Adding a Cisco Small Business 300 Series Switch to SBCS 2€¦ · – Differentiated Service Code Point (DSCP) classification—Classifies packets across a network to provide guaranteed

Americas HeadquartersCisco Systems, Inc.170 West Tasman DriveSan Jose, CA 95134-1706 USAhttp://www.cisco.comTel: 408 526-4000

800 553-NETS (6387)Fax: 408 527-0883

Adding a Cisco Small Business 300 Series Switch to SBCS 2.0Application Note

September, 2010

SMART DesignsSmart Business Communications Systems v2.0

Cisco Validated DesignThe Cisco Validated Design Program consists of systems and solutions designed, tested, and documented to facilitate faster, more reliable, and more predictable customer deployments. For more information visit www.cisco.com/go/validateddesigns.

ALL DESIGNS, SPECIFICATIONS, STATEMENTS, INFORMATION, AND RECOMMENDATIONS (COLLECTIVELY, "DESIGNS") IN THIS MANUAL ARE PRESENTED "AS IS," WITH ALL FAULTS. CISCO AND ITS SUPPLIERS DISCLAIM ALL WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF DEALING, USAGE, OR TRADE PRACTICE. IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING, WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THE DESIGNS, EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

THE DESIGNS ARE SUBJECT TO CHANGE WITHOUT NOTICE. USERS ARE SOLELY RESPONSIBLE FOR THEIR APPLICATION OF THE DESIGNS. THE DESIGNS DO NOT CONSTITUTE THE TECHNICAL OR OTHER PROFESSIONAL ADVICE OF CISCO, ITS SUPPLIERS OR PARTNERS. USERS SHOULD CONSULT THEIR OWN TECHNICAL ADVISORS BEFORE IMPLEMENTING THE DESIGNS. RESULTS MAY VARY DEPENDING ON FACTORS NOT TESTED BY CISCO.

CCDE, CCENT, CCSI, Cisco Eos, Cisco HealthPresence, Cisco IronPort, the Cisco logo, Cisco Nurse Connect, Cisco Pulse, Cisco SensorBase, Cisco StackPower, Cisco StadiumVision, Cisco TelePresence, Cisco Unified Computing System, Cisco WebEx, DCE, Flip Channels, Flip for Good, Flip Mino, Flipshare (Design), Flip Ultra, Flip Video, Flip Video (Design), Instant Broadband, and Welcome to the Human Network are trademarks; Changing the Way We Work, Live, Play, and Learn, Cisco Capital, Cisco Capital (Design), Cisco:Financed (Stylized), Cisco Store, Flip Gift Card, and One Million Acts of Green are service marks; and Access Registrar, Aironet, AllTouch, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Lumin, Cisco Nexus, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, Continuum, EtherFast, EtherSwitch, Event Center, Explorer, Follow Me Browsing, GainMaker, iLYNX, IOS, iPhone, IronPort, the IronPort logo, Laser Link, LightStream, Linksys, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers, Networking Academy, PCNow, PIX, PowerKEY, PowerPanels, PowerTV, PowerTV (Design), PowerVu, Prisma, ProConnect, ROSA, SenderBase, SMARTnet, Spectrum Expert, StackWise, WebEx, and the WebEx logo are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.

All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (0910R)

Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and coincidental.

Adding a Cisco Small Business 300 Series Switch to SBCS 2.0 ©2010 Cisco Systems, Inc. All rights reserved.

C O N T E N T S

Overview 1

Review of Voice Ready Network 2

Partner Site Installation Tasks 3

Customer Site Installation Tasks 5Provisioning Sequence 6

For More Information 15

iiiAdding a Cisco Small Business 300 Series Switch to SBCS 2.0

Contents

ivAdding a Cisco Small Business 300 Series Switch to SBCS 2.0

Adding a Cisco Small Business 300 Series Switch to SBCS 2.0

OverviewThis application note is part of the Cisco SMART Designs suite and is based on the design recommendations described in the Cisco Smart Business Communications System 2.0 Design Guide. This application note describes how to add a Cisco Small Business 300 Series Switch to an operational Cisco Smart Business Communications System (SBCS) network installed at a main office, which is installed according to the guidelines described in the Cisco Smart Business Communications System 2.0 Basic Implementation Guide. These documents and other application notes for adding various capabilities to Cisco SBCS are available at the following URL: http://www.cisco.com/go/smartdesigns/sbcs.

Figure 1 shows a Cisco SBCS network with a Cisco Small Business 300 Series power-over-Ethernet (PoE) switch for the LAN. The Cisco Unified Communications 500 Series (UC500), which is the core of the SBCS solution, is primarily a telephony device, but it also provides other functionalities, such as basic routing, inter-VLAN routing, integrated switching, and wireless; and some basic security features, such as firewall, Network Address Translation (NAT), virtual private network (VPN), and so on. Figure 1 shows the main office location of the SBCS solution in a simplified way, and only highlights the LAN infrastructure, which is based on a Cisco Small Business 300 Series PoE-capable switch, which is directly connected to a UC500 device.

Corporate Headquarters:

Copyright © 2010 Cisco Systems, Inc. All rights reserved.

Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA

Application Note Review of Voice Ready Network

Smart Designs

Figure 1 Adding a Cisco Small Business 300 Series Switch to the Cisco SBCS Solution

The Cisco Small Business 300 Series switches are managed switches for small businesses. These switches can be used to build the LAN infrastructure for a Cisco SBCS solution. However, these switches cannot be configured by using Cisco Configuration Assistant. This application note is written to address a special case where the customer wishes to use a Cisco Small Business 300 Series switch in the SBCS solution.

Note For the SBCS solution, Cisco recommends using the devices that are supported by Cisco Configuration Assistant.

This document follows a validated series of steps for adding a Cisco Small Business 300 Series switch to a Cisco SBCS solution. This sequence of steps is expected to reduce the time required to install the Cisco Small Business 300 Series switch.

Review of Voice Ready NetworkThis section summarizes the features of a voice-ready network. To ensure that voice traffic receives the necessary quality of service (QoS), the features described in this section must be enabled and configured on each Ethernet port to which a Cisco IP Phone is connected.

• Virtual local area network (VLAN)—A VLAN is a virtual network that segments different types of traffic and users; and is identified through a port VLAN ID (PVID), such as 1, 10, 12, and so on. When adding voice to a network, a separate VLAN should be added to the network for the voice traffic.

IP

2134

74

SBCS 2.0 NetworkAt Main Office

Mobile Workers,Remote Offices,

Home Offices

UC500Internet Connection,VPN, NAT, Firewall andUnified Communications

Version 2.2

CiscoConfiguration

Assistant

Fax

PSTN

Phone

IP Phone PC/LaptopConnected toIP Phone

Fax

PSTN

Internet

2Adding a Cisco Small Business 300 Series Switch to SBCS 2.0

Application Note Partner Site Installation Tasks

Smart Business Communications Systems 2.0

A voice VLAN has higher quality requirements than a standard data network, such as the following:

• PortFast—Allows a device such as an IP phone to quickly connect or disconnect to the network, which helps with adding and removing devices on the network.

• Bridge Protocol Data Unit (BPDU) Guard—Prevents hackers from changing from one VLAN to another without authorization, helping to secure the network.

• Storm Control—Helps to prevent storms on the network; storms are an unusual burst of traffic that can impede business processes on the network, including voice.

• Port Security—Stops users from adding unauthorized devices to the network, helping to keep unwanted applications such as viruses and worms off the network.

• Quality of service (QoS)—Helps to ensure that applications such as voice get through the network with limited interruptions, protecting the quality of the voice call being made on the network. When setting up QoS on the network, the following specific features should be enabled or customized:

– Class of service (CoS)—Used in an Ethernet network to set the priority of the traffic traversing that network. CoS helps to ensure the quality of the voice calls on the Ethernet network.

