Patton electronics SmartWare R.3.20 Software Configuration Manual Download Page 283 | Manualshive

Page: 283 / 573

background image

VPN configuration task list

283

SmartWare Software Configuration Guide

25 • VPN configuration

Transport and tunnel modes

The mode determines the payload of the ESP packet and hence the application:

•

Transport mode: Encapsulates only the payload of the original IP packet, but not its header, so the IPsec
peers must be at the endpoints of the communications link.

•

A secure connection between two hosts is the application of the transport mode.

•

Tunnel mode: Encapsulates the payload and the header of the original IP packet. The IPsec peers can be
(edge) routers that are not at the endpoints of the communications link.

A secure connection of the two (private) LANs, a ‘tunnel’, is the application of the tunnel mode.

Key management

The current implementation of IP works with pre-shared keys (also called manual keying or manual IPsec) or
using Internet Key Exchange (IKE). Keys are manually generated, distributed, and stored as a hexa-decimal
string in the startup-configuration of the SmartNode and its peer.

Note

Depending on the processing hardware applied to reverse engineering a DES
key, it can take from 3 hours to 3 days to break the key. Thus, for maximum
security, DES keys must be manually updated regularly. AES- or 3DES-keys,
because they are much more complex, take so much longer to break as to be
practically infinite.

The automatically keyed IPSEC connections using the Internet Key Exchange (IKE / RFC2409) protocol that
is based on Internet Security Association and Key Management Protocol (ISAKMP / RFC2408) is the other
option. IKE supports authentication using pre-shared keys. There is currently no support for authentication
using Public Key Infrastructure (PKI) and digital certificates.

VPN configuration task list

To configure a VPN connection, perform the following tasks:

•

Creating an IPsec transformation profile

•

Creating an IPsec policy profile

•

Creating/modifying an outgoing ACL profile for IPsec

•

Configuration of an IP Interface and the IP router for IPsec

•

Displaying IPsec configuration information

•

Debugging IPsec

Creating an IPsec transformation profile

The IPsec transformation profile defines which authentication and/or encryption protocols, which authentica-
tion and/or encryption algorithms shall be applied.

Procedure:

To create an IPsec transformation profile

«
...
281
282
283
284
285
...
»

Summary of Contents for SmartWare R.3.20

Page 1: ...elease 3 20 Software Configuration Guide Sales Office 1 301 975 1000 Technical Support 1 301 975 1007 E mail support patton com URL www patton com Document Number 13211U8 001 Rev E Part Number 07MSWR3...

Page 2: ...document is furnished under license and may be used or copied only in accor dance with the terms of such license Released Build Numbers This version of the Software Configuration Guide is for SmartWa...

Page 3: ...cheduler configuration 141 14 Serial port configuration 160 15 T1 E1 port configuration 179 16 Basic IP routing configuration 189 17 RIP configuration 196 18 Access control list configuration 206 19 S...

Page 4: ...36 FXS port configuration 469 37 FXO port configuration 474 38 H 323 gateway configuration 478 39 SIP gateway configuration 491 40 VoIP profile configuration 506 41 PSTN profile configuration 528 42 V...

Page 5: ...or Europe Middle East and Africa EMEA 31 Warranty Service and Returned Merchandise Authorizations RMAs 32 Warranty coverage 32 Returns for credit 32 Return for credit policy 32 RMA numbers 32 Shipping...

Page 6: ...rocedure 50 50 Telnet Procedure 51 Using an alternate TCP listening port for the Telnet server 51 Disabling the Telnet server 51 Logging on 51 Selecting a secure password 52 Password encryption 53 Fac...

Page 7: ...77 Modifying the running configuration offline 78 Deleting a specified configuration 79 Encrypted file download 80 Encrypted Configuration Download 80 Use Cases 81 7 Basic system management 83 Introdu...

Page 8: ...nfiguring quality of service QoS 110 10 IP interface configuration 111 Introduction 112 IP interface configuration task list 112 Creating an IP interface 112 Deleting an IP interface 113 Setting the I...

Page 9: ...e IP addresses on Ethernet ports 134 Configuring a VLAN 135 Configuring layer 2 CoS to service class mapping for an Ethernet port 136 Adding a receive mapping table entry 137 Adding a transmit mapping...

Page 10: ...sk list 161 Disabling an interface 162 Enabling an interface 162 Configuring the serial encapsulation type 163 Configuring the hardware port protocol 164 Configuring the active clock edge 165 Configur...

