01-25-2020 12:36 PM - edited 01-25-2020 12:46 PM
Good Afternoon All-
We are working on a new networking project, the client has very limited funding resources.
REQUIREMENTS:
Separate VLANS for VOICE | DATA | SECURITY SYSTEMS | WIRELESS.
But, Need to Maintain Connections to Domain Resources for DNS and DHCP Server Access connected on SW1.
CURRENT HARDWARE:
FW1 | CISCO ASA5520 | Routing Mode
SW1 | CISCO SG300-28 | L3 Routing Mode | DOMAIN SERVERS | MANAGED
SW2 | CISCO SG300-28 | L3 Routing Mode | SECURITY SYSTEMS & WIRELESS | MANAGED
SW3 | CISCO SG300-28 | PoE | VOICE PHONES | UN-MANAGED
SW1 -> SW3 | PORTS: 24 -> 28 | TRUNKS
VLANS:
VLAN 1 DEFAULT | x.x.1.0 | ALL PORTS | UN-TAGGED
VLAN 10 DATA | x.x.10.0 |ALL PORTS | TAGGED
VLAN 20 VOICE | x.x.20.0 | ALL PORTS | TAGGED
VLAN 30 WIRELESS | x.x.30.0 | ALL PORTS | TAGGED
VLAN 40 SECURITY | x.x.40.0 | ALL PORTS | TAGGED
All Devices are configured with their respective VLAN IP Addresses.
All Workstations are connected to the network via the Cisco IP Phones...
How can we configure VOICE to work and still get Domain Resource Access?
Thanks...
Solved! Go to Solution.
01-25-2020 05:21 PM - edited 01-25-2020 05:24 PM
(config)#voice vlan id 20
(config)#voice vlan state auto-enabled
(config)#interface range fa1-23
(config-if-range)#switchport trunk native vlan 10
(config-if-range)#switchport trunk allowed vlan add 20
02-03-2020 12:47 AM
A good way to do it is to understanding the setup and giving the right direction.
Your information not given detailed which IP address going to be where? since its L3 where is the Gateways and SVI configured?
The main issue is separating the traffic on SW1 and SW2 BUT Allowing VOICE TRAFFIC to SW3 which is a Cisco Non-Managed Switch.
BB -A couple of ways to do it is - Segment the network or handover to FW as gateway make FW rules.
01-25-2020 04:38 PM
Draw a simple network diagram to understand the network Flow. So you can implement ACL / FW Rules to meet your requirements.
02-02-2020 09:45 AM
02-03-2020 12:47 AM
A good way to do it is to understanding the setup and giving the right direction.
Your information not given detailed which IP address going to be where? since its L3 where is the Gateways and SVI configured?
The main issue is separating the traffic on SW1 and SW2 BUT Allowing VOICE TRAFFIC to SW3 which is a Cisco Non-Managed Switch.
BB -A couple of ways to do it is - Segment the network or handover to FW as gateway make FW rules.
01-25-2020 05:21 PM - edited 01-25-2020 05:24 PM
(config)#voice vlan id 20
(config)#voice vlan state auto-enabled
(config)#interface range fa1-23
(config-if-range)#switchport trunk native vlan 10
(config-if-range)#switchport trunk allowed vlan add 20
02-02-2020 09:36 AM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide