Switches, Hubs, and Modems
cancel
Showing results for 
Search instead for 
Did you mean: 

Procurve 2610, 2510, VLAN, VOIP, and Firebox

vifanchris
Occasional Advisor

Procurve 2610, 2510, VLAN, VOIP, and Firebox

I have five 2610-PWR switches, one 2510G switch, and a Watchguard Firebox. I am trying to get VLANs and routing setup for a Shoretel VOIP system and I just can't seem to get it right. Here's the basic setup:

Watchguard Firebox
External Interface (0): xxx.xxx.xxx.xxx
Primary Trusted Interface (1): 10.81.4.1/24
External Interface2 (2): xxx.xxx.xxx.xxx
VLAN Trusted Interface (3):
ID=10
Adrs=10.81.50.1/24
DHCP Relay=10.81.4.7

Primary Network (default VLAN) 10.81.4.0/24
Default Gateway: 10.81.4.1 (Firebox)
DHCP server: 10.81.4.7 (Windows server 2003)

Shoretel Network (VLAN 10) 10.81.50.0/24
Shoretel Server: 10.81.50.10
Shoretel Switches: 10.81.50.11 - 14

I setup all the 2610's the same way (except for the actual ip address):
hostname "Switch_2"
ip default-gateway 10.81.4.1
ip routing
vlan 1
name "DEFAULT_VLAN"
untagged 1-52
ip address 10.81.4.51 255.255.255.0
exit
vlan 10
name "voip"
ip address 10.81.50.241 255.255.255.0
qos priority 7
ip helper-address 10.81.4.7
tagged 1-52
voice
exit

Here is the setup for the 2510G:
hostname "Switch_BB1"
ip default-gateway 10.81.4.1
vlan 1
name "DEFAULT_VLAN"
untagged 1-24
ip address 10.81.4.60 255.255.255.0
exit
vlan 10
name "voip"
ip address 10.81.50.250 255.255.255.0
voice
exit

I am using the 2510G as the central connecting point for the switches and servers. I was told that it would support the VLAN / Routing that I needed to do but now I am not so sure because it is not working. But then again, it is probably my fault by misconfiguring thee whole thing.

I would greatly appreciate any help anyone can give me.
12 REPLIES

Re: Procurve 2610, 2510, VLAN, VOIP, and Firebox

If you're using ip routing on the switches, I don't believe the gateway will work.

I believe you need to add a route to the switch(es) in order to see your internet connection.


no ip default-gateway 10.81.4.1

ip route 0.0.0.0 0.0.0.0 10.81.4.1
vifanchris
Occasional Advisor

Re: Procurve 2610, 2510, VLAN, VOIP, and Firebox

I set the ip routing on the 2610's when I noticed things weren't working right. I took your suggestion and removed the gateway settings but I don't understand the route your suggested. It does not seem to be valid and the 2510 doesn't seem to even support the ip route feature.

Things still were not working so I removed the VLAN from the Firebox and set it up as a second network interface (10.81.50.1/24) and everything started to work.

I still don't think this is setup the way it should be and I'm worried that the 2510 was not the right choice.

Pieter 't Hart
Honored Contributor

Re: Procurve 2610, 2510, VLAN, VOIP, and Firebox

on the 2510G you don't mention any port as tagged in vlan10, is that right?
especially the port(s) connecting the switches.
The port where the firebox is connected should be untagged in vlan10, or tagged if it expects multiple vlans on a single physical interface.

Pieter
Pieter 't Hart
Honored Contributor

Re: Procurve 2610, 2510, VLAN, VOIP, and Firebox

you should not configure all switches as router between the same two subnets.

reconfigure using only one switch as router; maybe two for redundancy using VRRP/HSRP if the switch support this.
or use different subnets on each switch.

Pieter
vifanchris
Occasional Advisor

Re: Procurve 2610, 2510, VLAN, VOIP, and Firebox

I obviously have much to learn and it looks like this is a great place to ask. Everything seems to be working at the moment except for one important thing. I can't figure out how to set the helper-address for vlans on the 2510 switch.

