TotalCloud Phone System
Cisco SF 302-08P PoE VLAN Configuration Guide
Note: The below information and configuration is for deployment of the Cbeyond managed switch solution using the Cisco 302 8 port Power over Ethernet (PoE) switch.
The following assumptions will be made:
1.) The Management VLAN will be 100. Devices will reside in the 192.168.100.0/24 network. (Managed by Cbeyond IAD)
2.) The Data VLAN will be 22. Devices will reside in the 192.168.22.0/24 network or to be determined by the customer.
(Managed by Customer)
3.) The Voice VLAN will be 33. Devices will reside in the 192.168.33.0/24 network. (Managed by Cbeyond IAD) 4). The Firewall or Router WAN VLAN will be 44. This will handle the customer’s Public IP address.
Accessing the Device: Initial Default Variables
Default IP Address of Management Port: 192.168.1.254 Default Login Information for the unit: Login: cisco Password: ciscoAccessing the Device: Logging into the Unit
1.) Using a Straight-through cable, connect from your PC to the FE1 port on the switch. Note: FE1 is the default management port
Using a web browser, point to 192.168.1.254 and login using the variables listed in “Accessing the Device: Initial Default Variables”
Accessing the Device: Password change prompted
After using the default login credentials to access the device, the user will be prompted to change the default password. See Figure below.
Note: The switch will guide you to using what it deems as a strong password. You can uncheck the box that states “Password Strength Enforcement” to use any password regardless of strength.
*This device supports Radius authentication and would be used if this device is deployed in a production environment.
Management IP configurations
The default configuration is setup to pull a DHCP address as soon as a DHCP server goes live. For better management of the box we statically assigned and IP address for the management interface. Figure 1a below shows an example of this configuration which is done through “Administration”, “Management Interface”, “IPv4 Intereface”.
Under “VLAN Management”, click “Create VLAN” use the settings shown in the following Figure. Note that VLAN 100 will become Type “Default” in the next step.
Next under “VLAN Management”, “Default VLAN Settings”, change the “Default VLAN ID After Reboot” to “100” as shown in the Figure below.
Click “Save” in the upper right corner of your browser. On the next screen show in the following figure, use the default settings there which will copy the Running Config to the Startup Config.
Note: The Switch does NOT automatically save your configurations. You will need to click the “Save” button as you work. The button will not appear until a configuration change has been made. Going forward this document will not prompt for saving configurations changes as this will be assumed to be performed often by the user.
Under “Administration”, click on “Reboot” to save changes you made to the default VLAN. Note: A full reboot will take approximately 5 minutes.
Next under “VLAN Management”, “Interface Settings”, assign each interface as “Trunk” or “Access” using the Figures that follow.
Next under “VLAN Management”, “Port VLAN Membership”, configure the following which is shown in the following figures.
GE1 will the uplink to the Cbeyond IAD / ISR and will allow all tagged VLAN’s. GE2 will be configured the same to be used if an additional managed switch is required.
FE1- FE6 will be setup to tag untagged packets as VLAN 22 (Data) and allow tagged VLAN 33 (Voice) traffic FE7 will be setup to untagged packets as VLAN 44 (WAN Data) to connect the Firewall WAN port.
FE8 will be setup to only allow untagged traffic for VLAN 22 – This will be the connection to the customer’s network if they have additional switches for data only access
Next under “VLAN Management”, “Voice VLAN” “VLAN Properties”, setup the Voice VLAN properties shown in the following figure
Configuration – Creating and configuring Auto Voice VLAN
1.) Next under “Smartport”, “Properties”, use the information found in the Figure below to provision the auto configuration of voice enabled devices onto the Voice VLAN. Make sure CDP is enabled and disable “Administrative Auto Smartport”
*Administrative Auto Smartport is not required since Cisco and Polycom handsets are capable of auto configuring the Voice VLAN via CDP.
Command Line Interface Configuration
*Below is the basic command line interface configuration for the Cisco SMB 300 switch. Since the document focuses on the functionality of VLANs working with voice, Items such as password, snmp and other management settings are omitted from this configuration.
vlan database vlan 100,22,33,44 exit
voice vlan id 33
voice vlan state auto-enabled !
interface vlan 100
ip address [IP Address] [Subnet mask] exit
ip default-gateway [IP Default Gateway] interface vlan 100
no ip address dhcp exit
line telnet exec-timeout 30 exit
logging host [Syslog Server IP] severity debugging line telnet
line ssh !
no password complexity enable password aging 0
ip ssh server
ip http timeout-policy 0 http-only ip http secure-server
clock timezone " " -4 clock source sntp
sntp unicast client enable sntp unicast client poll ip telnet server
banner login *
Cbeyond Communications
RESTRICTED NETWORK ACCESS -- ALL CONNECTIONS ARE LOGGED UNAUTHORIZED ACCESS NOT PERMITTED
*
macro auto disabled
macro auto processing type ip_phone disabled
macro auto processing type ip_phone_desktop disabled macro auto processing type switch disabled
macro auto processing type ap disabled interface range fastethernet1-6
switchport mode trunk
switchport trunk allowed vlan add 33 switchport trunk native vlan 22 exit
interface fastethernet7 switchport mode access switchport access vlan 44 exit
interface fastethernet8 switchport mode access switchport access vlan 22 exit
interface gigabitethernet1
switchport trunk allowed vlan add 100,33,44 exit
interface gigabitethernet2
switchport trunk allowed vlan add 100,22,33,44 exit
