inGate 1190 Firewall Application Note Download | Manualshive

Page: 24 / 37

background image

Avaya QE - Configuration Guide

pg. 22

3)

Enter the Default Gateway for the Ingate SIParator. The Default Gateway for
the SIParator will be the existing Firewalls IP Address on the DMZ network.

4)

Enter the existing Firewall’s external WAN/Internet IP Address. This is used to
ensure correct SIP Signaling and Media traversal functionality. This is required

when the existing Firewall is providing NAT.

5)

Enter a Port Range of media ports you need to configure the firewall to forward

to the LAN SIParator

6)

Enter the DNS Servers for the Ingate Firewall. These DNS Servers will be used
to resolve FQDNs of SIP Requests and other features within the Ingate. They

can be internal LAN addresses or outside WAN addresses.

7)

On the Existing Firewall, the SIP Signaling Port and RTP Media Ports need to be

forwarded to the Ingate SIParator. The Ingate SIParator is an ICSA Certified
network edge security device, so there are no security concerns forwarding

network traffic to the SIParator.

On the existing Firewall:

a.

Port Forward the WAN/Internet interface SIP Signaling port of 5060

with a UDP/TCP Forward to the Ingate SIParator

b.

Port Forward the a range of RTP Media ports of 58024 to 60999 with a

UDP Forward to the Ingate SIParator

«
...
22
23
24
25
26
...
»

Summary of Contents for 1190 Firewall

Page 1: ...Avaya QE Configuration Guide Application Note Avaya QE Configuration Guide 17 July 2008...

Page 2: ...oduct Type DMZ LAN SIParator 17 3 3 5 Product Type LAN SIParator 19 3 3 6 Product Type LAN SIParator SBE SIParator Only 21 3 4 IP PBX SETUP FOR AVAYA QE 23 3 5 ITSP FOR AVAYA QE 24 3 6 UPLOAD CONFIGUR...

Page 3: ...aya QE solution Thanks to detailed interoperability testing Ingate has been able to create this tool with pre configured set ups for the Avaya QE and various ITSPs Download Free of Charge The Startup...

Page 4: ...describe a process to connect the Ingate unit to the network then have the Ingate Startup Tool assign an IP Address and Password to the Unit Configuration Steps 1 Connect Power to the Unit 2 Connect...

Page 5: ...Tool are on the same LAN Subnet to which you are going to assign an IP Address to the Ingate Unit Note When configuring the unit for the first time avoid having the Startup Tool on a PC Server on a d...

Page 6: ...Web administration is not possible unless an IP Address and Password are assigned to the unit via the Startup Tool or Console port In the Startup Tool when selecting Configure the unit for the first t...

Page 7: ...unit for the first time 4 Other Options in the Select first what you would like to do a Select Configure SIP Trunking if you want the tool to configure SIP Trunking between a IP PBX and ITSP b Select...

Page 8: ...lect Creating a config without connecting to a unit if you want the tool to just create a config file g Select The tool remembers passwords if you want the tool to remember the passwords for the Ingat...

Page 9: ...ange or update configuration of the unit the Startup Tool will connect directly with the Ingate Unit on the network with the provided IP Address and Password When completed the Startup Tool will compl...

Page 10: ...e configuration of the unit 4 Other Options in the Select first what you would like to do a Select Configure SIP Trunking if you want the tool to configure SIP Trunking between a IP PBX and ITSP b Sel...

Page 11: ...want the tool to apply the settings to an Ingate unit and save the config file f Select Creating a config without connecting to a unit if you want the tool to just create a config file g Select The to...

Page 12: ...e When selected each type has a unique set of programming and deployment requirements be sure to pick the Product Type that matches the network setup requirements Configuration Steps 1 In the Product...

Page 13: ...t Configuration Steps 1 In Product Type select Firewall 2 Define the Inside Interface Eth0 IP Address and Netmask This is the IP Address that will be used on the LAN side on the Ingate unit 3 Define t...

Page 14: ...orresponding information required to generate a certificate 5 Enter the Default Gateway for the Ingate Firewall The Default Gateway for the Ingate Firewall will always be an IP Address of the Gateway...

Page 15: ...existing Firewall is in parallel and independent of the SIParator Firewall is the primary edge device for all data traffic out of the LAN to the Internet The SIParator is the primary edge device for...

Page 16: ...ternet to the Ingate Unit for remote administration c Select Allow https access to web interface from Internet d Create a Private Certificate for https access enter the corresponding information requi...

Page 17: ...Firewall is the primary edge device for all data and voice traffic out of the LAN and DMZ to the Internet SIP Signaling and Media must be forwarded to the Ingate SIParator both from the Internet to th...