– Differentiated Service Code Point (DSCP) classification—Classifies packets across a network to provide guaranteed service for specific packets, such as voice packets. DSCP ensures voice quality across the entire network.

– Access control lists (ACLs)—ACLs create security policies for your business; for example, including who has access to specific servers, and securing your business from the Internet.

– Priority processing (queuing and scheduling)—Helps to manage the traffic flowing through the network by ensuring that sensitive traffic such as voice is assigned precedence to get through the network first.

Partner Site Installation TasksThe Cisco UC500 device in the SBCS solution is configured by using Cisco Configuration Assistant, as described in the Cisco Smart Business Communications System 2.0 Basic Implementation Guide and other the application notes available at the following URL: http://www.cisco.com/go/smartdesigns/sbcs. For simplicity, and to minimize the installation time, the Cisco SBCS 2.0 basic implementation is done using the factory-default VLAN and inside IP addresses, as summarized in Table 1.

Table 1 Factory-Default LAN Settings for Cisco UC500 Devices

Network Attribute Factory Default Value Comments

Data VLAN ID and name ID = 1, Name = Default Used for data traffic

Voice VLAN ID and name ID = 100, Name = Cisco-Voice Used for voice over IP (VoIP) traffic only

Smartport role for expansion ports

Switch Connecting the Cisco UC500 to switch

Smartport role for all switch ports

IP phone and desktop To connect IP phone or a laptop or desktop PC

Data network and network mask 192.168.10.0/ 255.255.255.0 First ten addresses are reserved

Voice network and network mask 10.1.1.0/255.255.255.0 First ten addresses are reserved

3Adding a Cisco Small Business 300 Series Switch to SBCS 2.0

Application Note Partner Site Installation Tasks

Smart Designs

Cisco recommends preparing the Cisco Small Business 300 Series switch for the SBCS at the partner site. The Quick Start guide, which can be found in the packaging of the switch, has many helpful tips for initial configuration, including the use of the Hard Reset button to revert the switch to factory-default settings. Prepare the switch for SBCS by completing the following steps.

Procedure

Step 1 Upgrade the Cisco Small Business 300 Series switch with latest version of the firmware by going to http://www.cisco.com/go/300switches and clicking Download Software.

This application note uses firmware version 1.0.0.27 and boot code 1.0.0.4.

Step 2 Change the IP address of switch to a static IP address with one of the reserved address for the data network (this application note uses static IP address 192.168.10.2) by doing the following:

a. Power on the Cisco Small Business 300 PoE switch and connect a laptop/PC to a switch port.

b. Change the IP address of the laptop/PC as follows:

– Static IP address 192.168.1.11

– Net mask 255.255.255.0

– No default gateway

c. Open a browser and connect to the Cisco Small Business 300 Series switch by browsing to 192.168.1.254.

d. On the Getting Started screen, either click Change Device IP Address or Select Administration > Management Interface > IPv4 Interface.

e. Change the device IP address as static/192.168.10.2/255.255.255.0/192.168.10.1.

Figure 2 shows the sample screenshot for changing the IP address of the Cisco Small Business SF-302-08P PoE switch.

4Adding a Cisco Small Business 300 Series Switch to SBCS 2.0

Application Note Customer Site Installation Tasks

Smart Business Communications Systems 2.0

Figure 2 Assigning Static IP Address from the SBCS Reserved Pool of Data VLAN

Step 3 Click Apply.

As a result of the change in IP address, the laptop/PC disconnects from the Cisco Small Business 300 switch.

Step 4 Change the IP address of the laptop/PC to static 192.168.10.11, netmask 255.255.255.0, and no default gateway.

Step 5 Open a browser and reconnect to the Cisco Small Business 300 Series switch by browsing to 192.168.10.2.

Step 6 Click Save to save the configuration. Save “running configuration” to “startup configuration.”

Step 7 Power off the switch, pack it, and ship it to the customer site.

Customer Site Installation TasksAt the customer site, remove the Cisco Small Business 300 Series switch from its packaging, and place it so that its trunk port can be connected to the Cisco UC500’s LAN expansion port, which is pre-configured as a trunk port (see Figure 1). Connect the laptop/PC with Cisco Configuration Assistant to the switchport of the UC500 device. This laptop/PC will then be used to connect to the Cisco Small Business 300 Series switch and provision it to work with SBCS.

5Adding a Cisco Small Business 300 Series Switch to SBCS 2.0

Application Note Customer Site Installation Tasks

Smart Designs

Provisioning SequenceThis guide provides the sequence of steps needed to integrate a Cisco Small Business 300 Series switch to an SBCS network that is configured according to the Cisco SBCS 2.0 Basic Implementation Guide. The sequence of steps is pre-validated and designed to minimize the installation time. The high level sequence of steps, listed below, is explained in detail in subsequent sections:

• Create and enable a voice VLAN

• Change the VLAN interface settings according to the device to be connected

• Tag the voice VLAN and verify port-VLAN mapping

• Configure and apply LLDP MED policies

• Configure storm control and port security

• Connect IP phones and verify registration

• Configure SBCS as per the basic implementation guide

Note For more switch configuration details, see the Administration Guide listed in For More Information, page 15.

Creating and Enabling the Voice VLAN

This section describes how to create the voice VLAN, and enable the voice VLAN so that quality of service (QoS) is applied on the voice traffic. The ID and name of the voice VLAN is the same as that on the Cisco UC500.

Complete the following steps.

Procedure

Step 1 Connect the trunk port of the Cisco Small Business 300 switch to the LAN expansion port of the UC500, and power on the switch.

Step 2 Connect the laptop/PC to a switchport of the UC500 device.

Step 3 Open a browser and browse to the IP address of the Cisco Small Business 300 switch. In this document, 192.168.10.2 is used, as configured in the previous section.

Step 4 Click Create VLAN on the Getting Started screen, or select VLAN Management > Create VLAN.

Step 5 Click Add button to add a VLAN. Add the Voice VLAN with ID 100 and Name Cisco-Voice, as shown in Figure 3.

6Adding a Cisco Small Business 300 Series Switch to SBCS 2.0

Application Note Customer Site Installation Tasks

Smart Business Communications Systems 2.0

Figure 3 Creating the Voice VLAN 100 on Cisco Small Business 300 Series Switch

Step 6 Select VLAN Management > Voice VLAN > Properties. Check Enable for Voice VLAN Status, and select the VLAN ID 100 in the drop-down menu for Voice VLAN ID.

Step 7 In the drop-down menu for Class of Service, select 6, and check Remark CoS.

Auto Membership Aging Time is not relevant in this scenario. CoS is used within an Ethernet network to set the priority of the traffic traversing that network. CoS helps to ensure the quality of the voice calls on the Ethernet network. Following are the CoS priority values:

• 0—Default (best effort)

• 1—Background

• 2—Spare

• 3—Excellent effort

• 4—Controlled load

• 5—Video

• 6—Voice

• 7—Network control

Step 8 Click Apply to save the settings. See Figure 4.

Figure 4 Enabling Voice VLAN with Appropriate QoS Settings

7Adding a Cisco Small Business 300 Series Switch to SBCS 2.0

Application Note Customer Site Installation Tasks

Smart Designs

Changing VLAN Interface Settings

As per factory-default settings, all switchports of the Cisco Small Business 300 Series switches are configured as trunk, with default VLAN ID 1 as the native VLAN. This design recommends configuring switchports according to the device to be connected. In this example, it is assumed that ports 1–5 will be used for data devices (PC, printers, servers), and switchports 6–8 will be used for IP phones. In this section, only the port type (Access, General, or Trunk) is configured. All other settings of ports are unchanged. Complete the following steps.

Procedure

Step 1 To open the configuration window to change the port configuration, either click VLAN Interface Settings in the Voice VLAN Properties screen, or select VLAN Management > Interface settings.

Step 2 Select a port, such as e1, and click Edit… to launch the pop-up configuration window.

Step 3 Change the Interface VLAN Mode of the port, do not change any other value, and apply the settings.

