Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Strage VLAN issue with my Avaya PBX

Status
Not open for further replies.

dsm600rr

IS-IT--Management
Nov 17, 2015
1,444
US
All,

So I have my PBX LAN on the Data VLAN 192.168.1.XXX. The PBX is only on this VLAN to access the PBX from my Office PC's

I have my J179's, SIP Trunk, DHCP Server (IPO) and everything else voice related on this VLAN 172.30.20.XXX

IX Workplace will ONLY connect to the PBX on the Data VLAN - does not connect on the Voice VLAN.

If I unplug the LAN (Data VLAN) We are able to ping all of the phones from the Data VLAN (192.168.1.XXX) however not the PBX at 172.30.20.1

The only IP Route is on the Voice VLAN out 172.30.20.254

Both VLAN's are configured identical aside from the IP Scheme.

Thoughts?

ACSS
 
derfloh: Can you elaborate a bit?

Is the issue possibly because I do not currently have an internal DNS A-Record pointed to my PBX on the voice VLAN?

LAN_ujcbc9.png


WAN_r1qxkv.png


ACSS
 
Maybe its a certificate issue as you have TLS enabled on lan2.
 
icet500: I have also tried with TLS unchecked. Same result.

I am having certificate issues too though however. When I generate the Identity Certificate (.p12) and load it to manager I get this error:

1_dj7xr0.png


I am not entirely sure what certificate it is requesting be placed in the Trusted Certificate Store.

ACSS
 
So what is the error message you get when you try to register from the voice vlan?
 
If you unplug the data VLAN from the IP Office you can't ping the Voice VLAN interface as it will try to send out the answer on the other port.

If you have routing to the 172-network from the data VLAN to the voice VLAN you don't need an IP address from the data VLAN on the IP Office.

"Trying is the first step to failure..." - Homer
 
derfloh: All I did was create the Identity Certificate from my Application Server as Below)

1_tojhaz.png


I did however update the SAN to unclude both my LAN and WAN (Data / Voice) VLAN's as such:

DNS:ix.pfcommunications.com, IP:172.30.20.1, IP:192.168.1.251, IP:50.245.XXX.XX, URI:sip:ix.pfcommunications.com

I then went to Security Settings > System > Certificates and loaded the (.p12) Exported Identity Certificate to: "Set" > "Import Certificate from file" and loaded the .p12 file (Side note it would not let me add the downloaded .pem file

When I launch the Workplace App on the Data VLAN (as it wont run on the voice VLAN) it never grabs any certificate.


2_vijfml.png


3_zahm9j.png


4_e5vn3b.png


555_lfimih.png


7777_s22g72.png


99999_nx88ra.png




ACSS
 
Side note.

I removed from my voice network the SIP Domain Name and SIP Registrar FQDN as well as TLS and I still cannot get the app to load on the Voice VLAN, only the Data VLAN

Workplace_Error_qpx6hd.jpg



Works just fine from my Data VLAN

Workplace_xaxtzz.jpg


ACSS
 
Communicator works from my voice VLAN

Communicator_wmrhnp.png


ACSS
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top