Page 11: ...channel group 188 Example 3 PPP without a channel group 188 Example 4 PPP with a channel group 188 16 Basic IP routing configuration 189 Introduction 190 Routing tables 190 Static routing 190 Policy r...

Page 12: ...g an ICMP filter rule to the current access control list profile 212 Adding a TCP UDP or SCTP filter rule to the current access control list profile 214 Binding and unbinding an access control list pr...

Page 13: ...P and a list of other NTP servers 244 21 DHCP configuration 245 Introduction 246 DHCP client configuration tasks 247 Enable DHCP client on an IP interface 247 Release or renew a DHCP lease manually ad...

Page 14: ...out authentication numbered interface 280 With authentication unnumbered interface 280 25 VPN configuration 281 Introduction 282 Authentication 282 Encryption 282 Transport and tunnel modes 283 Key ma...

Page 15: ...ontext overview 300 Introduction 301 CS context configuration task list 302 Planning the CS configuration 302 Configuring general CS settings 304 Configuring call routing 305 Creating and configuring...

Page 16: ...342 Call waiting 342 Making a second call while holding first call 343 FXS interface configuration task list 344 Configuring a subscriber number recommended 344 Configuring an alternate PSTN profile o...

Page 17: ...nal 373 Configuring early call connect disconnect optional 374 Configuring a phone context optional 374 Mapping call control properties to SIP headers 375 Configuring ISDN Redirecting Number Tunneling...

Page 18: ...mapping tables 414 Creating complex functions 415 Deleting complex functions 416 Digit collection sending complete behavior 417 Sending Complete 417 Ingress interface 417 Call Router 418 Egress Inter...

Page 19: ...troduction 470 Shutdown and enable FXS ports 470 Bind FXS ports to higher layer applications 471 Configure country specific FXS port parameters 471 Other FXS port parameters 472 Example 472 37 FXO por...

Page 20: ...dvanced configuration options optional 498 Changing the listening port for inbound call signaling 498 Define session timer version 498 Define call transfer version 499 SIP Profile 500 Manually configu...

Page 21: ...ing strategy 533 Filtering debug monitor output 534 Verifying IP connectivity 534 Debugging call signaling 535 Debugging ISDN signaling 535 Verify an incoming call 536 Verify an outgoing call 537 Veri...

Page 22: ...Command summary 563 Introduction 564 New Configuration Commands 565 Other 565 Show help 565 Show command history 565 Restart system 565 D Internetworking terms acronyms 566 Abbreviations 567 E Used IP...

Page 23: ...rded as a single source host 148 26 Structure of a Service Policy Profile 150 27 Using a Service Policy Profile on an IP Interface 157 28 IP interface wan is bound to PVC 1 on port serial 0 0 172 29 T...

Page 24: ...examples 432 64 Limiter service diagram 434 65 Priority service diagram 435 66 CS Bridge service VoIP Leased Line diagram 436 67 Bridge services diagram 437 68 Call routing example network 441 69 CS...

Page 25: ...detail of the queuing statistics 159 8 Details available in the Trap Details window 231 9 Time servers operated by NIST 243 10 Command Summary 343 11 ISDN number types 388 12 Routing table types 389...

Page 26: ...ers Maintenance technicians How to read this guide SmartWare is a complex and multifaceted operating system Without the necessary theoretical background you will not be able to understand and use all...

Page 27: ...eneral overview of SmartNode interfaces and describes the tasks involved in their configuration Chapter 11 NAT NAPT configuration on page 122 provides a general overview of the network address port tr...

Page 28: ...erfaces and the tasks involved their configuration Chapter 30 FXO interface configuration on page 348 provides an overview of FXO interfaces and the tasks involved in configuring them Chapter 31 H 323...

Page 29: ...ndix A Terms and definitions on page 553 contains the terms and their definitions that are used throughout this SmartWare Software Configuration Guide Appendix B Mode summary on page 559 illustrates t...

Page 30: ...View button in the Adobe Acrobat Reader toolbar to return to your starting point Futura bold type Commands and keywords are in boldface font Futura bold italic type Parts of commands which are related...

Page 31: ...ort Available at www patton inalp com E mail support E mail sent to support patton inalp com will be answered within 1 business day Telephone support Standard telephone support is available five days...

Page 32: ...the purchase price If you have ordered the wrong equipment or you are dissatisfied in any way please contact us to request an RMA number to accept your return Patton is not responsible for equipment r...

Page 33: ...33 Chapter 1 System overview Chapter contents Introduction 34 SmartWare embedded software 35 Applications 36 Carrier networks 36 Enterprise networks 37 LAN telephony 38...

