Hi! first of all VLANs aren't tagged or untagged...instead ports (physical or logical interfaces) are eventually untagged and/or tagged members of existing VLANs.
So you basically have two VLAN Id(s) defined:
- VLAN 1 (Default Port VLAN id) <-- ports in default state are untagged members of that VLAN id.
- VLAN 10
Then you associated a non overlapping IP Address to each VLAN id:
- VLAN 1 = 192.168.0.x 255.255.255.0 (Data dedicated VLAN id)
- VLAN 10 = 192.168.1.x 255.255.255.0 (Voice dedicated VLAN id)
I suppose that your softphones are running on clients and those clients should be usually connected to your VLAN 1 (Data dedicated) via switch access ports untagged members of VLAN 1. Correct?
The Voice Server would be probably (re)connected to an access port which should be concurrently configured to be an untagged member of VLAN 1 (to stay in touch with softphones on the very same VLAN 1) and a tagged member of VLAN 10 (to stay in tocuh with hardphones on the very same VLAN 10). Clearly this approach means that the Server is VLAN Aware and so its Ethernet interface is going to have a set of networking settings (IP address, Subnet Mask, Default Gateway, etc.) on VLAN 1 (Default) and another set of networking settings (IP address, Subnet Mask, Default Gateway, etc.) on VLAN 10.
I'm not an HPE Employee
@mass1q wrote: Hi, thank you very much for clarifying you are 100% correct about my setup. Yes, I meant ports, on the same port I need that both untagged and tagged frames go to the voice server that is now configured with an ip from the untagged Vlan (192.168.0.200).
So - actually - it's highly probable that your Voice Server is connected to a Switch's access port which was configured as an untagged member of VLAN 1.
@mass1q wrote: The voice server has only one ethernet interface so, being a member of the untagged Vlan, is unable to ping any Vlan 10 phone, so I guess I need to change something in the switch. The voice server port should be an hybrid one to simultaneously communicate with both vlans, or maybe I just need a routing policy (I can do I with my firewall) between the two vlans
Don't worry for the single Ethernet interface: VLANs exist exactly to overcome that (to carry more networks through a single physical/logical link)...the only thing you really need Server side is a Ethernet's Interface Driver that is capable of setting IEEE 802.1Q VLAN Tagging on that interface...it shouldn't be an issue on a Server OS and for a typical Server's Hardware...so your Server will be able to concurrently be member of VLAN 1 (Untagged) and VLAN 10 (Tagged) having, on each one VLAN, its specific set of network settings (so be part, on each VLAN ids, of the associated subnet).
Clearly the Switch's access port used for your Voice Server should be modified to carry VLAN 10 traffic as tagged along with the VLAN 1 traffic as untagged it already carries...it means that that port must be configured to be tagged member of VLAN 10 too (typically on a HP ProCurve/Aruba switch this translates to a command like: interface ethernet <port-id> vlan tagged 10). No Hybrid port is necessary. On Comware based switches such type of port (able to carry more VLAN ids) is called a Trunk Port...but, pay attention that, on HP ProCurve/ArubaOS-Switch a Port Trunk represents instead a Link Aggregation (which is a logical interface).
Think about having a Host with two "logical legs" (those VLANs) over a single "physical leg" (the uplink to the Switch).
The routing between these VLANs is managed by your router (eventually the Switch if your scenario require the Switch to be the router, quite common).
I'm not an HPE Employee