01-12-2016 01:33 PM - edited 03-08-2019 03:22 AM
Hi,
We have a project of creating a seprate subnet for VOIP phones where we are having some issues and need some assist.
In current scenario, the VOIP phones, VOIP Server and the machines are placed on default VLAN (1) (192.168.1.1/24) where the GW of phones are configured on Sonicwall Firewall. Now, we have setup the VOIP GW (192.168.4.1/24) on an another interface on Sonicwall firewall but the client doesn't want to place the VOIP server on VOIP VLAN so we have left the server in DATA VLAN. Here we are using Polucom and Cisco phones. Everything is allowed in between the DATA and VOIP network and DHCP is configured for VOIP to the VOIP interface on the FW. Now once I connect the phone with firewall configured interface, it works fine but doesn't send a request to FTP for uploading the LOGO and doesn't update the time stamp even no issue with internal and external dialing. The logo and time stamp works when I configure the phone manually the FTP and time stamp that the client wants we don't need manual efforts to each phone.
Can somebody explain me what issue is causing here and would be glad if someone provide me solution to figure this out?
01-12-2016 03:47 PM
I assume the FTP and timestamp come from the VOIP Server. which is on a different vlan. And all access between the voice and data vlan go thru the firewall.
does FTP and timestamp work ok if you put a phone on the same vlan as the server?
if this is ok then most probably something on the firewall setup needs checking
01-12-2016 03:49 PM
Yes the phone works fine when I connect back to DATA VLAN and when I connect the laptop on VOIP interface then its reachable to the VOIP and FTP server without issue. Thanks.
01-12-2016 04:13 PM
you say when you put the laptop on the VOIP vlan the FTP server is reachable, can you do an FTP data trsnsfer to the laptop?
01-12-2016 04:43 PM
Yes it's working.
01-12-2016 05:34 PM
ok most probably the configuration of the phones.
what type of phones are you using? have they been setup correctly with the IP address of the FTP server?
01-13-2016 01:22 AM
No actually the phone doesn't have FTP IP configured so once I configure FTP on phone and change time stamp manually through browser when the phone is connected to VOIP VLAN (192.168.4.x) then it works w/o issue but client is saying he needs the same scenario as the DATA VLAN has where client register the MAC ID on VOIP server I believe and once he connects the phone on network it register the phone, LOGO, correct time-stamp automatically so he needs to have the same solution in other VOIP VLAN too.
Please note that we are testing the registered phone moved from DATA VLAN to VOIP so I just want to make sure once we connect the phone to VOIP VLAN then there is no configuration changes required. We have also configured DHCP with option (FTP IP/160) that I searched on Google. Client is saying there are no hits on FTP server by phone unless I configure manually that client doesn't want. Thanks.
01-13-2016 08:47 AM
What IS being set up on the phones that are connecting on the non-data VLAN? You should be able to see on the phones whether they have a valid IP address, gateway, FTP server, which should be supplied from the DHCP server. If not, then check the DHCP server and firewall permissions for this kind of traffic.
01-13-2016 12:57 AM
Start with the firewall logs.
Look at traffic with a Source IP Address of the phone subnet and a Destination of the TFTP server, does it show any deny messages?
If you have tried with multiple phones and it works if you plug a phone into the Data Vlan then its likely a routing or firewall issue.
01-13-2016 01:27 AM
No actually the phone doesn't have FTP IP configured so once I configure FTP on phone and change time stamp manually through browser when the phone is connected to VOIP VLAN (192.168.4.x) then it works w/o issue but client is saying he needs the same scenario as the DATA VLAN has where client register the MAC ID on VOIP server I believe and once he connects the phone on network it register the phone, LOGO, correct time-stamp automatically so he needs to have the same solution in other VOIP VLAN too.
Please note that we are testing the registered phone moved from DATA VLAN to VOIP so I just want to make sure once we connect the phone to VOIP VLAN then there is no configuration changes required. We have also configured DHCP with option (FTP IP/160) that I searched on Google. Client is saying there are no hits on FTP server by phone unless I configure manually that client doesn't want. Thanks.
01-13-2016 06:52 AM
I am confused.
Can you answer this.
Are you using DHCP Option 150 (or the equivalent for Non Cisco phones) on the Voice DHCP Scope?
01-13-2016 08:01 AM
I used FTP IP/160. Should I use 150 instead for remote phones? Also wondering why it's working fine when the phone connects in DATA VLAN where the VOIP server is placed. Thanks.
01-13-2016 08:03 AM
Are they Cisco or Polycom phones?
01-13-2016 08:24 AM
Polycom.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide