I am investigating a private vlan solution to accomplish an end goal of host isolation. In the end I'd like to see my endpoints not able to communicate with each other for additional privacy/security.
While experimenting with this I ran into the "switchport protected" option on a per-port basis. It appears to work fine for most of my use cases, except that when another device on the same switch/vlan attempts to call the other over Cisco Jabber the audio is not heard on either side. I also cannot send screen shares or share my video over Jabber. While the use case may be minimal (two users trying to call each other on the same switch stack, which is likely the same floor of the building), I need to ensure that all current uses transfer over during the final change window.
My question is this: Does Cisco Jabber use the data vlan for all traffic, or is there a way to have it tag its traffic outbound as the voice vlan?
I'm investigating an alternative solution here to have the data vlan be an isolated pvlan and the voice vlan be a community pvlan, allowing inter-floor voice vlan traffic to establish as normal. This of course relies on the idea that Cisco Jabber uses the voice vlan, or there is some way to separate out those traffic flows to permit them.
1. Log into CLI of DNAC:
ssh maglev@< DNAC appliance IP> -p 2222
2. Run this curl command to get token to get member id:
curl -X POST -u admin:<admin user password> -H -V https://<CLUSTER-IP>/api/system/v1/identitymgmt/token
Enterprise Switching Business Unit is glad to announce Beta release 16.12.2 for all Catalyst 9200/9300/9400/9500/9600 and Catalyst 3650/3850 Platforms. This release is made available to allow users to test, evaluate and share fee...
Do you currently have hands-on networking experience? If you do, we'd love to hear from you!
Your feedback will be reviewed and analyzed by our team to directly influence a networking management and monitoring product.
Take the 20-min or les...