02-01-2018 08:41 AM - edited 03-08-2019 01:40 PM
Solved! Go to Solution.
02-01-2018 09:07 AM
When using the Voice Vlan, the switch identifies the Cisco IP phone using CDP and puts that traffic into the Voice Vlan while "untagged" data traffic (traffic from the PC) is put into the access vlan. If you're using a Cisco IP phone, the Voice vlan function will work as expected (other phones may require additional configuration on the phone for the dot1Q tag). Technically, No, you do not "need" Vlan 100. If you removed the command, "switchport access vlan 100" from the interface, the switch would still put Cisco VOIP traffic in the Voice vlan 101 and would put data traffic (untagged) into the default Vlan of Vlan 1. From a security standpoint, it is not recommended to use the default Vlan (Vlan 1) for your production network traffic, but from a technical standpoint, it would work just fine. For other devices like printers and AP's, if you want to separate your traffic, you could make separate Vlans for both of them, or you could put them on the same Vlan of the computers depending on the size of your broadcast domain
02-01-2018 08:59 AM
Your configuration looks fine. It's considered best practice to use something other than the default vlan for data, which you've done with VLAN 100. Also, you can not remove VLAN1. What you do with AP's, printers, etc. is really a matter of personal preference. I find there's a fine line between segmentation and unneeded complexity.
02-01-2018 09:05 AM
Thanks. So for all printers, wap's etc.. I would need to put them in access mode vlan 100 ports?
02-01-2018 09:07 AM
When using the Voice Vlan, the switch identifies the Cisco IP phone using CDP and puts that traffic into the Voice Vlan while "untagged" data traffic (traffic from the PC) is put into the access vlan. If you're using a Cisco IP phone, the Voice vlan function will work as expected (other phones may require additional configuration on the phone for the dot1Q tag). Technically, No, you do not "need" Vlan 100. If you removed the command, "switchport access vlan 100" from the interface, the switch would still put Cisco VOIP traffic in the Voice vlan 101 and would put data traffic (untagged) into the default Vlan of Vlan 1. From a security standpoint, it is not recommended to use the default Vlan (Vlan 1) for your production network traffic, but from a technical standpoint, it would work just fine. For other devices like printers and AP's, if you want to separate your traffic, you could make separate Vlans for both of them, or you could put them on the same Vlan of the computers depending on the size of your broadcast domain
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide