Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations TouchToneTommy on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

S8710s, vlans, and cisco?

Status
Not open for further replies.
tipandring70

tipandring70

Technical User
Oct 27, 2005
128
US
We have 2 8710s with 6 clans, 3 medpros, and 2 val boards.
We were told to put them on different subnets and Vlans.
Clans are on 172.28.11.0 - 255.255.255.0 - vlan 11
Medpros are on 172.28.12.0 - 255.255.255.0 - vlan 12
Vals are on 172.28.11.0 - 255.255.255.0 with no vlan.
The 2 servers and 1 ipsi are on 172.28.10.0 - 255.255.255.0 vlan 10
If we plug in 2 laptops in place of cirpacks we can ping from port to port, vlan to vlan
From ASA the only clan we can ping is 172.28.11.1,
ping ip-address 172.28.11.1

PING RESULTS

End-pt IP Port Port Type Result Time(ms) Error Code

172.28.11.1 01A0217 ETH-PT PASS 5
ping ip-address 172.28.11.2

PING RESULTS

End-pt IP Port Port Type Result Time(ms) Error Code

172.28.11.2 01A0217 ETH-PT FAIL 1007
ping ip-address 172.28.11.3

PING RESULTS

End-pt IP Port Port Type Result Time(ms) Error Code


172.28.11.3 01A0217 ETH-PT FAIL 1007

They all seem to goto A02

Our cisco layer 3 switch show run looks as follows:


Current configuration : 12857 bytes
!
version 12.2
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime
service timestamps log datetime msec localtime
service password-encryption
!
hostname 3750G-48_45High3rdFloor_AvayaPBX
!
logging buffered 64000 debugging
enable secret 5 $1$wClB$DXXS1XyfWScb4.fKR/BTd1
!
username admin password 7 14141B180F0B
no aaa new-model
clock timezone EDT -5
clock summer-time EDT recurring
switch 1 provision ws-c3750-48ts
vtp domain macom
vtp mode transparent
ip subnet-zero
ip routing
no ip domain-lookup
!
!
!
!
errdisable recovery cause link-flap
errdisable recovery cause psecure-violation
no file verify auto
spanning-tree mode pvst
no spanning-tree optimize bpdu transmission
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
vlan 5
name Technician
!
vlan 10
name PBX_Pro
!
vlan 11
name CLAN
!
vlan 12
name MedPro
!
vlan 13
name ACT-CTI
!
vlan 14
name CMS
!
vlan 15
name IPSoftPh-4thFl
!
vlan 16
name IPSoftPh-6thFl
!
vlan 17
name IPSoftPh-RailBus
!
interface FastEthernet1/0/1
description PBX_Pro
switchport access vlan 10
switchport mode access
no mdix auto
spanning-tree portfast
spanning-tree bpduguard enable
!
interface FastEthernet1/0/2
description PBX_Pro
switchport access vlan 10
switchport mode access
no mdix auto
spanning-tree portfast
spanning-tree bpduguard enable
!
interface FastEthernet1/0/3
description PBX_Pro
switchport access vlan 10
switchport mode access
no mdix auto
spanning-tree portfast
spanning-tree bpduguard enable
!
interface FastEthernet1/0/4
description PBX_Pro
switchport access vlan 10
switchport mode access
no mdix auto
spanning-tree portfast
spanning-tree bpduguard enable
!
interface FastEthernet1/0/5
description PBX_Pro
switchport access vlan 10
switchport mode access
no mdix auto
spanning-tree portfast
spanning-tree bpduguard enable
!
interface FastEthernet1/0/6
description PBX_Pro
switchport access vlan 10
switchport mode access
no mdix auto
spanning-tree portfast
spanning-tree bpduguard enable
!
interface FastEthernet1/0/7
description PBX_Pro
switchport access vlan 10
switchport mode access
no mdix auto
spanning-tree portfast
spanning-tree bpduguard enable
!
interface FastEthernet1/0/8
description PBX_Pro
switchport access vlan 10
switchport mode access
no mdix auto
spanning-tree portfast
spanning-tree bpduguard enable
!
interface FastEthernet1/0/9
description CLAN
switchport access vlan 11
switchport mode access
no mdix auto
spanning-tree portfast
spanning-tree bpduguard enable
!
interface FastEthernet1/0/10
description CLAN
switchport access vlan 11
switchport mode access
no mdix auto
spanning-tree portfast
spanning-tree bpduguard enable
!
interface FastEthernet1/0/11
description CLAN
switchport access vlan 11
switchport mode access
no mdix auto
spanning-tree portfast
spanning-tree bpduguard enable
!
interface FastEthernet1/0/12
description CLAN
switchport access vlan 11
switchport mode access
no mdix auto
spanning-tree portfast
spanning-tree bpduguard enable
!
interface FastEthernet1/0/13
description CLAN
switchport access vlan 11
switchport mode access
no mdix auto
spanning-tree portfast
spanning-tree bpduguard enable
!
interface FastEthernet1/0/14
description CLAN
switchport access vlan 11
switchport mode access
no mdix auto
spanning-tree portfast
spanning-tree bpduguard enable
!
interface FastEthernet1/0/15
description CLAN
switchport access vlan 11
switchport mode access
no mdix auto
spanning-tree portfast
spanning-tree bpduguard enable
!
interface FastEthernet1/0/16
description CLAN
switchport access vlan 11
switchport mode access
no mdix auto
spanning-tree portfast
spanning-tree bpduguard enable
!
interface FastEthernet1/0/17
description MedPro
switchport access vlan 12
switchport mode access
no mdix auto
spanning-tree portfast
spanning-tree bpduguard enable
!
interface FastEthernet1/0/18
description MedPro
switchport access vlan 12
switchport mode access
no mdix auto
spanning-tree portfast
spanning-tree bpduguard enable
!
interface FastEthernet1/0/19
description MedPro
switchport access vlan 12
switchport mode access
no mdix auto
spanning-tree portfast
spanning-tree bpduguard enable
!
interface FastEthernet1/0/20
description MedPro
switchport access vlan 12
switchport mode access
no mdix auto
spanning-tree portfast
spanning-tree bpduguard enable
!
interface FastEthernet1/0/21
description MedPro
switchport access vlan 12
switchport mode access
no mdix auto
spanning-tree portfast
spanning-tree bpduguard enable
!
interface FastEthernet1/0/22
description MedPro
switchport access vlan 12
switchport mode access
no mdix auto
spanning-tree portfast
spanning-tree bpduguard enable
!
interface FastEthernet1/0/23
description ACT-CTI
switchport access vlan 13
switchport mode access
no mdix auto
spanning-tree portfast
spanning-tree bpduguard enable
!
interface FastEthernet1/0/24
description ACT-CTI
switchport access vlan 13
switchport mode access
no mdix auto
spanning-tree portfast
spanning-tree bpduguard enable
!
interface FastEthernet1/0/25
description ACT-CTI
switchport access vlan 13
switchport mode access
no mdix auto
spanning-tree portfast
spanning-tree bpduguard enable
!
interface FastEthernet1/0/26
description ACT-CTI
switchport access vlan 13
switchport mode access
no mdix auto
spanning-tree portfast
spanning-tree bpduguard enable
!
interface FastEthernet1/0/27
description ACT-CTI
switchport access vlan 13
switchport mode access
no mdix auto
spanning-tree portfast