Step 4 Click Copy Settings… to apply a similar configuration on other ports.

Step 5 Completion of configuration is indicated by the green color “Success” notification, as shown in Figure 5.

Step 6 Save the settings.

Figure 5 Changing VLAN Interface Settings According to Type of Device to be Connected

Tagging the Voice VLAN in Trunk Ports

By default, all newly created VLANs are excluded from trunk ports. Therefore, the voice VLAN must be tagged (included or allowed) in trunk ports. Complete the following steps to tag the voice VLAN, and then verify the VLAN-port mapping.

Procedure

Step 1 To open the configuration window, select VLAN Management > Port to VLAN (see Figure 6). VLAN 1 is untagged and is the native VLAN for all ports, regardless of type of port.

8Adding a Cisco Small Business 300 Series Switch to SBCS 2.0

Application Note Customer Site Installation Tasks

Smart Business Communications Systems 2.0

Figure 6 Port Settings for Default VLAN 1

Step 2 Select 100 for “VLAN ID equals to” and click Go. VLAN 100 is Excluded for all ports.

Step 3 Make VLAN 100 Tagged for all Trunk ports, as shown in Figure 7.

Figure 7 Tagging VLAN 100 for all Trunk Ports

Step 4 Click Apply to change the settings.

Step 5 Either click the Port VLAN Membership Table button, or select VLAN Management > Port VLAN Membership to verify the VLAN-port mapping, as shown in Figure 8.

9Adding a Cisco Small Business 300 Series Switch to SBCS 2.0

Application Note Customer Site Installation Tasks

Smart Designs

Figure 8 Port VLAN Membership Table

Configuring LLDP-MED to Discover IP Phones

Link Layer Discovery Protocol (LLDP) enables device discovery (identification, configuration, and capabilities) in a multi-vendor network. LLDP operates in Layer 2 as devices broadcast multicast frames, known as Protocol Data Units (PDU, or LLDP-PDU), and can be processed only by devices aware of LLDP. LLDP-PDU contains type-length-value (TLV), which contains device information. LLDP Media Endpoint Discovery (LLDP-MED) is an enhancement of LLDP that provides additional capabilities to support media devices such as IP phones.

Unlike Cisco ESW-500 switches in SBCS, plug-and-play implementation of IP phones does not work correctly when using Cisco Small Business 300 Series switches in SBCS. For the Cisco SPA Series of IP Phones, the VLAN must be configured manually on phones as VLAN 100, before connecting to the Small Business 300 Series switch. Because the voice VLAN cannot be configured on Cisco 79xx Series IP Phones, the Small Business 300 Series switches have enhanced LLDP as LLDP-MED. To enable Cisco 79xx Series IP Phones to register in the voice VLAN, LLDP-MED configuration is needed.

Complete the following steps.

Procedure

Step 1 Select Administration > Discovery - LLDP > Properties. Make sure Enable is checked for LLDP Status. Leave the other values at their factory-default, as shown in Figure 9.

10Adding a Cisco Small Business 300 Series Switch to SBCS 2.0

Application Note Customer Site Installation Tasks

Smart Business Communications Systems 2.0

Figure 9 Verifying that LLDP is Enabled

Step 2 Select Administration > Discovery - LLDP > LLDP MED Network Policy.

Step 3 Click Add... to add the LLDP policy for voice VLAN 100, as shown in Figure 10.

Figure 10 Adding the LLDP Policy for the Voice VLAN

Step 4 Select Administration > Discovery - LLDP > LLDP MED Port Settings. Select the port where a Cisco 79xx Series phone will be connected, and click Edit....

Step 5 Configure the setting as shown in Figure 11.

11Adding a Cisco Small Business 300 Series Switch to SBCS 2.0

Application Note Customer Site Installation Tasks

Smart Designs

Figure 11 Editing LLDP MED Port Settings

Step 6 Using the Copy Settings... button, apply similar settings to all the ports that will be used to connect Cisco 79xx Series phones. Verify the setting in the screen (for example, ports 6–8), as shown in Figure 12. Check for changes in LLDP MED status, Network Policy, and PoE settings.

