让 VLAN 在 Polycom VVX 电话和 Cisco SG300 交换机之间工作

tag-icon tag-icon switch vlan cisco-asa polycom
让 VLAN 在 Polycom VVX 电话和 Cisco SG300 交换机之间工作

我遵循了此处列出的说明 -->https://community.polycom.com/t5/VoIP-SIP-Phones/FAQ-Utilizing-VLAN-s-with-Polycom-phones/td-p/38100.但未能如愿。

因此,我有计算机(VLAN 1),这些计算机接入 Polycom VVX 电话的底部,我希望将其分离到 VLAN 11 中。

我在 Cisco SG300-28PP 交换机上禁用了 CDP 和 LLDP。我定义了 VLAN 11,并将其作为允许的中继添加到 Cisco SG300-28PP 交换机上的所有接口。我还在 Polycom VVX 上禁用了这两个协议。我在 Polycom VVX 上启用了选项 128 的固定发现。我在 DHCP 服务器(在本例中为 Windows 2012 R2 框)上为 VLAN-A=11; 添加了选项 128。虽然计算机通过 VLAN 1 正常联网,但电话不会作为 VLAN 11 网络的一部分获取 DHCP 地址。

这两个网络从 Cisco SG300-28PP 接入 Cisco ASA 5505,一个接口用于 VLAN 1,另一个接口用于 VLAN 11。我在 Cisco ASA 5505 上设置了 DHCP 中继,以便来自 VLAN 11(10.4.4.0/24)的请求被转发到 VLAN 1(10.0.4.0/24)上的 10.0.4.5。

以下是交换机配置。以及 ASA 配置的片段和定义的 DHCP 范围的屏幕截图。您知道我可能遗漏了什么吗?

转变:

config-file-header
switchae111f
v1.3.5.58 / R750_NIK_1_35_647_358
CLI v1.0
set system mode switch 

file SSD indicator plaintext
@
no cdp run 
vlan database
vlan 11 
exit
voice vlan id 11 
voice vlan state disabled 
voice vlan oui-table add 0001e3 Siemens_AG_phone________
voice vlan oui-table add 00036b Cisco_phone_____________
voice vlan oui-table add 00096e Avaya___________________
voice vlan oui-table add 000fe2 H3C_Aolynk______________
voice vlan oui-table add 0060b9 Philips_and_NEC_AG_phone
voice vlan oui-table add 00d01e Pingtel_phone___________
voice vlan oui-table add 00e075 Polycom/Veritel_phone___
voice vlan oui-table add 00e0bb 3Com_phone______________
no lldp run 
hostname switchae111f
management access-list All
permit 
exit
management access-list SSH
permit service ssh 
exit
management access-class All
username cisco password encrypted ------ privilege 15 
ip ssh server
ip ssh password-auth 
ip ssh-client server authentication 
clock timezone " " -5
clock summer-time web recurring usa 
clock source sntp
clock source browser
sntp unicast client enable
sntp unicast client poll
sntp server 10.0.4.5 
clock dhcp timezone
!
interface vlan 11
 name voip 
!
interface gigabitethernet1
 switchport trunk allowed vlan add 11 
!
interface gigabitethernet2
 switchport trunk allowed vlan add 11 
!
interface gigabitethernet3
 switchport trunk allowed vlan add 11 
!
interface gigabitethernet4
 switchport trunk allowed vlan add 11 
!
interface gigabitethernet5
 switchport trunk allowed vlan add 11 
!
interface gigabitethernet6
 switchport trunk allowed vlan add 11 
!
interface gigabitethernet7
 switchport trunk allowed vlan add 11 
!
interface gigabitethernet8
 switchport trunk allowed vlan add 11 
!
interface gigabitethernet9
 switchport trunk allowed vlan add 11 
!
interface gigabitethernet10
 switchport trunk allowed vlan add 11 
!
interface gigabitethernet11
 switchport trunk allowed vlan add 11 
!
interface gigabitethernet12
 switchport trunk allowed vlan add 11 
!
interface gigabitethernet13
 switchport trunk allowed vlan add 11 
!
interface gigabitethernet14
 switchport trunk allowed vlan add 11 
!
interface gigabitethernet15
 switchport trunk allowed vlan add 11 
!
interface gigabitethernet16
 switchport trunk allowed vlan add 11 
!
interface gigabitethernet17
 switchport trunk allowed vlan add 11 
!
interface gigabitethernet18
 switchport trunk allowed vlan add 11 
!
interface gigabitethernet19
 switchport trunk allowed vlan add 11 
!
interface gigabitethernet20
 switchport trunk allowed vlan add 11 
!
interface gigabitethernet21
 switchport trunk allowed vlan add 11 
!
interface gigabitethernet22
 switchport trunk allowed vlan add 11 
!
interface gigabitethernet23
 switchport trunk allowed vlan add 11 
!
interface gigabitethernet24
 switchport trunk allowed vlan add 11 
!
interface gigabitethernet25
 switchport trunk allowed vlan add 11 
!
interface gigabitethernet26
 switchport trunk allowed vlan add 11 
!
interface gigabitethernet27
 switchport trunk allowed vlan add 11 
!
interface gigabitethernet28
 switchport trunk allowed vlan add 11 
!
exit
no macro auto processing cdp 
no macro auto processing lldp 
ip ssh-client key rsa key-pair

作为一个:

names
!
interface Ethernet0/0
 switchport access vlan 2
!
interface Ethernet0/1
!
interface Ethernet0/2
 switchport access vlan 12
!
interface Ethernet0/3
 switchport access vlan 11
!
interface Ethernet0/4
!
interface Ethernet0/5
!
interface Ethernet0/6
!
interface Ethernet0/7
!
interface Vlan1
 nameif inside
 security-level 100
 ip address 10.0.4.1 255.255.255.0 
!
interface Vlan2
 description time-warner-bc-static
 nameif outside
 security-level 0
 ip address 74.143.200.234 255.255.255.248 
!
interface Vlan11
 nameif voip
 security-level 100
 ip address 10.4.4.1 255.255.255.0 
!
interface Vlan12
 description Cisco RV110W VPN Firewall
 nameif wireless
 security-level 99
 ip address 192.168.100.1 255.255.255.0 
!

same-security-traffic permit inter-interface

!
dhcprelay server 10.0.4.5 inside
dhcprelay enable wireless
dhcprelay enable voip
dhcprelay timeout 60

VoIP DHCP 范围

答案1

电话会在 DHCP 提供消息中查找自定义选项 (128),以了解应使用哪个 VLAN。必须在 DHCP 作用域中为本机(未标记)VLAN 配置此选项。

手机开机流程为:

  1. 启动并在本征 VLAN(本例中为 Vlan 1)上生成 DHCP 发现消息。
  2. DHCP 服务器以 DHCP 提供消息进行响应。此消息包含自定义选项 128。选项字符串包括电话应使用哪个 VLAN。(“VLAN-A=11;”)。
  3. 电话重新启动并在 VLAN 11 上生成 DHCP 发现消息(标记有 VID=11)。
  4. DHCP 服务器以来自配置的 VLAN 11 范围的报价进行响应。
  5. 电话使用 VLAN 11 上的地址,并继续其启动过程。

相关内容