spanning-tree bpduguard enable
!
interface FastEthernet1/0/28
description ACT-CTI
switchport access vlan 13
switchport mode access
no mdix auto
spanning-tree portfast
spanning-tree bpduguard enable
!
interface FastEthernet1/0/29
description ACT-CTI
switchport access vlan 13
switchport mode access
no mdix auto
spanning-tree portfast
spanning-tree bpduguard enable
!
interface FastEthernet1/0/30
description ACT-CTI
switchport access vlan 13
switchport mode access
no mdix auto
spanning-tree portfast
spanning-tree bpduguard enable
!
interface FastEthernet1/0/31
description ACT-CTI
switchport access vlan 13
switchport mode access
no mdix auto
spanning-tree portfast
spanning-tree bpduguard enable
!
interface FastEthernet1/0/32
description ACT-CTI
switchport access vlan 13
switchport mode access
no mdix auto
spanning-tree portfast
spanning-tree bpduguard enable
!
interface FastEthernet1/0/33
description ACT-CTI
switchport access vlan 13
switchport mode access
no mdix auto
spanning-tree portfast
spanning-tree bpduguard enable
!
interface FastEthernet1/0/34
description ACT-CTI
switchport access vlan 13
switchport mode access
no mdix auto
spanning-tree portfast
spanning-tree bpduguard enable
!
interface FastEthernet1/0/35
description ACT-CTI
switchport access vlan 13
switchport mode access
no mdix auto
spanning-tree portfast
spanning-tree bpduguard enable
!
interface FastEthernet1/0/36
description ACT-CTI
switchport access vlan 13
switchport mode access
no mdix auto
spanning-tree portfast
spanning-tree bpduguard enable
!
interface FastEthernet1/0/37
description ACT-CTI
switchport access vlan 13
switchport mode access
no mdix auto
spanning-tree portfast
spanning-tree bpduguard enable
!
interface FastEthernet1/0/38
description ACT-CTI
switchport access vlan 13
switchport mode access
no mdix auto
spanning-tree portfast
spanning-tree bpduguard enable
!
interface FastEthernet1/0/39
description CMS
switchport access vlan 14
switchport mode access
no mdix auto
spanning-tree portfast
spanning-tree bpduguard enable
!
interface FastEthernet1/0/40
description CMS
switchport access vlan 14
switchport mode access
no mdix auto
spanning-tree portfast
spanning-tree bpduguard enable
!
interface FastEthernet1/0/41
description CMS
switchport access vlan 14
switchport mode access
no mdix auto
spanning-tree portfast
spanning-tree bpduguard enable
!
interface FastEthernet1/0/42
description CMS
switchport access vlan 14
switchport mode access
no mdix auto
spanning-tree portfast
spanning-tree bpduguard enable
!
interface FastEthernet1/0/43
description IPSoftPh-4thFL
switchport access vlan 15
switchport mode access
no mdix auto
spanning-tree bpduguard enable
!
interface FastEthernet1/0/44
description IPSoftPh-6thFL
switchport access vlan 16
switchport mode access
no mdix auto
spanning-tree bpduguard enable
!
interface FastEthernet1/0/45
description IPSoftPh-4thFL
switchport access vlan 17
switchport mode access
no mdix auto
spanning-tree bpduguard enable
!
interface FastEthernet1/0/46
description IPSoftPh-6thFL
switchport access vlan 17
switchport mode access
no mdix auto
spanning-tree bpduguard enable
!
interface FastEthernet1/0/47
description Sniffer
switchport mode access
!
interface FastEthernet1/0/48
description Tech_VLAN
switchport access vlan 5
switchport mode access
no mdix auto
spanning-tree portfast
spanning-tree bpduguard enable
!
interface GigabitEthernet1/0/1
description IPSoftPh-4thFL
switchport trunk encapsulation dot1q
switchport trunk native vlan 200
!
interface GigabitEthernet1/0/2
description IPSoftPh-6thFL
switchport trunk encapsulation dot1q
switchport trunk native vlan 200
switchport mode trunk
!
interface GigabitEthernet1/0/3
!
interface GigabitEthernet1/0/4
!
interface Vlan1
description Cfg_Ver_08-20-06r1
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
shutdown
!
interface Vlan5
description Technician
ip address 172.28.5.254 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
!
interface Vlan10
description PBX_Pro
ip address 172.28.10.254 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
!
interface Vlan11
description CLAN
ip address 172.28.11.254 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
!
interface Vlan12
description MedPro
ip address 172.28.12.254 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
!
interface Vlan13
description ACT-CTI
ip address 172.28.13.254 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
!
interface Vlan14
description CMS
ip address 172.28.14.254 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
!
interface Vlan15
description IPSoftPh-4thFl
ip address 172.28.15.254 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
!
interface Vlan16
description IPSoftPh-6thFl
ip address 172.28.16.254 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
!
interface Vlan17
description IPSoftPh-RailBus
ip address 172.28.17.254 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
!
interface Vlan200
description Backbone_Management
ip address 172.28.200.254 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
!
ip classless
ip route 0.0.0.0 0.0.0.0 172.28.17.253
ip http server
!
snmp-server community Patri0ts RO 10
snmp-server community b0st0nt3a RW 10
snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart
snmp-server enable traps envmon fan shutdown supply temperature status
snmp-server enable traps config
snmp-server enable traps stpx root-inconsistency loop-inconsistency
!
control-plane
!
banner login ^C

