Solved: Voice VLAN Help Please

joshw · ‎04-07-2015

My customer has 2 SG300-52P and 5 SG300-28P. We installed a VoIP phone system earlier this year. At the time of install we placed the phone system on the native VLAN 1. Now they want to move the phone system to a new VLAN because their class C subnet is running out of addresses. DHCP is handled by their Active Directory and their router/firewall is an Untangle Box. The SG300 switches have a basic configuration only.

To move the phone system to a new VLAN I created VLAN 20 on every switch. I then turned Auto Voice VLAN on. I have every port on every switch set to trunk. Computers are plugged into back of phones. I then created a virtual interface on the Untangle Box for VLAN 20. The Untangle Box is also handling DHCP for the new VLAN. Active Directory is still handling DHCP for native VLAN.

From each switch I can ping the gateway of the new VLAN. From each computer I can ping the gateway and the phone system on the new VLAN. However, the phones will not grab an address on the VLAN and when they are set to static, they cannot communicate with other devices on the VLAN.

Any help would be highly appreciated. I am not sure what I am overlooking.

Brandon Svec · ‎04-07-2015

Here is an example of part of a working switch config with Zultys phones where voice VLAN is 100 and data VLAN is 10:

vlan database
vlan 10,20,100
exit
voice vlan id 100

interface fastethernet1
description "RCP and Voice"
switchport trunk allowed vlan add 100
switchport trunk native vlan 10
!
interface fastethernet2
description "RCP and Voice"
switchport trunk allowed vlan add 100
switchport trunk native vlan 10

In your case you need a trunk port with VLAN 20 tagged on your firewall (or an access port to a separate physical port on VLAN 20. The default gateway served to the phone (or put there statically) should be the interface on the IP. Then you may also want to allow inter-vlan routing for admin access or MXIE if you are using it.

One thing to note on Zultys is by default I think the device profile disables LLDP, but on the phones it is enabled out of the box. So the first time a phone downloads its config from the Zultys it may turn of LLDP unless you checked the box to keep it on.

-- please remember to rate and mark answered helpful posts --

View solution in original post

Brandon Svec · ‎04-07-2015

What kind of phones? When you turn on auto VLAN, by default the switch will only offer the voice VLAN to phones that request it vis CDP or LLDP. Otherwise you need to configure each phone manually or via config file to tag to the voice VLAN.

-- please remember to rate and mark answered helpful posts --

joshw · ‎04-07-2015

Yes I quickly found that out. They are Zultys branded phones made by YeaLink. I have VLAN 20 defined in the phone configuration. Even then, they will not talk on the VLAN.

Instead of trunking every port should I set the port to General and make native VLAN 1 untagged and voice VLAN 20 tagged?

Brandon Svec · ‎04-07-2015

Here is an example of part of a working switch config with Zultys phones where voice VLAN is 100 and data VLAN is 10:

vlan database
vlan 10,20,100
exit
voice vlan id 100

interface fastethernet1
description "RCP and Voice"
switchport trunk allowed vlan add 100
switchport trunk native vlan 10
!
interface fastethernet2
description "RCP and Voice"
switchport trunk allowed vlan add 100
switchport trunk native vlan 10

In your case you need a trunk port with VLAN 20 tagged on your firewall (or an access port to a separate physical port on VLAN 20. The default gateway served to the phone (or put there statically) should be the interface on the IP. Then you may also want to allow inter-vlan routing for admin access or MXIE if you are using it.

One thing to note on Zultys is by default I think the device profile disables LLDP, but on the phones it is enabled out of the box. So the first time a phone downloads its config from the Zultys it may turn of LLDP unless you checked the box to keep it on.

-- please remember to rate and mark answered helpful posts --

joshw · ‎04-07-2015

I have to be missing something. My config is almost identical to what you posted. LLDP is on in the device profile but it refuses to grab an IP.

Brandon Svec · ‎04-07-2015

can you try show lldp neighbors when you have a phone plugged in? It should show mac address and vlan of phone even if no IP address. If it does I assume your trouble is with the firewall and interface it is connected to. I don't really understand what the virtual interface on the untangle is. Is it a sub interface? I think untangle is PC based and probably doesn't support that so you might need to connect a 2nd interface to an access port of vlan 20 on the switch.

-- please remember to rate and mark answered helpful posts --

joshw · ‎04-08-2015

Thank you all for your help. It was very strange. I ended up defaulting one of the switches and setting up a basic config. It worked great. Apparently there was something in the config not playing nice. I am planning to default the remaining 6 switches this week and getting this squared away.

Thanks again guys.

cchamorr · ‎04-07-2015

Hello,

I will recommend to disable the AutoVoice VLAN, Do not use General as there is no need for it, just make sure the ports where the phones are connected to are configured as Trunk Ports with Vlan 1 Untagged and Vlan 20 tagged.

Then go to the Dynamic MAC address table and check the ports where the phones are connected to and see what VLAN the switch is assigning to them.

If the phones are receiving VLAN 1 information as opposed to Vlan 20 then you may have to double check the configuration on the phones to make sure that they are configured for VLAN 20 and that they are accepting tagged traffic.

I hope this is helpful.