Implementing Voice VLAN with SG300.

greg.kujawa · ‎08-08-2019

So I have native VLAN 1 for the client/server data hosts. And want to implement VLAN 11 for Polycom IP phones. I have a test lab with an SG300 and it's working fine. All computers that patch into the Polycoms are members of VLAN 1 and the phones themselves are members of VLAN 11.

Taking the SG300 config and applying it to a production SG300 with the same Polycom IP phone models, the results aren't the same. Looking at the MAC dynamic table on the SG300, I can see the phones are listed as being both on VLAN 1 and VLAN 11. The VLAN 11's DHCP server has assigned IP addresses to them. But they aren't routable to try to ping as a result of the "dual membership."

I've looked in the web GUI as well as the CLI config files. They look identical in terms of the Voice VLAN config. I'll paste them below. Any suggestions would be appreciated!

The working SG300:

config-file-header
switchd12afb
v1.3.5.58 / R750_NIK_1_35_647_358
CLI v1.0
set system mode switch 

file SSD indicator plaintext
@
vlan database
vlan 11 
exit
voice vlan id 11 
voice vlan state auto-enabled 
voice vlan cos 5 
voice vlan oui-table add 0001e3 Siemens_AG_phone________
voice vlan oui-table add 00036b Cisco_phone_____________
voice vlan oui-table add 0004f2 Polycom_SP_Phone__
voice vlan oui-table add 00096e Avaya___________________
voice vlan oui-table add 000fe2 H3C_Aolynk______________
voice vlan oui-table add 0060b9 Philips_and_NEC_AG_phone
voice vlan oui-table add 00d01e Pingtel_phone___________
voice vlan oui-table add 00e075 Polycom/Veritel_phone___
voice vlan oui-table add 00e0bb 3Com_phone______________
hostname switchd12afb
username cisco password encrypted bb49db151a5719e3ba5c7a1e26bf9e4ecd516ca3 privilege 15 
ip ssh server
ip ssh password-auth 
clock timezone " " -5
clock summer-time web recurring usa 
clock source sntp
sntp unicast client enable
sntp unicast client poll
sntp server 10.0.0.74 
!
interface vlan 1
 ip address 10.0.5.254 255.255.255.0 
 no ip address dhcp 
!
interface vlan 11
 name voip 
!
interface gigabitethernet1
 switchport trunk allowed vlan add 11 
!
interface gigabitethernet2
 switchport trunk allowed vlan add 11 
!
interface gigabitethernet3
 switchport trunk allowed vlan add 11 
!
interface gigabitethernet4
 switchport trunk allowed vlan add 11 
!
interface gigabitethernet5
 switchport trunk allowed vlan add 11 
!
interface gigabitethernet6
 switchport trunk allowed vlan add 11 
!
interface gigabitethernet7
 switchport trunk allowed vlan add 11 
!
interface gigabitethernet8
 switchport trunk allowed vlan add 11 
!
interface gigabitethernet9
 switchport trunk allowed vlan add 11 
!
interface gigabitethernet10
 switchport trunk allowed vlan add 11 
!
interface gigabitethernet11
 switchport trunk allowed vlan add 11 
!
interface gigabitethernet12
 switchport trunk allowed vlan add 11 
!
interface gigabitethernet13
 switchport trunk allowed vlan add 11 
!
interface gigabitethernet14
 switchport trunk allowed vlan add 11 
!
interface gigabitethernet15
 switchport trunk allowed vlan add 11 
!
interface gigabitethernet16
 switchport trunk allowed vlan add 11 
!
interface gigabitethernet17
 switchport trunk allowed vlan add 11 
!
interface gigabitethernet18
 switchport trunk allowed vlan add 11 
!
interface gigabitethernet19
 switchport trunk allowed vlan add 11 
!
interface gigabitethernet20
 switchport trunk allowed vlan add 11 
!
interface gigabitethernet21
 switchport trunk allowed vlan add 11 
!
interface gigabitethernet22
 switchport trunk allowed vlan add 11 
!
interface gigabitethernet23
 switchport trunk allowed vlan add 11 
!
interface gigabitethernet24
 switchport trunk allowed vlan add 11 
!
interface gigabitethernet25
 switchport trunk allowed vlan add 11 
!
interface gigabitethernet26
 switchport trunk allowed vlan add 11 
!
interface gigabitethernet27
 switchport trunk allowed vlan add 11 
!
interface gigabitethernet28
 switchport trunk allowed vlan add 11 
!
exit
macro auto disabled 
ip default-gateway 10.0.5.1 
ip ssh-client key rsa key-pair

And the "bad" SG300.