****************** WARNING - THIS IS A PRIVATE SYSTEM *******************
** **
** The use of this computer system is restricted to authorized **
** users for legitimate business purposes. Unauthorized access or **
** unauthorized attempted access is strictly prohibited and may be **
** subject to criminal prosecution. **
** **
** Anyone using this system expressly consents to such monitoring **
** and is advised that if such monitoring reveals possible **
** evidence of criminal activity, system personnel may provide the **
** evidence of such monitoring to law enforcement officials. **
** **
*************************************************************************

^C
!
line con 0
session-timeout 60
exec-timeout 30 0
logging synchronous
login local
history size 100
transport output telnet
stopbits 1
line vty 0 4
session-timeout 60
exec-timeout 30 0
logging synchronous
login local
history size 100
transport preferred telnet
transport input telnet
line vty 5 15
session-timeout 60
exec-timeout 30 0
logging synchronous
login local
history size 100
transport preferred telnet
transport input telnet
!
!
end


Anybody see something in the cisco or have any sugestions?

 
Sort by date Sort by votes
Hi TipandRing,

I did read your threat. I am sorry to say but your design doesn't make sense to me. I don't know where to start but I will try to get you a little bit in the good direction.

Some information i need is: How many IP-Stations and how many Locations do you wanna feed from this configuration??

If all the phones and mediagateways are on the same location (location-A) your configuration could be like this:

Program the following VLAN's in your LAN:

Control-VLAN: (for example ID-10 = 172.28.10.0/24)
In this vlan you put the control-network-A interfaces of the mediaservers and the two IPSI boards.

CorparateNW-VLAN:(for example ID-11 = 172.28.11.0/24)
In this vlan you put the control-network-C interfaces of the mediaservers, 1x public CMS interface, 1xCLAN (dedicated for management (ASA AIM)

Voice-VLAN: (for example ID-12 = 172.28.12.0/24)
In this vlan you put the 3xMedpro, 3xCLAN, 2VAL.
This is the same subnet where your IP-phones will be in.
(if you have more of expecting to grow to more then 240 IP-stations you must redesign your IP-plan).

CMS-VLAN: (for example ID-13 = 172.28.13.0/24)
In this vlan you put 1xCLAN, 1xCMS interface (switchlink)
(this subnet could be much smaller because you have only two hosts, a crosscable could be an option also it decrease your spof)

CTI-VLAN: (for example ID-14 = 172.28.14.0/24)
I don't know what kind of CTI solution your are using ???
But for the CTI signaling we put one dedicated CLAN in this vlan.

To let the IP-phone communicate with the right CLAN-board you make four network-regions in your CM configuration.

region-1 = Voice-location-A
In ASA you assign this region to the interfaces woch are in VLAN-12 (voice-vlan)

region-2 = CMS
Assign the CLAN interface for CMS switchlink

region-3 = Management
Assign the CLAN interface wich is in the Coorparete vlan.

region-4 = CTI
Assign the CLAN interface wich is dedicated for the CTI solution.

This will be a good starting point for a plain configuration. There are lots of more possible options. And maybe better too, but that depends on your IPT design . I need more information to give you an good advise on that. Also you need to pay attetion to your QoS design. One tip i can gave you is when you are identifying voice packets on your cisco switch by COS of DSCP that you use the config-line: mls qos trust cos or mls qos trust dscp. And dont use the cisco propriaty one wich is: trust voice or something. That won't work with avaya phones.

I really can';t think a reason to seperate the medpro and clan boards in different vlans.

The reason that in your configuration you only can ping to the IP-adress 172.28.11.1 is because this is the IP-adress of the board where you pinging from (01a02). (its his own interface adress). The reason that you can not ping the other CLAN-boards wich are in the same subnet must be a layer two or lower problem. some reasons could be:

- The cable of CLAN 01a02 is on a wrong switchport (wrong vlan) Advise : check if you can ping from clan 01a04 to clan 01a05 --- ping ip board 01a05 to destination)


- You did not configure 802.1q/p trunking on your switch Maybe it is configured on your CLAN-boards The switch will then drop the L2-frame.

I hope i helped you an little bit .

Good Luck..














 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Alaskatelecom
  • Locked
  • Question
SIP J179 and Call Park - not working 1
Replies
3
Views
377
ZeroZeroOne
ZeroZeroOne
Scuzzie2k
  • Locked
  • Question
IP Office 500 and Avaya Workplace
Replies
2
Views
292
Scuzzie2k
Scuzzie2k
murpr
  • Locked
  • Question
Pull Station and Agent information via API? 1
Replies
2
Views
393
murpr
murpr
hcmbmt
  • Locked
  • Question
SMGR and CM sync but change no update
Replies
3
Views
443
hcmbmt
hcmbmt
Craft01
  • Locked
  • Question
adding ESS and LSP in MGC list
Replies
1
Views
400
JefferP
JefferP

Part and Inventory Search

Sponsor

Back
Top