Two networks, two WANs, two VLANs, one set of switches?

ERA

2/9/24, 8:23 PM

I have a standard corporate network with Active Directory, and I have an outbuilding for the local community college. We run off port 1 on our modem and run straight into our Palo Alto, which then feeds into our core switch; the CC runs off port 2 and jumps straight out via two Cisco SG300s to their Watchguard and their AD handles network settings through the VPN tunnel. The PCs need to run off their connection, but the Avaya VOIP phones need to run off mine.

Attempted solution: I ran a line (vlan'd off) from an open port on one of my access switches to the SG300, then set the same vlan on the SG300 at the other end and tried to run the VOIP phones off that. No dice. The vlan is in my core with the address of the closest SG300 as the IP address. No dice.

I suspect the issue is that I'm missing a subnet for the phones, but inside our network that's handled by option 242 in our DHCP server. Do I need to set second IPs on the two SG300s for my network to see them, and serve DHCP to the phones over our vlan?

Right now I can plug into either of the SG300s and get out to the internet, but I can't get connectivity with my domain no matter what vlan the port is set to.

1 + 3

networking

windows

active-directory

vlan

avaya

Zac67

2/9/24, 9:55 PM

Please add a network diagram to your question - as it is it's very hard to make out what's where.

ERA

2/13/24, 2:46 PM

Added via link in the body of the post.

TomTom

2/13/24, 3:09 PM

And the question is? "Teach me network basics" is a bad question for a pro place. Nail it down to a SINGLE ACTIONABLE iTEM.

Score:0

Server

Zac67

2/13/24, 3:45 PM

Do I need to set second IPs on the two SG300s for my network to see them, and serve DHCP to the phones over our vlan?

Only when you use them for routing. As it appears, you're trunking VLAN 99 to the core switch, so that's where you need to a) configure the VLAN, b) add an IP address to the VLAN, used as gateway, c) configure routing and d) provide DHCP (direct from core switch, or a directly connected server, or by DHCP relay).

Depending on the phone configurations, you need to either configure VLAN 99 as untagged on their ports (access mode) or tagged (trunk mode). Make sure you exclude unwanted VLANs on the switch ports towards the phones.

Your question is still somewhat hazy and terminology unclear. When checking connectivity

L2 connectivity: make sure you see the required phone MAC addresses in the switches' MAC tables in the desired VLAN
L3 basics: make sure DHCP works on the new VLAN (see above)
L3 routing: make sure you can ping from the phone VLAN to your SIP gateway and vice versa

+ 0

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Two networks, two WANs, two VLANs, one set of switches?

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.