Eu segui as instruções listadas aqui --> https://community.polycom.com/t5/VoIP-SIP-Phones/FAQ-Utilizing-VLAN-s-with-Polycom-phones/td-p/38100 . Mas veio curto.
Então, eu tenho computadores (VLAN 1) e esses patch na parte inferior dos telefones Polycom VVX, que desejo separar na VLAN 11.
Desabilitei o CDP e o LLDP no switch Cisco SG300-28PP. E eu defini a VLAN 11 e a adicionei como um tronco permitido para todas as interfaces no switch Cisco SG300-28PP. Também desativei esses dois protocolos nos Polycom VVX. Habilitei uma descoberta fixa para a Opção 128 nos Polycom VVX. Adicionei a opção 128 para VLAN-A=11; no servidor DHCP (neste caso, uma caixa do Windows 2012 R2). Embora os computadores estejam bem conectados em rede via VLAN 1, os telefones não obteriam um endereço DHCP como parte da rede VLAN 11.
As duas redes vêm do Cisco SG300-28PP em um Cisco ASA 5505, uma interface para VLAN 1 e outra interface para VLAN 11. /24) são encaminhados para 10.0.4.5 na VLAN 1 (10.0.4.0/24).
Abaixo está a configuração do switch. Junto com um trecho da configuração ASA e uma captura de tela do escopo DHCP definido. Alguma idéia do que eu poderia estar perdendo?
Trocar:
config-file-header
switchae111f
v1.3.5.58 / R750_NIK_1_35_647_358
CLI v1.0
set system mode switch
file SSD indicator plaintext
@
no cdp run
vlan database
vlan 11
exit
voice vlan id 11
voice vlan state disabled
voice vlan oui-table add 0001e3 Siemens_AG_phone________
voice vlan oui-table add 00036b Cisco_phone_____________
voice vlan oui-table add 00096e Avaya___________________
voice vlan oui-table add 000fe2 H3C_Aolynk______________
voice vlan oui-table add 0060b9 Philips_and_NEC_AG_phone
voice vlan oui-table add 00d01e Pingtel_phone___________
voice vlan oui-table add 00e075 Polycom/Veritel_phone___
voice vlan oui-table add 00e0bb 3Com_phone______________
no lldp run
hostname switchae111f
management access-list All
permit
exit
management access-list SSH
permit service ssh
exit
management access-class All
username cisco password encrypted ------ privilege 15
ip ssh server
ip ssh password-auth
ip ssh-client server authentication
clock timezone " " -5
clock summer-time web recurring usa
clock source sntp
clock source browser
sntp unicast client enable
sntp unicast client poll
sntp server 10.0.4.5
clock dhcp timezone
!
interface vlan 11
name voip
!
interface gigabitethernet1
switchport trunk allowed vlan add 11
!
interface gigabitethernet2
switchport trunk allowed vlan add 11
!
interface gigabitethernet3
switchport trunk allowed vlan add 11
!
interface gigabitethernet4
switchport trunk allowed vlan add 11
!
interface gigabitethernet5
switchport trunk allowed vlan add 11
!
interface gigabitethernet6
switchport trunk allowed vlan add 11
!
interface gigabitethernet7
switchport trunk allowed vlan add 11
!
interface gigabitethernet8
switchport trunk allowed vlan add 11
!
interface gigabitethernet9
switchport trunk allowed vlan add 11
!
interface gigabitethernet10
switchport trunk allowed vlan add 11
!
interface gigabitethernet11
switchport trunk allowed vlan add 11
!
interface gigabitethernet12
switchport trunk allowed vlan add 11
!
interface gigabitethernet13
switchport trunk allowed vlan add 11
!
interface gigabitethernet14
switchport trunk allowed vlan add 11
!
interface gigabitethernet15
switchport trunk allowed vlan add 11
!
interface gigabitethernet16
switchport trunk allowed vlan add 11
!
interface gigabitethernet17
switchport trunk allowed vlan add 11
!
interface gigabitethernet18
switchport trunk allowed vlan add 11
!
interface gigabitethernet19
switchport trunk allowed vlan add 11
!
interface gigabitethernet20
switchport trunk allowed vlan add 11
!
interface gigabitethernet21
switchport trunk allowed vlan add 11
!
interface gigabitethernet22
switchport trunk allowed vlan add 11
!
interface gigabitethernet23
switchport trunk allowed vlan add 11
!
interface gigabitethernet24
switchport trunk allowed vlan add 11
!
interface gigabitethernet25
switchport trunk allowed vlan add 11
!
interface gigabitethernet26
switchport trunk allowed vlan add 11
!
interface gigabitethernet27
switchport trunk allowed vlan add 11
!
interface gigabitethernet28
switchport trunk allowed vlan add 11
!
exit
no macro auto processing cdp
no macro auto processing lldp
ip ssh-client key rsa key-pair
COMO UM:
names
!
interface Ethernet0/0
switchport access vlan 2
!
interface Ethernet0/1
!
interface Ethernet0/2
switchport access vlan 12
!
interface Ethernet0/3
switchport access vlan 11
!
interface Ethernet0/4
!
interface Ethernet0/5
!
interface Ethernet0/6
!
interface Ethernet0/7
!
interface Vlan1
nameif inside
security-level 100
ip address 10.0.4.1 255.255.255.0
!
interface Vlan2
description time-warner-bc-static
nameif outside
security-level 0
ip address 74.143.200.234 255.255.255.248
!
interface Vlan11
nameif voip
security-level 100
ip address 10.4.4.1 255.255.255.0
!
interface Vlan12
description Cisco RV110W VPN Firewall
nameif wireless
security-level 99
ip address 192.168.100.1 255.255.255.0
!
same-security-traffic permit inter-interface
!
dhcprelay server 10.0.4.5 inside
dhcprelay enable wireless
dhcprelay enable voip
dhcprelay timeout 60
Os telefones procuram uma opção personalizada (128) na mensagem de oferta do DHCP para saber qual VLAN eles devem usar. Esta opção deve ser configurada no escopo DHCP para a VLAN nativa (sem etiqueta).
O processo de inicialização do telefone é: