Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3663
Views
3
Helpful
10
Replies

trouble on getting an ip address for voice vlan in certain switches

farhanshariam
Level 1
Level 1

‎03-03-2014 08:34 PM - edited ‎03-07-2019 06:30 PM

hi,

i had setup a new switch on a new building on my workplace and it seems that the switch is having problem releasing the ip add for the ip phone but have no problem at all with other devices.

the switch configuration is not the main problem i guess because it is pretty much the same with the other switches. can anyone having this kind of problem because the other switches did not giving me this kind of issue.

here is the mac-add table for the access switch

944    0015.6552.d914    STATIC      Gi1/0/12

here is the result when i try to filter it on an arp table.

9-5-cor1.net>sh arp | i 0015.6552.d914

9-5-cor1.net>

nothing on the arp table

i would be very happy to get an advice or solution from anyone. thanks

Labels:
0 Helpful
10 Replies 10

Dragan Ilic
Level 4
Level 4

‎03-04-2014 02:13 AM

Could you post part of config related to voice?

HTH,
Dragan

HTH,
Dragan
0 Helpful

farhanshariam
Level 1
Level 1
In response to Dragan Ilic

‎03-05-2014 10:52 PM

on core switch 1

interface Vlan944

ip address 192.168.1.252 255.255.252.0

ip helper-address 192.168.16.13

no ip redirects

standby 1 ip 192.168.1.254

standby 1 timers 5 15

standby 1 priority 110

standby 1 preempt

end

on core switch 2

interface Vlan944

ip address

192.168.1.253 255.255.252.0

ip helper-address 192.168.16.13

no ip redirects

standby 1 ip 192.168.1.254

standby 1 timers 5 15

standby 1 priority 115

standby 1 preempt

end

on trunk port on core switch

interface GigabitEthernet2/24

switchport

switchport trunk native vlan 999

switchport trunk allowed vlan 900-999

switchport mode trunk

switchport nonegotiate

end

on the access port on access switch

interface GigabitEthernet1/0/10

switchport access vlan 910

switchport mode access

switchport voice vlan 944

switchport port-security maximum 2

switchport port-security maximum 2 vlan access

switchport port-security

switchport port-security aging time 2

switchport port-security violation restrict

switchport port-security aging type inactivity

srr-queue bandwidth share 1 30 35 5

priority-queue out

mls qos trust cos

auto qos trust

spanning-tree portfast

spanning-tree bpduguard enable

end

on trunk port on access switch

interface GigabitEthernet1/0/50

switchport trunk native vlan 999

switchport trunk allowed vlan 900-999

switchport mode trunk

switchport nonegotiate

srr-queue bandwidth share 1 30 35 5

priority-queue out

mls qos trust cos

auto qos trust

spanning-tree portfast disable

ip dhcp snooping trust

end

hope this helps.

0 Helpful

Jeff Van Houten
Level 5
Level 5

‎03-04-2014 07:54 AM

Does the access switch have an svi in the 944 vlan? If not, the MAC address will never show in the arp table because ARPs are used to locate mac addresses in the same ip subnet as the interface that is sourcing the communication. No int vlan 944, no arp. The fact that the switch sees the entry in the mac addr table means the switch is likely doing its job. If you can't get dhcp to assign an address to a phone, I would suggest you check
The port configuration
The trunk configuration from this switch to the upstream
Where does routing occur for this subnet
Where is the dhcp server in all this? Same subnet or different? If different, do you have ip dhcp helper at the routing interface?


Sent from Cisco Technical Support iPad App

0 Helpful

farhanshariam
Level 1
Level 1
In response to Jeff Van Houten

‎03-05-2014 11:01 PM

i have posted my configurations . hope those will answer your questions

0 Helpful

Dragan Ilic
Level 4
Level 4
In response to farhanshariam

‎03-06-2014 12:36 AM

Do you see any logs related to your port-security config? These lines:

switchport port-security maximum 2

switchport port-security maximum 2 vlan access

I would preconfigure this in some way:

option 1:

switchport port-security maximum 2

option 2:

switchport port-security maximum 1 vlan access

switchport port-security maximum 1 vlan voice

It seems like your config is giving everything to access vlan (PC) and nothing left for phones...I can't confirm this but you can test with changing these parameters...

HTH,
Dragan

HTH,
Dragan
0 Helpful

Guru Mysoruu
Level 1
Level 1

‎03-06-2014 01:40 AM

Hi,

the below command should resolve all your problems.

Switch(config-if)#switchport voice vlan

Both ipphone and switch,starts communicating with the help of cdp..they both exchange information,once switch identifies end device has a phone,it will divert to voice vlan.so once it  get divert to voice vlan,everything will work fine.

Regards,

Guru

0 Helpful

Dragan Ilic
Level 4
Level 4
In response to Guru Mysoruu

‎03-06-2014 01:42 AM

I think he has that on access switch:

"switchport voice vlan 944"

HTH,
Dragan

HTH,
Dragan

srprasaad_nj
Level 1
Level 1
In response to Dragan Ilic

‎03-06-2014 06:36 AM

Hi Muhammad,

.Try to do changes on port-secuirty config as belwo  ,sicne your config says allowed mac address

You are limiting the number of mac-addresses learned on a switch port for only data vlan. The thing to remember is that the maximum number of mac addresses learned on a port must be additive  number of mac addresses you have defined for the data and voice vlans. So if you would only want 2 MAC addresses learned on the data vlan and 1 on the voice vlan then the max number of maximum addresses you have for the port would be 3. Also note that the option for the max number of mac addresses learned for a voice vlan or data vlan within the port-security command will not show up until you tell the switchport about these vlans

Switch(config)# interface fastethernet0/1
Switch(config-if)# switchport mode access


Switch(config-if)# switchport access vlan 910

Switch(config-if)# switchport voice vlan 944

Switch(config-if)# switchport port-security

Switch(config-if)# switchport port-security maximum 3

Switch(config-if)# switchport port-security violation restrict

Switch(config-if)# switchport port-security mac-address sticky

Switch(config-if)# switchport port-security maximum 2 vlan access

Switch(config-if)# switchport port-security maximum 1 vlan voice

Also,Can you try removing the comamnd switchport nonegotiate on both the trunk ports from Core -> Access and Access -> Core. I mean to say this will not solve teh problem but yeah...woth this commamnd you are tirning off the DTP. If you obsrever an ything strange then add it backup. But idelaly it deosn't matter truningo ff DTP between two trunk ports. IT's ideal to do when switch is connected to a high latency specific serevsr or application serevrs.

0 Helpful

farhanshariam
Level 1
Level 1

‎03-06-2014 07:49 PM

hi guys,

i did find something interesting in the access switch, when when i debug dhcp i got this:

DHCPD: No option 125

note: i did use an external dhcp server


0 Helpful

carlos59
Level 1
Level 1

‎10-18-2023 06:47 AM

I think .. as i lerned in CCNA when you assign a port to voice VLAN you can only assign only one more data-VLAN and nothing more to the port.. and you can only configure that port mode access not as trunk so it should looks as follow :

 

S3(config)# vlan 20

S3(config-vlan)# name student

S3(config-vlan)# vlan 150

S3(config-vlan)# name VOICE

S3(config-vlan)# exit

S3(config)# interface fa0/18

S3(config-if)# switchport mode access

S3(config-if)# switchport access vlan 20

S3(config-if)# mls qos trust cos

S3(config-if)# switchport voice vlan 150

S3(config-if)# end S3#

and another question why do you want to set all these security configs when the port only can be assign to 2VLANs ?

i am still learnig my CCNA part 2
i hope i could help 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card