When I enter:
ip helper-address 10.81.4.7
I get:
Invalid input: helper-address

Is there a different syntax on the 2510?
Pieter 't Hart
Honored Contributor

Re: Procurve 2610, 2510, VLAN, VOIP, and Firebox

don't think you got the wrong syntax
but probably at the wrong level.
in a previous config output you wrote :
vlan 10
name "voip"
ip address 10.81.50.241 255.255.255.0
qos priority 7
ip helper-address 10.81.4.7
so the command itself is right.

- did you first select an interface to apply to ?
- does this interface has its own ip-adress ?
if not it cannot act as an ip-helper

ProCurve> enable
ProCurve# config
ProCurve(config)# vlan xx
ProCurve(vlan-xx)# ip address 10.81.xx.241 255.255.255.0
ProCurve(vlan-xx)# ip helper-address 10.81.4.7
vifanchris
Occasional Advisor

Re: Procurve 2610, 2510, VLAN, VOIP, and Firebox

I think the config you mentioned above was for a 2610 and the problem I am having is with a 2510. Here's the current config and the error:
hostname "Switch_BB1"
time timezone -5
snmp-server community "public" Unrestricted
vlan 1
name "DEFAULT_VLAN"
untagged 1-24
ip address 10.81.4.60 255.255.255.0
exit
vlan 10
name "voip"
ip address 10.81.50.250 255.255.255.0
tagged 1-24
voice
exit
password manager
password operator

Switch_BB1(config)# vlan 10
Switch_BB1(vlan-10)# ip helper-address 10.81.4.7
Invalid input: helper-address
Switch_BB1(vlan-10)#

Pieter 't Hart
Honored Contributor

Re: Procurve 2610, 2510, VLAN, VOIP, and Firebox

according to the manual it should be
ProCurve(config)# dhcp-relay

Enabling DHCP Relay
To enable the DHCP Relay function for the routing switch, at the Config CLI context level, enter the command:
ProCurve(config)# dhcp-relay
To disable the DHCP Relay function, enter the command:
ProCurve(config)# no dhcp-relay
Pieter 't Hart
Honored Contributor

Re: Procurve 2610, 2510, VLAN, VOIP, and Firebox

followed by
ip helper-address 10.81.4.7

Configuring a Helper Address
At the VLAN configuration CLI context level, enter the commands to add the DHCP serverâ s IP address to the VLANs list. For example, to configure a helper address of 18.38.127.53 for VLAN 1, you would enter these commands:
ProCurve(conf)# vlan 1
ProCurve(vlan-1)#
vifanchris
Occasional Advisor

Re: Procurve 2610, 2510, VLAN, VOIP, and Firebox

No joy:

Switch_BB1(config)#
Switch_BB1(config)# dhcp-relay
Invalid input: dhcp-relay
Switch_BB1(config)#
Switch_BB1(config)#

Is there something wrong with my switch?
Pieter 't Hart
Honored Contributor

Re: Procurve 2610, 2510, VLAN, VOIP, and Firebox

I'm afraid i read previous command from the wrong document.

the document
2510-AdvTrafficMgmt-Jan2008-59914762.pdf

states under VLAN Restrictions :
An external router must be used to communicate between tagged VLANs
on the switch.
and somewhere else :
Separate
VLANs on the switch can communicate with each other through an external
router.

So the 2510 itself does not function as a router.

This implies also dhcp-relay must be done outside this switch as this is a router-function.

sorry for the previous false info.

Pieter
vifanchris
Occasional Advisor

Re: Procurve 2610, 2510, VLAN, VOIP, and Firebox

no problem. The Firebox I have should be able to handle the routing so that should not be an issue.

The real problem here is the phones on VLAN-10 cannot get an IP from DHCP server which is on VLAN-1. The 2610's have the helper-address set correctly and so does the Firebox. Is the 2510 keeping the DHCP from working? Can I make this work or do I have to replace the 2510 with something else?