If you are running UniFi switching and routing platforms here's a quick guide on setting up a couple of simple VLANs for Data, Voice access. The benefit here is that the phones can operate on a separate network to your data traffic and voice can also be prioritized as it flows through the system.
Note: This document assumes a UniFi Security Gateway and UniFi switch(es) being used for your network. Also either a local or remote cloud controller instance.
A freshly built controller will usually only have definitions for 2 x networks, one labelled LAN and the other WAN
The LAN network will be a 'Corporate' network definition where the USG has the ability to hand out client IPs via it's built in DHCP server and this network definition will also be defined by default as the 'Native' VLAN on your UniFi Switches i.e. any untagged Ethernet frames will be placed onto this network. If you were to leave in this configuration your voice traffic and data traffic would all co-exist on the same network with the same IP subnet addressing.
If you prefer to separate out your voice traffic onto its own network away from the data traffic there is an easy way to do this on the UniFi platform.
1. Create a new network profile for your voice traffic.
Save this network and it will be provisioned to your switches and router.
Next we want to tell the system what networks are to be used as voice and native.
In a more complex arrangement you could have a tagged native VLAN for your data and another tagged for guest but that is beyond the intention and scope of this document.
If you go to "Profiles>>Switch Ports" You will now also see a profile for this network.
Leave this profile alone for now, we are going to create our own port profile with some differing specifications.
Click 'Add New Port Profile' set the data network as the 'Native Network' (untagged/computer/printer etc traffic will go here) and select the voice network in the 'Tagged Networks' section. Also choose your voice network as the 'Voice Network'. This last option informs the UniFi system to prioritise traffic that originates on the network.
Lastly make sure your have LLDP-MED enabled for the profile as well.
All the background work is done now and the final task is to apply our new port profile to the switch ports that you want to use it on.
Select the ports you want to use this service and scroll right to the bottom of the list and click 'Edit Selected'
Here you can chose you new port profile to apply to the selected ports
Leave your trunk port (uplinks to your router and other switches, these should be left with the 'All' port profile so as to carry ALL VLAN traffic). I also like to leave a 'safety' port so that if you mess it up you're not accidentally locking yourself out of the switch. Just plug a computer into your safety port if you do this to regain access to your system or if everything goes as you expect then go back and provision this port as well :)
All going well you should be able to re-start your phones (hint: you can power cycle from the ports section of the UniFi switch configuration) and the LLDP-MED feature will let the phones know which VLAN they should be using, other devices will ignore this and stay on the default data VLAN. Be patient as some phones do take a while to recognise this and change to the right VLAN value. Note that devices connected to the data port of the phone will still be on the data network as well.
You should now see that you computers and phones are on differing subnets.
NOTE: Dont panic if you don't see the IP address of the phone listed against the client profile in the controller. Devices not accessing the Internet don't always show this detail in the dashboard but you should still be able to see it's mac address and also the physical switch port it is connected to.