Figure 12 Copying and Verifying LLDP MED Port Settings

12Adding a Cisco Small Business 300 Series Switch to SBCS 2.0

Application Note Customer Site Installation Tasks

Smart Business Communications Systems 2.0

Configuring Storm Control and Port Security

Storm control and port security are important features of a VoIP network. Storm control helps prevent storms, which are unusual bursts of traffic on the network that can degrade network performance and disrupt business processes. Port security helps protect the network from threats, including viruses and worms, by preventing users from adding unauthorized devices to the network.

Complete the following steps to configure the ports participating in a VoIP network.

Procedure

Step 1 Select Security > Storm Control and select a port that is part of the voice VLAN.

Step 2 Click Edit... to enable Storm Control for the port. (See Figure 13.)

Step 3 Click Copy Settings... to copy similar settings on all the ports that are part of the voice VLAN.

Figure 13 Configuring Storm Control on the Ports in Voice VLAN

Step 4 Select Security > Port Security and select a port that is part of the voice VLAN.

Step 5 Click Edit... to configure this port to allow only three MAC addresses to be connected. An IP Phone actually has two MAC addresses; the third MAC address is for the computer that is plugged into the LAN port on the IP phone.

Step 6 Configure port security in the pop-up window. Enable the Trap and then lock the port.

Step 7 Click Copy Settings... to copy similar settings on all the ports that are part of the voice VLAN. (See Figure 14.)

13Adding a Cisco Small Business 300 Series Switch to SBCS 2.0

Application Note Customer Site Installation Tasks

Smart Designs

Figure 14 Configuring Port Security on the Ports in the Voice VLAN

Note Although the Cisco Small Business 300 Series switch automatically configures appropriate QoS when enabling the voice VLAN, Cisco recommends verifying the QoS as per the Configuring QoS on the Cisco Small Business 300 Series Switch, which is available at the following URL: http://www.cisco.com/go/smartdesigns.

Connecting IP Phones and Verifying Registration

Complete the following steps.

Procedure

Step 1 Save the configuration on the Cisco Small Business 300 Series switch.

Step 2 Connect the IP phones as follows by performing one of the following actions:

a. If the Cisco IP Phones models are SPA-3xx or SPA-5xx Series, configure VLAN ID as 100. Then connect these phones to the switchports configured with the voice VLAN, as explained above.

b. If the Cisco IP Phones models are 79xx Series, connect these phones to the switchports configured with the voice VLAN, and also with LLDP-MED, as explained above.

Step 3 Verify that all phones are registered with the Cisco UC500 device, have a dial tone, and can call each other.

Continuing the SBCS Configuration

Continue the SBCS configuration using Cisco Configuration Assistant, as described in the Cisco SBCS Basic Implementation Guide available at the following URL: http://www.cisco.com/go/smartdesigns.

14Adding a Cisco Small Business 300 Series Switch to SBCS 2.0

Application Note For More Information

Smart Business Communications Systems 2.0

For More Information • Cisco SMART Designs for Small Business Solutions—http://www.cisco.com/go/smartdesigns

• Cisco SMART Designs for SBCS Solutions—http://www.cisco.com/go/smartdesigns/sbcs

• Cisco Small Business support community—http://www.cisco.com/go/smallbizsupport

• Cisco Small Business 300 Series switches—http://www.cisco.com/go/300switches

• Data Sheet for Cisco Small Business 300 Series switches— http://www.cisco.com/en/US/prod/collateral/switches/ps5718/ps10898/data_sheet_c78-610061.html

• Administration guide for Cisco Small Business 300 Series switches—http://www.cisco.com/en/US/docs/switches/lan/csbms/sf30x_sg30x/administration_guide/78-19308.pdf

15Adding a Cisco Small Business 300 Series Switch to SBCS 2.0

Application Note For More Information

Smart Designs

16Adding a Cisco Small Business 300 Series Switch to SBCS 2.0