Scribd
Upload
22 views

Understanding The Cisco IP Phone Concepts and Configuring Voice VLAN

This document discusses configuring voice VLANs on Cisco switches to separate voice and data traffic. It describes connecting and powering Cisco IP phones, understanding voice VLAN concepts, and configuring voice and data VLANs on a switch. Configuration includes adding VLANs to the switch, assigning ports to voice and data VLANs, and configuring a router as a DHCP server to provide IP addresses to devices on each VLAN. The goal is to secure voice traffic and prioritize it over data for quality of service.

Uploaded by

alyssabalolo97
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
22 views

Understanding The Cisco IP Phone Concepts and Configuring Voice VLAN

This document discusses configuring voice VLANs on Cisco switches to separate voice and data traffic. It describes connecting and powering Cisco IP phones, understanding voice VLAN concepts, and configuring voice and data VLANs on a switch. Configuration includes adding VLANs to the switch, assigning ports to voice and data VLANs, and configuring a router as a DHCP server to provide IP addresses to devices on each VLAN. The goal is to secure voice traffic and prioritize it over data for quality of service.

Uploaded by

alyssabalolo97
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 32

Understanding the Cisco IP

Phone Concepts and


Configuring Voice VLAN
Lesson 6
NET201 – Computer Networking 2

Instructor: Engr. Ricrey E. Marquez, PCpE


Topic Outline
Understanding the Cisco IP Phone Concepts and Configuring Voice VLAN

1. Connecting and Powering Cisco IP Phones


2. Understanding Voice VLANs
3. Configuration for Voice and Data VLAN
4. Configuring Inter-VLAN with Voice VLAN

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 2
Lesson Objectives
Understanding the Cisco IP Phone Concepts and Configuring Voice VLAN

 At the end of this lesson, you will be able to:


1. concepts of Cisco IP Phone
2. understand Voice VLANs
3. familiarize with CLI commands use in configuring voice VLAN
4. configure voice VLAN, and
5. configure inter-VLAN routing with voice VLAN

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 3
Voice VLAN Concepts
Part 1
Connecting and Powering Cisco IP Phones
Understanding the Cisco IP Phone Concepts and Configuring Voice VLAN

 After physically connecting the IP phone to the network, it needs to receive


power in some way.
 There are three (3) potential sources of power in a Cisco VoIP network:
1. Cisco Catalyst Switch PoE (Cisco pre-standard or 802.3af power)
2. Power Patch Panel PoE (Cisco pre-standard or 802.3af power)
3. Cisco IP Phone Power Brick (wall power)

 The terms inline power and PoE describe two methods you can use to send
electricity over the unused Ethernet wires to power a connected device.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 5
Connecting and Powering Cisco IP Phones
Understanding the Cisco IP Phone Concepts and Configuring Voice VLAN

 The network diagram shown in Figure 1 represents the placement of the three (3)
technologies.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 6
Figure 1. VoIP Network
Connecting and Powering Cisco IP Phones
Understanding the Cisco IP Phone Concepts and Configuring Voice VLAN

 Cisco IP Phones connect to switches just


like any other network device (such as
PCs, IP-based printers, and so on).
 Figure 2 illustrates the connections on the
back of a Cisco 7960 IP Phone
1. RS232 - Connects to a expansion module
(such as a 7914, 7915, or 7916)
2. 10/100 SW - Used to connect the IP
phone to the network
3. 10/100 PC - Used to connect a co-located
PC (or other network device) to the IP
Figure 2. connections on the back of a
Phone Cisco 7960 IP Phone
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 7
Understanding Voice VLANs
Understanding the Cisco IP Phone Concepts and Configuring Voice VLAN

 It is a common and recommended practice to separate voice and data traffic


by using VLANs.
 There are already easy-to-use applications available, such as Wireshark and
Voice Over Misconfigured Internet Telephones (VOMIT), that allow
intruders to capture voice conversations on the network and convert them into
WAV data files.
 Separating voice and data traffic using VLANs provides three (3) solid
security boundary:
1. preventing data applications from reaching the voice traffic,
2. simpler method to deploy QoS, and
3. prioritizing the voice traffic over the data.
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 8
Understanding Voice VLANs
Understanding the Cisco IP Phone Concepts and Configuring Voice VLAN

 The switch built into Cisco IP Phones has


much of the same hardware that exists inside
of a full Cisco switch.
 The incoming switchport is able to receive
and send 802.1Q tagged packets that gives
the capability to establish a type of trunk
connection between the Cisco switch and IP
phone as shown in Figure 3.

Figure 3. Connection between the Cisco


switch and IP phone
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 9
Configuring Voice VLAN
Part 2
Configuration for Voice and Data VLAN
Understanding the Cisco IP Phone Concepts and Configuring Voice VLAN

 Configuring a Cisco switch to


support Voice VLANs is a fairly
simple process.
• STEP 1 - Add the VLANs to the
switch (see Figure 4)

Figure 4. Adding the VLANs to the


switch
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 11
Configuration for Voice and Data VLAN
Understanding the Cisco IP Phone Concepts and Configuring Voice VLAN

• STEP 2 - Assigning Voice and Data


VLANs (see Figure 5)

Note: When connecting Cisco IP


Phones to a switch, you must should
also enable portfast using spanning-
tree portfast command, because
the IP phones boot quickly and request
a DHCP assigned address before a
typical port with spanning-tree enabled
would go active

Figure 5. Assigning Voice and Data


VLANs
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 12
Cisco IP Phone Boot Process
Understanding the Cisco IP Phone Concepts and Configuring Voice VLAN

 Here is the Cisco IP Phone boot process, start to finish:


1. The Cisco IP Phone connects to an Ethernet switchport,
• If the IP Phone and switch support PoE, the IP phone receives power
through either Cisco-proprietary PoE or 802.3af PoE.

2. The Cisco switch delivers voice VLAN information to the IP phone using
CDP as a delivery mechanism,
3. The Cisco IP Phone sends a DHCP request asking for an IP address on its
voice VLAN,

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 13
Cisco IP Phone Boot Process
Understanding the Cisco IP Phone Concepts and Configuring Voice VLAN

4. The DHCP server responds with an IP address offer,


• When the Cisco IP Phone accepts the offer, it receives all the DHCP options that go
along with the DHCP request which includes the default gateway, DNS server
information, domain name information, and so on
• In the case of Cisco IP Phones, a unique DHCP option is included, known as Option 150
-- this option directs the IP phone to a TFTP server.
5. It contacts the TFTP server and downloads its configuration file, which includes
a list of valid call processing agents (such as Cisco Unified Communications
Manager (CUCM) or Cisco Unified Communications Manager Express
(CUCME) agents)
6. The Cisco IP Phone attempts to contact the first call processing server (the
primary server) listed in its configuration file to register.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 14
Configuring a Router-Based DHCP Server for Voice
and Data VLANs
Understanding the Cisco IP Phone Concepts and Configuring Voice VLAN

 Using a router as a DHCP server is a somewhat common practice


in smaller networks. However, once you move into larger
organizations, DHCP services are typically centralized onto
server platforms.
 Either DHCP option is capable of sending TFTP server information
to the IP phones.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 15
Configuring a Router-Based DHCP Server for Voice
and Data VLANs
Understanding the Cisco IP Phone Concepts and Configuring Voice VLAN

 As shown in Figure 6, CLI shows the


syntax used to configure a WAN branch
router as a DHCP server.
 When using Windows Server or some
other centralized device for DHCP
services, you typically need to configure
an ip helper-address <central
DHCP server IP address> to forward
DHCP requests to the central DHCP
server for the voice VLAN devices.

Figure 6. Uses a Cisco router as a DHCP server


© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 16
Configuring a Router-Based DHCP Server for Voice
and Data VLANs
Understanding the Cisco IP Phone Concepts and Configuring Voice VLAN

 Best practice is to configure first the


excluded addresses before you configure
the DHCP pools, to ensures that the Cisco
router does not accidentally hand-out IP
addresses before you have a chance to
exclude them from the range.
• Router(config)# ip dhcp
excluded-address <start-ip-add>
<last-ip-add>

 The DHCP service on the router will begin


handing out IP addresses from the first
non-excluded IP address in the network
range such as 172.16.1.10 for the voice
scope VLAN and 172.16.2.10 for data Figure 6. Uses a Cisco router as a DHCP server
scope VLAN © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 17
Configuring a Router-Based DHCP Server for Voice
and Data VLANs
Understanding the Cisco IP Phone Concepts and Configuring Voice VLAN

 Notice a DNS server of 4.2.2.2 is assigned to both the data and voice
devices.
• The IP address 4.2.2.2 is a well-known, open DNS server on the Internet.
• This IP address works fantastically to test connectivity and DNS services in new network
deployments because it is such a simple IP address to remember.

 Also notice that the VOICE_SCOPE DHCP pool includes the option 150
syntax.
 Option 150 creates the custom TFTP server option to be handed out to
the Cisco IP Phones along with their IP address information.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 18
IP Phone Registration
Understanding the Cisco IP Phone Concepts and Configuring Voice VLAN

 Now that the Cisco IP Phone has gone through the complete
process, it is ready to register with the call-management system
(CUCME or CUCM).
 Keep in mind what the phone has gone through up to this point:
1. The phone has received Power over Ethernet (PoE) from the switch.
2. The phone has received VLAN information from switch via CDP.
3. The phone has received IP information from the DHCP server (including
Option 150).
4. The phone has downloaded its configuration file from the TFTP server.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 19
Basic Manual CME Setup using the CLI
Understanding the Cisco IP Phone Concepts and Configuring Voice VLAN

 Cisco Unified Communications Manager Express (CUCME) is an IOS VoIP


solution based on Cisco Integrated Services Routers (ISRs).
CLI COMMAND DESCRIPTION

Router(config)# telephony-service Enters telephony-service configuration mode.


Router(config-telephony-service)# max-ephones <max- Sets the maximum number of supported IP phones
ephones> (ex. max-ephones 3)
Sets the maximum number of extensions (ex. max-dn
Router(config-telephony-service)# max-dn <max-dn>
5)
Set the where the IP phone get the source address
Router(config-telephony-service)# ip source-address and the VoIP port number (ex. ip source-address
<voice-gw-add> port 2000 198.168.100.1 port 2000) . Note: Port 2000 is
the port number of VoIP protocol.
Builds the XML configuration files required for Cisco
Router(config-telephony-service)# create cnf-files
CME phones.
Router(config-telephony-service)# reset sequence-all Resets all phones one at a time.

Router(config-telephony-service)# exit Returns to global configuration mode.


© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 20
Configuring DHCP for the VoIP Phones
Understanding the Cisco IP Phone Concepts and Configuring Voice VLAN

CLI COMMAND DESCRIPTION


Specifies any addresses not to be dynamically
Router(config)# ip dhcp excluded-address <start-ip-
allocated (ex. ip dhcp exclude-address
add> <last-ip-add>
192.168.100.1 192.168.100.9)
Creates a name for the DHCP server address
Router(config)# ip dhcp pool <DHCP-POOL-NAME> pool and enters DHCP pool configuration mode
(ex. ip dhcp pool VOICE_VLAN)
Specifies the IP address of the DHCP address
Router(config-dhcp)# network <net-add> <sm-add> pool to be configured (ex. network
192.168.30.0 255.255.255.0)
Router(config-dhcp)# default-router <ip-add> Specifies the gateway address for IP phone.
Specifies the TFTP server address from which
Router(config-dhcp)# option 150 ip <voip-default- the Cisco Unified IP phone downloads the image
gateway> configuration file (ex. option 150 ip
192.168.100.1)
Router(config-dhcp)# end Returns to privileged EXEC mode.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 21
Creating Directory Numbers and Ethernet Phones for VoIP network
Understanding the Cisco IP Phone Concepts and Configuring Voice VLAN

CLI COMMAND DESCRIPTION


Router(config)# ephone-dn <dn-number> Configures a directory number (ex. Ephone-dn 2)

Router(config-ephone-dn)# number <ephone-number> Configure the ephone number (ex. number 1001)
Assigns a name to the directory number (ex. name DCE
Router(config-ephone-dn)# name <ephone-name>
VoIP)
Router(config)# ephone <ephone-number> Enters the ephone configuration mode (ex. ephone 1)
Associates the MAC address with ephone (ex. mac-
Router(config-ephone)# mac-address <ephone-mac-add>
address 1234:5678:ABCD)
Router(config-ephone)# type <type-name> Configures the type of phone (ex. type VoIP1)
Assigns the first button on the phone to directory number
(ex. Button 1:2)
Router(config-ephone)# button <first-button><type-
ring><dn-number> NOTE: The first number indicates the first button. The
colon (:) indicates a normal ringer. The second number
represents directory number.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 22
Configuring Voice VLAN in Router-in-
a-Stick Inter-VLAN Routing
Part 3

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 23
Example of Configuring Inter-VLAN with Voice VLAN
Understanding the Cisco IP Phone Concepts and Configuring Voice VLAN

 Consider the network topology below:

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 24
Example of Configuring Inter-VLAN with Voice VLAN
Understanding the Cisco IP Phone Concepts and Configuring Voice VLAN

 STEP 1 - Create VLAN’s, enable switchport mode, and assigning VLAN’s


interfaces
Switch> en
Switch# conf t
Switch(config)# host SW
SW(config)# vlan 10
SW(config-vlan)# name DATA
SW(config-vlan)# vlan 100
SW(config-vlan)# name VOICE
SW(config-vlan)# vlan 50
SW(config-vlan)# name NATIVE
SW(config-vlan)# exit
SW(config)# int Fa0/1
SW(config-if)# switchport mode trunk
SW(config-if)# switchport trunk native vlan 50
SW(config-if)# switchport trunk allowed vlan 1,10,50,100
SW(config-if)# exit
SW(config)# int range Fa0/2-3
SW(config-if-range)# switchport mode access
SW(config-if-range)# switchport access vlan 10
SW(config-if-range)# switchport voice vlan 100
SW(config-if-range)# end
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 25
SW#
Example of Configuring Inter-VLAN with Voice VLAN
Understanding the Cisco IP Phone Concepts and Configuring Voice VLAN

 STEP 2 – Configure sub-interfaces on a router with CME


Router> en
Router# conf t
Router(config)# host CME_RTR
CME_RTR(config)# int Fa0/1.1
CME_RTR(config-subif)# encapsulation dot1q 1
CME_RTR(config-subif)# ip add 192.168.1.1 255.255.255.0
CME_RTR(config-subif)# desc DEFAULT VLAN GATEWAY
CME_RTR(config-subif)# int fa0/1.10
CME_RTR(config-subif)# encapsulation dot1q 10
CME_RTR(config-subif)# ip add 192.168.10.1 255.255.255.0
CME_RTR(config-subif)# desc DATA VLAN GATEWAY
CME_RTR(config-subif)# int fa0/1.50
CME_RTR(config-subif)# encapsulation dot1q 50
CME_RTR(config-subif)# ip add 192.168.50.1 255.255.255.0
CME_RTR(config-subif)# desc NATIVE VLAN TAG
CME_RTR(config-subif)# int Fa0/1.100
CME_RTR(config-subif)# encapsulation dot1q 100
CME_RTR(config-subif)# ip add 192.168.100.1 255.255.255.0
CME_RTR(config-subif)# desc VOICE VLAN GATEWAY
CME_RTR(config-subif)# exit
CME_RTR(config)# int Fa0/1
CME_RTR(config-if)# no shut
CME_RTR(config-if)# exit © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 26

