0

I have the following setup:

[phone]-~-~-~-(port-10)[Cisco 3750](port-24=trunk)----[servers]

I want the phone to talk only on vlan (say 1940), where-as Cisco switch to untag/tag its traffic, as goes to/comes from the trunk.

Basically the traffic between phone and switch will be always on a vlan, whereas traffic between trunk port and rest of the network in on no-vlan.

Phone should be able to reach any server on the up-link.

FractalSpace
  • 111
  • 6

1 Answers1

1

So first, what is your native VLAN ? I'll identify it by ~native~.

You need to set the port 10 as on the vlan 1940

#conf t
(config)#vlan 1940
/* description of VLAN as you want */
(config-vlan)#no shutdown
(config / config-vlan)#int f0/10
(config-if)#switchport mode access
(config-if)#switchport access vlan 1940

/* Verify */
#sh vlan brief

Now, will configure the port 24 to tag and manage packets for and from vlan 1940 as wanted :

#conf t
(config)#int f0/24
(config-if)#switchport mode trunk
(config-if)#switchport trunk native vlan ~native~
(config-if)#switchport trunk allowed vlan 1940
(config-if)#end

Finally, to tag packet, you will need to configure 802.1Q protocol.

#conf t
(config)#int f0/24.1940
(config-subif)#encapsulation dot1q 1940
/* IP CONFIG etc...*/
(config-subif)#end
(config)#int f0/24
(config-if)#no shutdown

So now, your switch is configured to tag packet from vlan 1940 with the 802.1Q protocol.

EDIT

Everytime you need to add a VLAN to a trunked port, you'lle need to make the last step and add the switchport trunk allowed vlan <num>

Community
  • 1
Nicolas Frbezar
  • 141
  • 6
  • Thanks! I'll try it tomorrow. Native vlan is vlan-1 for now. – FractalSpace May 10 '16 at 22:50
  • Okay, so don't forget to change this, it's not safe to let the native as VLAN 1 – Nicolas Frbezar May 10 '16 at 22:51
  • ok. just tried that. First, 'int f0/10' term is not supported on 3750. Its 'gi1/0/10'. *Secondly* - after issuing `switchport trunk allowed vlan 1940`, I lost connectivity with the switch (I was connected using ssh over IP). -Can I regain access to the switch somehow? Or should I looks for serial cable.- – FractalSpace May 11 '16 at 12:35
  • Don't really understand, because you talked about a port 24. Can you please list all of your interface ? The problem can be resolved by specifying the correct interface – Nicolas Frbezar May 11 '16 at 12:38
  • I gained access again (by moving uplink cable to port 23). Nothing much is connected to the switch. This is for special setup (not in production or anything). Only 3 ports have Ethernet cable connected: 2 phones (port 10, 21) 1 uplink (now port 23). – FractalSpace May 11 '16 at 12:40
  • When you lost access of a trunked port, it's because your VLAN is filtered by the trunk, who don't let you pass as you want. so you can reset your allowed trunk by `no switchport trunk allowed vlan`. Have you set the native vlan ? – Nicolas Frbezar May 11 '16 at 12:43
  • No. I didn't set the native vlan. Please let me know how to do this (and what will be the benefit). Also, `int f0/24.1940` or `interface gigabitEthernet 1/0/24.1940` is not recognized as valid command. For now, I can just work with uplink cable connected to port 23, and configure port 24 from there. When configuration is complete, I can move the cable again to port 24. – FractalSpace May 11 '16 at 12:49
  • Let us [continue this discussion in chat](http://chat.stackexchange.com/rooms/39625/discussion-between-fractalspace-and-nicolas-frbezar). – FractalSpace May 11 '16 at 12:54
  • Sorry @Nicolas-frbezar. Can we start over again? Lets assume we have clean slate. Same question. Need to untag traffic going out from port 24 and re-tag all traffic going towards port 10 with vlan id 1940. – FractalSpace May 31 '16 at 17:43