Showing results for 
Search instead for 
Did you mean: 

Cisco Jabber - does it use the data vlan?

I am investigating a private vlan solution to accomplish an end goal of host isolation. In the end I'd like to see my endpoints not able to communicate with each other for additional privacy/security.


While experimenting with this I ran into the "switchport protected" option on a per-port basis. It appears to work fine for most of my use cases, except that when another device on the same switch/vlan attempts to call the other over Cisco Jabber the audio is not heard on either side. I also cannot send screen shares or share my video over Jabber. While the use case may be minimal (two users trying to call each other on the same switch stack, which is likely the same floor of the building), I need to ensure that all current uses transfer over during the final change window.


My question is this: Does Cisco Jabber use the data vlan for all traffic, or is there a way to have it tag its traffic outbound as the voice vlan?


I'm investigating an alternative solution here to have the data vlan be an isolated pvlan and the voice vlan be a community pvlan, allowing inter-floor voice vlan traffic to establish as normal. This of course relies on the idea that Cisco Jabber uses the voice vlan, or there is some way to separate out those traffic flows to permit them.

Throwing packets since 2012
Adam Pawlowski
VIP Advocate

Jabber does use the data VLAN with the workstation. Presumably, if you could configure the workstation's NIC to support tagging, multiple adapters, and routing accordingly, you could route the traffic onto the voice VLAN. 


You can also try to use a trusted relay point/MTP, which can break some things, or MRA, which can break other things, but both of those can solve whichever problem you're tackling here.

Content for Community-Ad

Spotlight Awards 2021