CME_RTR(config)#
Example of Configuring Inter-VLAN with Voice VLAN
Understanding the Cisco IP Phone Concepts and Configuring Voice VLAN

 STEP 3 – Configuring a DHCP address scope on a Router


CME_RTR(config)# ip dhcp excluded-address 192.168.10.1 192.168.10.10
CME_RTR(config)# ip dhcp excluded-address 192.168.100.1 192.168.100.10
CME_RTR(config)# ip dhcp pool DATA_VLAN
CME_RTR(dhcp-config)# net 192.168.10.0 255.255.255.0
CME_RTR(dhcp-config)# default-router 192.168.10.1
CME_RTR(dhcp-config)# exit
CME_RTR(config)# ip dhcp pool VOICE_VLAN
CME_RTR(dhcp-config)# net 192.168.100.0 255.255.255.0
CME_RTR(dhcp-config)# default-router 192.168.100.1
CME_RTR(dhcp-config)# option 150 ip 192.168.100.1
CME_RTR(dhcp-config)# exit
CME_RTR(config)#

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 27
Example of Configuring Inter-VLAN with Voice VLAN
Understanding the Cisco IP Phone Concepts and Configuring Voice VLAN

 STEP 4 – Configure Router’s Telephony Service for IP Phone


CME_RTR(config)# telephony-service
CME_RTR(config-telephony)# max-dn 2
CME_RTR(config-telephony)# max-ephones 2
CME_RTR(config-telephony)# ip source-address 192.168.100.1 port 2000
CME_RTR(config-telephony)# exit
CME_RTR(config)#

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 28
Example of Configuring Inter-VLAN with Voice VLAN
Understanding the Cisco IP Phone Concepts and Configuring Voice VLAN

 STEP 5 – Create Directory Numbers


CME_RTR(config)# ephone-dn 1
CME_RTR(config-ephone-dn)# number 101
CME_RTR(config-ephone-dn)# ephone-dn 2
CME_RTR(config-ephone-dn)# number 102
CME_RTR(config-ephone-dn)# exit
CME_RTR(config)# ephone 1
CME_RTR(config-ephone)# type 7960
CME_RTR(config-ephone)# button 1:1
CME_RTR(config-ephone)# ephone 2
CME_RTR(config-ephone)# type 7960
CME_RTR(config-ephone)# button 1:2
CME_RTR(config-ephone)# end
CME_RTR#

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 29
Summary
Part 4

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 30
Lesson’s Summary
Understanding the Cisco IP Phone Concepts and Configuring Voice VLAN

 IP phone to the network, it needs to receive power.

 Cisco 7960 IP phone potential sources of power in a Cisco VoIP network are RS232, 10/100
used to connect the IP phone to the network, and 10/100 PC used to connect a co-located PC
(or other network device) to the IP Phone

 There are already easy-to-use applications available, such as Wireshark and Voice Over
Misconfigured Internet Telephones (VOMIT), that allow intruders to capture voice conversations
on the network and convert them into WAV data files.

 The incoming switchport is able to receive and send 802.1Q tagged packets that gives the
capability to establish a type of trunk connection between the Cisco switch and IP phone

 Separating voice and data traffic using VLANs provides three (3) solid security boundary such
as preventing data applications from reaching the voice traffic, simpler method to deploy QoS,
and prioritizing the voice traffic over the data.
 Option 150 creates the custom TFTP server option to be handed out to the Cisco IP Phones
along with their IP address information. © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 31

You might also like