Page 18: ...s and other features within the Ingate They can be internal LAN addresses or outside WAN addresses 7 On the Existing Firewall the SIP Signaling Port and RTP Media Ports need to be forwarded to the Ing...

Page 19: ...Firewall is the primary edge device for all data and voice traffic out of the LAN and DMZ to the Internet SIP Signaling and Media must be forwarded to the Ingate SIParator from the Internet to the SI...

Page 20: ...Signaling and Media traversal functionality This is required when the existing Firewall is providing NAT 6 Enter the DNS Servers for the Ingate Firewall These DNS Servers will be used to resolve FQDN...

Page 21: ...e primary edge device for all data and voice traffic out of the LAN to the WAN Internet SIP Signaling and Media must be forwarded to the Ingate SIParator from the Internet to the SIParator The voice t...

Page 22: ...s will be used to resolve FQDNs of SIP Requests and other features within the Ingate They can be internal LAN addresses or outside WAN addresses 6 On the Existing Firewall the SIP Signaling Port and R...

Page 23: ...twork the existing Firewall is the primary edge device for all data and voice traffic out of the LAN to the WAN Internet SIP Signaling and Media must be forwarded to the Ingate SIParator from the Inte...

Page 24: ...NS Servers for the Ingate Firewall These DNS Servers will be used to resolve FQDNs of SIP Requests and other features within the Ingate They can be internal LAN addresses or outside WAN addresses 7 On...

Page 25: ...raffic for the use with SIP Trunking and Remote Phones The IP Address of the IP PBX must be on the same network subnet at the IP Address of the inside interface of the Ingate unit Ingate has confirmed...

Page 26: ...ciated to the incoming call characteristics So the Avaya QE registers to the Ingate and the Ingate sends the incoming call to these registered users identities 3 5 ITSP for Avaya QE The ITSP section i...

Page 27: ...roviders come in one of two flavors either they have a trusted IP deployment or they require a Registration account a In the case where the Service Provider uses a Trusted IP deployment all which is r...

Page 28: ...DIDs will be directed from the Ingate to the registration Identities from the Avaya QE The Startup Tool also has the ability to program a sequential range of DIDs d The Avaya QE requires the use of In...

Page 29: ...M character Many IP PBX and ITSPs either need to add or remove this character prior to sending or receiving SIP requests Here you can enter values to Match and remove from the Request URI 3 6 Upload C...

Page 30: ...rtup Tool will push a database into the Ingate unit 2 When the Startup has finished uploading the database a window will appear and once pressing OK the Startup Tool will launch a default browser and...

Page 31: ...Avaya QE Configuration Guide pg 29 4 A new page will appear after the previous step requesting to save the configuration Press Save Configuration to complete the saving process...

Page 32: ...a QE will add devices into the Device Management section as each phone or gateway is connected to the LAN These are the Extensions of the Avaya QE Users can call these extensions from their Avaya phon...

Page 33: ...e IP Address of the Ingate or FQDN b Proxy Host IP Address of the Ingate or FQDN c Proxy Port 5060 d Registrar Host IP Address of the Ingate or FQDN e Registrar Port 5060 f Outbound Proxy Host Blank g...

Page 34: ...llowing a Identity Enter an Identity that matches the Identity entered in Section 3 5 Configuration Step 2d b Authorized User Enter the Identity number same as above c Password Enter a Password d Inco...

Page 35: ...Avaya QE Configuration Guide pg 33 5 Avaya QE Dial Configuration needs no adjustment Simply to use the Service Provider the 8 prefix needs to be dialed from the Avaya phone...

Page 36: ...roubleshooting 5 1 Avaya QE Identity Registration Information Here is how the Avaya QE Identities register to Ingate s Registrar The Avaya QE Identities provider Username Authentication Username Passw...

Page 37: ...egistration or whether the ITSP was a just an IP depends on whether the Startup Tool creates a Static Registration or a User Routing For ITSPs that just use IP addresses a Static Route will be created...

Reviews:

No comments

Related manuals for 1190 Firewall

Advanced Threat Prevention Appliance

Brand: Juniper Pages: 120

Brand: Tandberg Data Pages: 67

Brand: Draytek Pages: 56

Brand: HotBrick Pages: 89

Brand: Sophos Pages: 4

Brand: Fortinet Pages: 374

Brand: Mackie Pages: 40

Brand: EVOC Pages: 33

Brand: Tavve Pages: 389

CloudGen F800 C

Brand: Barracuda Pages: 11

CloudGen F900 Revision B CCC

Brand: Barracuda Pages: 7

Brand: SonicWALL Pages: 2

ZyXEL ZyWALL USG-1000

Brand: ZyXEL Communications Pages: 986

Brand: Sophos Pages: 14

Brand: Innominate Pages: 260

Brands by name

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Popular brands

Load more brands