I have a little trouble and I will explain first.
The ISP at my friend location installed a Switch with 12 ports. 6 ports are only for VoIP (this own PBX) and the other 6 are for normal data.
My friend has a little far away room (200 mts) we linked using Ubiquiti Nano… but the Voip is not working. of course… because is a different network (from port 1 to 6).
The ISP say… install another Internet in the room and you can have our VoIP… GRRRRR
Then. I want to do the following…
In the main office, I installed this: CRS109-8G-1S-2HnD-IN (192.168.1.5)
For having many ports and wireless. All like switch
Eth2 = link to the ISP switch in data ports
Eth7 = link to the ISP switch in voip portd (vlan 200)
Eth8 = link to the room with ONE cable with vlans
The the room, I installed this in switch mode (no wan port) hAP lite (192.168.1.6)
eth 1 = link coming from the other switch. Receiving two vlans
eth 2-3 = data for pc
eth 4 = voip phone (must be linked with vlan 200 and connecting to eth7 in the other switch)
But I can´t do it. I think I am doing correctly. The best I can is good ping in DATA without good tcp data stream. Only ping…
Here the config… any advise and I will be super happy.
Nice spot, with our snowfall this morning I wish I was there - visited Aguilas for two weeks (and drove to Grenada for a day) in the summer.
{Edit, I should explain that I noticed the OP was from Fuengirola Spain, and am very curious about a place I have never heard of before, Concur it was not thread centric, but did it really bother you that much??}
As for the thread, its a very interesting situation and it seems the op is trying to use a VLAN over a wireless connection.
Since many WISPs operate in the wifi realm, I would imagine this is in some cases a normal way of operating.
If one can translate the wifi connection as being ‘similar’ to joining by cable, then we have two devices at either end that need configuring.
Much like the case I can relate to at home with a hex router and a capAC. In this case both have their own bridges and it works just fine and thus why a little confused that the advice of one bridge would be applicable here?? (to me the ubiquiti unit acts like an ethernet cable and just transfers whatever flows in at one end to the other end)?
Thank you my friend for your answer.
In the example is only with ONE bridge.
I need to bridges, coming from different ETH… JOIN in a single ETH (I think 2 VLANS) and after in the another equipment, SEPARATE it.
I will disable RSTP… but, I don;t understand something from the example.. /interface bridge
add name=bridge1 vlan-filtering=yes
/interface bridge port
add bridge=bridge1 interface=ether1
add bridge=bridge1 interface=ether2
/interface bridge vlan
add bridge=bridge1 tagged=ether1,ether2 vlan-ids=10
How can I put in one side, for example ETH3 to bridge2? and after put together for example in eth5?
This should be the switching part, IP is set on the default VLAN (1) . Needs 6.41+ Router OS
Data goes untagged between the two switches. Voice is tagged with VLAN 200
I am confused by many things in the post (or unknowns) because VOIP is a bit unfamiliar and the configuration is weird.
VOIP
The fact that the ISP switch already has VOIP ports out -
Does that mean each port goes to a specific VOIP device (phone) with a different phone number per port?
or
Does one take one VOIP port and then take it to a phone switch panel and then a whole bunch of phones share that line.
Where is the VOIP modem in this scenario.
ROUTING
What is being attempted is to use the ISPs VOIP in a separate room, but the switch VOIP output is not expected to go through the router (only the data) and is why the ISP is trying to get you into another account.
WORK AROUND
From what i see, the suggestion is to pretend the VOIP output switch port is LIKE a PC device with zero vlan tagging (an access port scenario).
Thus on the router in the office you want to bring a VOIP port into the router ethX, and then tag it with VLANID
Then using the ubiquiti transfer (think of it as a dummy wireless cable that is simply a conduit), at the other end capture the VLAN data coming through
and route it to a voip modem or voip device etc…
In this case, the one bridge concept does not seem necessary, nor does it make sense from my limited experience. The connecting feature for networking connectivity is the VLAN, not the bridge (we have two routers remember). I will only focus on the key elements for the VOIP.
configuration proposed was off the mark and removed…
First, I will answer something and after I will explain what did I discover today
1.- The first 8 ports in the ISP switch are allowed to use VoIP. If I connect the ISP pre-configured phones to others ports, it doesn’t work. It must be only in the first 8 ports.
But I discovered if I connect a computer to the first 8 ports, I have internet and the same network that the other ports, but if I connect the phone here, I got 172.16.x.x IP in the phone (only access in the menu in the phone for watching the IP)..
Then… the phone is using a VLAN that is ONLY WORKING in the first 8 ports ONLY.
I don’t know this tag, but I need to allow a device “far away” to use this VLAN (I don’t know the tag), using the previus situation. TWO switch linked by ONE wire…
How can I allow “transparent” traffic with/without vlan tag…
Exactly I didn’t know but thinking the ISP switch has “not different” between the “voip ports” and the normal ports, just the “voip ports” have a VLAN allowed.. then, when I connect this port to the MK Switch TWO times in the same bridge, I am getting the loop.
GRRRRR Hating movistar with their super close and proprietary solutions for getting and getting money…
They say. Do you want the phone in the room. Contract another fiber, Cloud PBX, one extension and about 100 eur/month…
So it seems that first 8 ports are - what we call them here - hybrid ports with internet untagged and VoIP tagged, while the rest of ports are access ports with only internet.
The trick now is to discover which VLAN ID is used for VoIP. You can try to find that info from phone’s menus (VLAN ID is a number between 1 and 4000-something).
If you won’t be able to find it, you could try to get it the hard way: plug RB between phone and VoIP port (use two ports on RB that are members of bridge, disable HW offload so that traffic will pass RB’s CPU) and sniff traffic off the port where phone is plugged in. Even though registration might fail, there will be some tries using the right VLAN ID.
Edit: seems that on FTTH movistar is using VLAN ID 6 for internet and VLAN ID 3 for VoIP. It is reasonable to expect that internet would get untagged on CPE devices while VoIP (and IPTV) would remain tagged with same VLAN ID even on customer’s side of CPE as it is expected to use specialized equipment for those services.
Thank you Mr.
Is the way… you are right, they are hybrid ports.
The menu in the phone is very very small (it has an admin access with 16 digits password jajajaja).
and yes, I need to discover the ID.
And I will try the next week to do the sniffer. Thank you for the HW offload. I didn’t know it.
Super
ISP as a tagged VLAN on port 1-8 and phone used the tagged VLAN.
ISP are using auto sense, so that when a phone is connected it change to an different VLAN (we do use these option on out work, mac authentication)
If the first option is used, you need to find out what VLAN is sent as a tagged VLAN. It may be sniffed out using wireshark.
Then setup the MT to use untagged VLAN as a PC net and then add the same VLAN as the ISP is using for VoIP to your Router as a tagged VLAN.
You can then send VoIP VLAN to the other router and setup a tagged port for the phone there.
It looks like he tries to get all data from the ISP using tagged VLAN, but that would not work, since we already know that connecting a PC gives you a data network. So at least the Data VLAN goes untagged.
You need to find what VLAN the ISP does use to send VoIP data. When you have that we may be able to make a configuration.
PS you should remove your Signatur. It just shows up as links like this: (t changed in the http)
if it works, it makes the page loads slower due to need of opening third part sites.