Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1650
Views
15
Helpful
5
Replies

CISCO SMB NETWORK PROJECT

Go to solution
I-TECH
Level 1
Level 1

‎01-25-2020 12:36 PM - edited ‎01-25-2020 12:46 PM

Good Afternoon All-

We are working on a new networking project, the client has very limited funding resources.

 

REQUIREMENTS:

Separate VLANS for VOICE | DATA | SECURITY SYSTEMS | WIRELESS.

But, Need to Maintain Connections to Domain Resources for DNS and DHCP Server Access connected on SW1.

 

CURRENT HARDWARE:

FW1 | CISCO ASA5520 | Routing Mode

SW1 | CISCO SG300-28 | L3 Routing Mode | DOMAIN SERVERS | MANAGED

SW2 | CISCO SG300-28 | L3 Routing Mode | SECURITY SYSTEMS & WIRELESS | MANAGED

SW3 | CISCO SG300-28 | PoE | VOICE PHONES | UN-MANAGED

 

SW1 -> SW3 | PORTS: 24 -> 28 | TRUNKS

 

VLANS:

VLAN 1 DEFAULT | x.x.1.0 | ALL PORTS | UN-TAGGED

VLAN 10 DATA    | x.x.10.0 |ALL PORTS | TAGGED

VLAN 20 VOICE   | x.x.20.0 | ALL PORTS | TAGGED

VLAN 30 WIRELESS | x.x.30.0 | ALL PORTS | TAGGED

VLAN 40 SECURITY | x.x.40.0 | ALL PORTS | TAGGED

 

All Devices are configured with their respective VLAN IP Addresses.

All Workstations are connected to the network via the Cisco IP Phones...

How can we configure VOICE to work and still get Domain Resource Access?

 

Thanks...

Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
NinjaPirate
Level 1
Level 1

‎01-25-2020 05:21 PM - edited ‎01-25-2020 05:24 PM

(config)#voice vlan id 20
(config)#voice vlan state auto-enabled
(config)#interface range fa1-23
(config-if-range)#switchport trunk native vlan 10
(config-if-range)#switchport trunk allowed vlan add 20

View solution in original post

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame
In response to I-TECH

‎02-03-2020 12:47 AM

A good way to do it is to understanding the setup and giving the right direction.

 

Your information not given detailed which IP address going to be where? since its L3 where is the Gateways and SVI configured?

 

The main issue is separating the traffic on SW1 and SW2 BUT Allowing VOICE TRAFFIC to SW3 which is a Cisco Non-Managed Switch.

 

BB -A couple of ways to do it is - Segment the network or handover to FW as gateway make FW rules.

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

View solution in original post

5 Replies 5

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame

‎01-25-2020 04:38 PM

Draw a simple network diagram to understand the network Flow. So you can implement ACL / FW Rules to meet your requirements.

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Go to solution
I-TECH
Level 1
Level 1
In response to balaji.bandi

‎02-02-2020 09:45 AM

@bb
Thanks for your reply...
However, this response is not detailed enough...
ACL's are already set on the ASA for the VLANS.
The main issue is separating the traffic on SW1 and SW2 BUT Allowing VOICE TRAFFIC to SW3 which is a Cisco Non-Managed Switch.
The Cisco IP Phones Live Here!
Workstations's are connected to the IP Phone PC Port #2
Workstations will need access to Domain Resources for DNS, DHCP, Etc...

Awaiting Responses...
Thanks Again.
0 Helpful

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame
In response to I-TECH

‎02-03-2020 12:47 AM

A good way to do it is to understanding the setup and giving the right direction.

 

Your information not given detailed which IP address going to be where? since its L3 where is the Gateways and SVI configured?

 

The main issue is separating the traffic on SW1 and SW2 BUT Allowing VOICE TRAFFIC to SW3 which is a Cisco Non-Managed Switch.

 

BB -A couple of ways to do it is - Segment the network or handover to FW as gateway make FW rules.

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Go to solution
NinjaPirate
Level 1
Level 1

‎01-25-2020 05:21 PM - edited ‎01-25-2020 05:24 PM

(config)#voice vlan id 20
(config)#voice vlan state auto-enabled
(config)#interface range fa1-23
(config-if-range)#switchport trunk native vlan 10
(config-if-range)#switchport trunk allowed vlan add 20

Go to solution
I-TECH
Level 1
Level 1
In response to NinjaPirate

‎02-02-2020 09:36 AM

@NinjaPirate
Thank you for responding...
Which Switch should this apply to:
SW1 | MANAGED | DOMAIN RESOURCES
SW2 | MANAGED |DOMAIN RESOURCES
SW3 PoE UN-MANAGED | IP Phones Live Here!
???

Thanks...
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card