Problem connecting nortel phone + bcm with cisco 3560

[confus9d]

Hello,

I have a Cisco 24 port 3560 PoE. My data vlan is 1 and 101 is the voice vlan. I want to connect my nortel I2002/2004 phones to the switch and connect PCs to my phones. Also a netscreen firewall will be connected to the switch with 1 interface for the phone network and another one for the data network. Currently I have a nortel 48 port poe which i want to swap out with cisco 3560. all ports on the nortel are on vlan 1 for data and vlan 101 for voice and all in access mode. this is currently working with the phones and pcs. So i tried doing exactly same with my cisco 3560 all ports access + vlan 1 for data and vlan 101 for voice. Data portion of the network works fine but the phones do not see the bcm. I can ping the bcm from a laptop and also manage it. For some reason the phone network just do not work. Could someone please shed some lights on how i can setup my switch to correct this issue. thanks.

 

[Jsteve]

I believe the 35xx Switchs uses CDP for the Voice/Vlan separation, which is Cisco Proprietary. you will have to set up a trunk to the Nortel phones and allow both Vlan 1/101 accross.

 

[vipergg]

He should be fine using vlan1 as data and the voice vlan is 101 , we use this setup with avaya phones . You are correct saying that cisco phones use cdp to rely on some of the functions but if the port is setup as an access port in vlan 1 with the added voice vlan statement also it should work. I would look at your layer 3 definitions for both vlans and make sure they are correct.

 

[confus9d]

Here's what i have configured so far on the cisco 3560:

Ports 1-4 -> Data vlan 1 only
Port 5 -> Mirror port 24
Port 21 -> BCM (Voice vlan only)
Port 22 -> trunk port for future additional switch
Port 23 -> Firewall (Voice vlan only)
Port 24 -> Firewall (Data vlan only)

phones have static ip on the voip subnet which is different from the data network. the reason for having two seperate ports for firewall is to keep voip and data on seperate interfaces and also allow softphone access to the bcm. here's part of the config:

interface FastEthernet0/20
switchport mode access
switchport voice vlan 101
switchport port-security maximum 2
switchport port-security
switchport port-security aging time 2
switchport port-security violation restrict
switchport port-security aging type inactivity
macro description cisco-phone
auto qos voip cisco-phone
spanning-tree portfast
spanning-tree bpduguard enable
!
interface FastEthernet0/21
power inline never
switchport voice vlan 101
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/22
power inline never
switchport trunk encapsulation dot1q
switchport mode trunk
speed 100
duplex full
!
interface FastEthernet0/23
power inline never
switchport voice vlan 101
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/24
power inline never
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface Vlan1
ip address 10.100.6.249 255.255.255.0
!
ip default-gateway 10.100.6.254
ip classless
ip http server
!
snmp-server community xxxxxxx RO
!
control-plane
!
!
line con 0

 

[BuckWeet]

Try turning off 'port security' to see if that fixes the problem.. Sometimes you have to play with the 'count' amount to make it work.. Its a known issue with the 3560's


BuckWeet