Inherited a system that has likely not been properly maintained for about 10 years. Add to this that the firewall had to be replaced because the original one was not accessible because the former admin forgot the credentials.
Then the ancient Windows 2003 DHCP server was decommissioned because the RAID kept failing and the device is so old that it appeared safest to decommission it and put a newer device in its place.
As the new IT admin, I am still in the process of discovery of all the pieces and how they fit together. I believe I have all the devices identified at this point and have access to all devices that are relevant to my problem.
Device list:
- Mitel 5220 IP POE phones
- switch room:
- 2 Dell PowerConnect 3448P POE switches
- server room:
- 1 Dell PowerConnect 2748 switch unmanaged mode
- Sonicwall TZ215
- Mitel 3300 DHCP server
The default VLAN subnet is 10.1.30.0/24. Vlan 40 for IP phones subnet is 10.1.20.0/24.
The Mitel 3300 is running DHCP (10.1.20.0/24) as is the Sonicwall (10.1.30.0/24).
The 3448Ps are reachable on 10.1.30.5 and 10.1.30.6 for administration.
The Sonicwall is connected to the Dell PowerConnect 2748 switch, which is connected to port 1 of the 10.1.30.5 3448P. Mitel 3300 is connected to port 1 of 10.1.30.6 3448P.
On the 3448Ps, ports VLAN membership is set up as follows:
- port 1 on 10.1.30.5 3448P is default VLAN only, untagged (2748 switch, unmanaged connected).
- port 2 on 10.1.30.5 3448P is VLAN 40 only, untagged (nothing connected).
- all other ports are untagged for default vlan and tagged for vlan 40, trunked
The old Windows 2003 DHCP server had a DHCP option set up as follows:
- 001 Mitel Vendor Class
- Default User Class
- id:ipphone.mitel.com;sw_tftp=10.1.20.2,call_srv=10.1.20.2;vlan=40
I don't know how to replicate that on the Sonicwall DHCP server - and I not sure that matters as the phones are not having any issues. They obtain their DHCP info quickly and without fail (unless I disconnect the Mitel 3300, obviously).
Even if I connect a Mitel phone to the 2748 (via POE) injector and disconnect the 3448P switches and the rest of the network and connect the TZ215 and Mitel 3300 directly to the 2748, the phones are OK. Even tried with an unmanaged Netgear switch in place of the 2748 and the phones are OK with the 2 DHCP servers - they always get a 10.1.20.x IP without a problem.
The issue is that the default VLAN devices, i.e. anything but the Mitel phones, are getting 10.1.20.x IP addresses from the Mitel 3300. Not all the time, but often enough for it to be a problem. Or they fail to get an address from either DHCP server.
It appears that if I restart the "dumb" switch in between the SonicWall TZ 215 and the 3448Ps, things work well for a while. Less than an hour, then it gets progressively worse.
What is the right approach here? Is this a VLAN issue? Is there any way to tell the Mitel to not respond to requests from things that don't have the Mitel MAC prefix?
Should the phones be getting a 10.1.30.x IP and then be redirected to the Mitel?
Should I be running 10.1.20.0/24 from the SonicWall?
Obviously, I am in great need of pointers...
Thanks to anyone willing to assist.