 的 DHCP 範圍內配置此選項。
手機開機流程為:
- 啟動並在本地 VLAN(本例中為 Vlan 1)上生成 DHCP 發現消息。
- DHCP 伺服器以 DHCP 提供消息進行響應。此消息包括自定義選項 128。選項字元串包括電話應使用的 VLAN。(“VLAN-A=11;”)。
- 電話重新啟動並在 VLAN 11 上生成 DHCP 發現消息(標記為 VID=11)。
- DHCP 伺服器以來自已配置 VLAN 11 範圍的提議進行響應。
- 電話使用 VLAN 11 上的地址,並繼續其啟動過程。