Wired Intelligent Edge

Hello All, I'm new here and this is my first post.

I have a new Aruba stack 2930M. Two switches connected togheter to act as one. Never worked on this hardware before and would like some help.

We have 2 VLANS, default VLAN for local network and VoIP VLAN for AVAYA phones and AVAYA controller.

If I want to pass traffic between 2 VLAN's what is the best way to do this? 

Hi Robert,

Welcome!

Unfortunately your question cannot be answered with some more information about your environment and goal.

• What is the size of your environment
• Is this switch used as edgeswitch or coreswitch
• What device is handle your routing (layer 3); coreswitch, upper firewall
• What is the vlan of your voice server
• Why do you like route between corporate and voice vlan

Normally spoken you could have multiple voice vlans to connect your phones on, the voice vlans can reach your voice server by a layer 3 routing to the voice server vlan. If you like to connect a PC behind the phone you can attached the corporated vlan to the same interface on the switch so your phone use the voice vlan and your PC use the corporate vlan. What is important that your voice vlan is configured with the "voice" command so it can inherit the QOS settings send by your phone. But routing between corporate and the voice vlans is not very usual until there is a specific use case for it.

Hello Marcel,

Routing is done by firewall, SonicWall 2650.

This is small office environment. 

This is core switch for this office.

Technically there is no VLAN set on AVAYA controller.

There is only VLAN on the switch labeled as VOIP to separate data traffic from voice traffic. All phones and controller is connected to that VLAN. AVAYA controller is running DHCP for the phones. SIP traffic is going over another AVAYA interface connected directly to firewall. 

I was hopping that routing between subnets would help me with new NAT setup between voice LAN and external IP. 

I can easily connect voice VLAN to firewall with physical interface (done that and tested) but unfortunately SonicWall doesn't allow NAT when traffic crosses between the other interfaces. Still waiting on SonicWall support to confirm that.

This is why I thought about routing between vlans hoping this could help me to utilize my default LAN\WAN interfaces for NAT.

I hope this make sense.

Hi,

You need to tag the VoIP Vlan

vlan X

voice

Tagged XX

If the phones and avaya controller are in the same voice vlan i dont understand the need of communication with the data vlan. The avaya controller had a second interface connected to the firewall to reach out to the wan/internet.

A Aruba 2930 can be used for routing traffic by give each vlan its own ip address, but i recommend to keep routing on a single point, where your firewall is the best choice. An Aruba 2930 dont have support for NAT.

Something i think about is as below.

vlan 10

name "data"

ip address 192.168.10.1 255.255.255.0

untagged 1/11-1/24

vlan 20

name "voice"

voice

tagged 1/1-1/10

ip default-gateway 192.168.10.254 (sonicwall interface)

interface 1/10

name "alcatel voice vlan"

interface 1/11

name "alcatel sip data vlan"

interface 1/24

name "uplink data to firewall"