Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
623
Views
0
Helpful
2
Replies

configure ip phones to receive ip from a firewall

Go to solution
rajkamath
Level 1
Level 1

‎11-23-2022 11:35 AM

Greetings, 

have a client who wants to do the setup as below. 

Firewall - int 1 to switch for data vlan, int 2 to switch for voice vlan (both interfaces have been configured with DHCP scopes separately. connected to switch on trunk ports. CME is also connected to the switch. Data vlan gets IP address from the int 1. what configuration do I need to do for IP phones to get dhcp from the firewall. 

On the switch, there is a default route that has been added, which points to IP of int 1. CME will be the tftp . 

Apart from configuring the int 2 with the new dhcp scope and option 150 IP address of the router. 

Data is on default vlan 1. should I just configure a new vlan for voice ( say 60), configure access points with voice vlan 60. for the new vlan , add the IP helper address command to int 2ip address. any guidance would be helpful. have tried replicating the scenario in packet tracer , laptop always gets the IP and the phone never gets one. 

Have configured the port on which the router connects also as trunk port. anything that needs to be done on the CME router for the phones to pickup IP from the second interface of the firewall. switch is cisco and firewall is a checkpoint appliance. 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Nithin Eluvathingal
VIP
VIP

‎11-23-2022 05:52 PM

Phones must be on a separate vlan which is recommended. You can put them on van 60 or what ever you like. On switch port the voice vlan  must be  configured with using the command "switch port voice vlan  XX". 

For Phone to get the ip From DHCP configure the ip helper address which will be your DHCP server.

The DHCp server must have option 150, the IP which CME gone use for communication. 

And obviously the CME configuration on the router. Thats enough for the phones to register with the CME 



Response Signature


View solution in original post

0 Helpful
2 Replies 2

Go to solution
Nithin Eluvathingal
VIP
VIP

‎11-23-2022 05:52 PM

Phones must be on a separate vlan which is recommended. You can put them on van 60 or what ever you like. On switch port the voice vlan  must be  configured with using the command "switch port voice vlan  XX". 

For Phone to get the ip From DHCP configure the ip helper address which will be your DHCP server.

The DHCp server must have option 150, the IP which CME gone use for communication. 

And obviously the CME configuration on the router. Thats enough for the phones to register with the CME 



Response Signature


0 Helpful

Go to solution
rajkamath
Level 1
Level 1

‎11-25-2022 05:46 AM

i am getting the ip address for the phones from the firewall. i can ping the firewall interface giving out the IP addresses . however cant reach the cme router. 

So there is a static route on the switch that is 0.0.0.0 0.0.0.0 10.34.1.1

second IP segment is 10.34.4.x/128

I can ping the phones that are connected to switch from the console. ( 10.34.4.15, ping the default gateway for that network 10.34.4.1 which is the second interface on the firewall )  . plugged in the router which is 10.34.4.10/128 and another box for voice mail and cant ping any of those. the router is also not able to ping any of the devices. Self ping works. Any heads-up on where things could have been missed. 

Data is on default vlan 1 and there is vlan 60. All interfaces are showing as up and don't see any errors. 

0 Helpful
Customers Also Viewed These Support Documents