config-file-header
switchee5fc3
v1.4.2.4 / R800_NIK_1_4_194_194
CLI v1.0
set system mode switch 

file SSD indicator plaintext
@
vlan database
vlan 11 
exit
voice vlan id 11 
voice vlan state auto-enabled 
voice vlan cos 5 
voice vlan oui-table add 0001e3 Siemens_AG_phone________
voice vlan oui-table add 00036b Cisco_phone_____________
voice vlan oui-table add 0004f2 Polycom_SP_phone
voice vlan oui-table add 00096e Avaya___________________
voice vlan oui-table add 000fe2 H3C_Aolynk______________
voice vlan oui-table add 0060b9 Philips_and_NEC_AG_phone
voice vlan oui-table add 00d01e Pingtel_phone___________
voice vlan oui-table add 00e075 Polycom/Veritel_phone___
voice vlan oui-table add 00e0bb 3Com_phone______________
hostname switchee5fc3
management access-list All-Access
permit 
exit
management access-class All-Access
logging host 10.0.2.5 facility local0 severity warnings 
username cisco password encrypted 7f8feb06a0097899eb262842bad9d1615cd2df7d privilege 15 
ip ssh server
ip ssh password-auth 
snmp-server location "Short North"
snmp-server contact "Greg Kujawa"
clock timezone " " -5
clock summer-time web recurring usa 
clock source sntp
clock source browser
sntp unicast client enable
sntp unicast client poll
sntp server 10.0.2.5 poll 
clock dhcp timezone
!
interface vlan 1
 ip address 10.0.2.254 255.255.255.0 
 no ip address dhcp 
!
interface vlan 11
 name Voip 
!
interface gigabitethernet1
 switchport trunk allowed vlan add 11 
!
interface gigabitethernet2
 switchport trunk allowed vlan add 11 
!
interface gigabitethernet3
 switchport trunk allowed vlan add 11 
!
interface gigabitethernet4
 switchport trunk allowed vlan add 11 
!
interface gigabitethernet5
 switchport trunk allowed vlan add 11 
!
interface gigabitethernet6
 switchport trunk allowed vlan add 11 
!
interface gigabitethernet7
 switchport trunk allowed vlan add 11 
!
interface gigabitethernet8
 switchport trunk allowed vlan add 11 
!
interface gigabitethernet9
 switchport trunk allowed vlan add 11 
!
interface gigabitethernet10
 switchport trunk allowed vlan add 11 
!
interface gigabitethernet11
 switchport trunk allowed vlan add 11 
!
interface gigabitethernet12
 switchport trunk allowed vlan add 11 
!
interface gigabitethernet13
 switchport trunk allowed vlan add 11 
!
interface gigabitethernet14
 switchport trunk allowed vlan add 11 
!
interface gigabitethernet15
 switchport trunk allowed vlan add 11 
!
interface gigabitethernet16
 switchport trunk allowed vlan add 11 
!
interface gigabitethernet17
 switchport trunk allowed vlan add 11 
!
interface gigabitethernet18
 switchport trunk allowed vlan add 11 
!
interface gigabitethernet19
 switchport trunk allowed vlan add 11 
!
interface gigabitethernet20
 switchport trunk allowed vlan add 11 
!
interface gigabitethernet21
 switchport trunk allowed vlan add 11 
!
interface gigabitethernet22
 switchport trunk allowed vlan add 11 
!
interface gigabitethernet23
 switchport trunk allowed vlan add 11 
!
interface gigabitethernet24
 switchport trunk allowed vlan add 11 
!
interface gigabitethernet25
 switchport trunk allowed vlan add 11 
!
interface gigabitethernet26
 switchport trunk allowed vlan add 11 
!
interface gigabitethernet27
 switchport trunk allowed vlan add 11 
!
interface gigabitethernet28
 switchport trunk allowed vlan add 11 
!
exit
macro auto disabled 
ip default-gateway 10.0.2.1 
ip ssh-client key rsa key-pair

The only real difference I see is the software version running on the SG300's. The working config is an older version. I wouldn't think this has anything to do with the issue though.

greg.kujawa · ‎08-08-2019

I did see mention of some Voice VLAN bugs in newer Cisco Sx300 software versions --> https://community.cisco.com/t5/small-business-switches/sg300-general-mode-with-voice-vlan-problem-after-ios-upgrade/td-p/2665283#comment-10277306. That's about the only thing I can think of. Since I have looked side-by-side at the working config and the non-working config. And the Voice VLAN setups are the same. So that's about the only thing I can think of...

greg.kujawa · ‎08-08-2019

If there are any Cisco employees online reading this, does anyone know what version fixed the Voice VLAN issues? The latest version I see available for download is 1.4.10.6. I'd rather upgrade than downgrade the firmware image really. Plus, if I update the version either way, do I need to totally factory reset the switch and reconfigure from scratch?