Page 34: ...he SmartNode devices also referred to as hardware platforms or net work nodes that provide the physical connectivity the CPU and DSP resources All SmartNode models support packet routed and circuit sw...

Page 35: ...y allowing classi fication shaping and scheduling of multiple service classes For more detailed hardware information refer to the getting started guide that came with your Smart Node system Figure 1 B...

Page 36: ...in a multi service IP based provider network plays a vital role It pro vides the service access point for the subscriber with respect to physical connectivity and protocol interopera bility Since the...

Page 37: ...s SmartNodes can be used to converge voice and data communications on the same IP link In combination with centralized services such as groupware and unified messaging the SmartNodes provide migration...

Page 38: ...standalone gateway has performance reliability and scalability advantages compared with PC based gateway cards In this application the SmartNode also offers a migration path to enterprise or carrier n...

Page 39: ...oncepts Chapter contents Introduction 40 Contexts and Gateways 41 Context 41 Gateway 41 42 Interfaces Ports and Bindings 42 Interfaces 42 Ports and circuits 42 Bindings 42 Profiles and Use commands 43...

Page 40: ...ing of circuit switched and packet routed networks and services In order to consistently support a growing set of functions protocols and applications SmartWare configuration is based on a number of a...

Page 41: ...ncept for newly supported net work layer technologies without complicating the configuration methods of existing features For example as bridging ATM or FR switching becomes available so a bridging AT...

Page 42: ...ng line code framing and encapsulation formats or media access control Before any higher layer user data can flow through a physical port or circuit you must associate that port or circuit with an int...

Page 43: ...or gateways This concept allows to avoid repetitions of groups of configuration commands that are the same for multiple elements in a configuration Profiles used in the IP and CS contexts are shown in...

Page 44: ...Introduction 45 Command modes 45 CLI prompt 45 Navigating the CLI 46 Initial mode 46 System changes 46 Configuration 46 Changing Modes 46 Command editing 46 Command help 46 The No form 46 Command comp...

Page 45: ...All commands are mode specific and certain commands are valid in more than one mode A command mode provides command line completion and context help within the mode The command modes are organized hi...

Page 46: ...ession can also be terminated by using the logout command within any mode Command editing Command help To see a list of all CLI commands available within a mode type a question mark or the tab key at...

Page 47: ...l or Ctrl depending on the key board and operating system of your computer Esc f is handled differently press and release the escape key often labeled Esc on many keyboards and then press the f key Ta...

Page 48: ...1 Disabling the Telnet server 51 Logging on 51 Selecting a secure password 52 Password encryption 53 Factory preset administrator account 53 Creating an operator account 53 Creating an administrator a...

Page 49: ...and and then press the tab key the SmartWare shell will present you with either the remaining portion of the command or a list of possible commands These features are described in chapter 3 Command li...

Page 50: ...tings if you access the SmartNode via the console port Console port procedure Before using the CLI to enter configuration commands do the following 1 Set up the hardware as described in the getting st...

Page 51: ...ng in Using an alternate TCP listening port for the Telnet server The following command defines an alternate listening port for the telnet server Mode Configure Disabling the Telnet server The telnet...

Page 52: ...same password repeatedly Example Your ATM PIN cell phone voice mail house alarm setting code etc Could your password or a portion thereof be found in the dictionary Is your password less than six char...

Page 53: ...d only the newly created administrator account is available You can create more than one adminis trator account but there has to be at least one administrator account defined If for some reason the la...

Page 54: ...isplaying the CLI version This procedure displays the version of the currently running CLI Mode Operator execution Example Displaying the CLI version The following example shows how to display the ver...

Page 55: ...s how to change from your current user account to an administrator account starting from the operator execution mode In the example below the who command is used to check the identity within both acco...

Page 56: ...tor support Command index numbers A command index number indicated by the boldface 1 2 and 3 index numbers in the example below indi cates the position of a command in a list of commands that is a com...

Page 57: ...s are automatically renumbered Example 2 Moving the G 723 codec back position 3 This command moves the G 723 codec from the top to third place As a result the other two codecs move up in the list as t...

Page 58: ...n configuration mode node logout Press yes to logout no to cancel After confirming the dialog with yes the Telnet session is terminated Note Using the command exit in the operator execution mode also...

Page 59: ...Introduction 60 Memory regions in SmartWare 60 System image handling task list 62 Displaying system image information 62 Copying system images from a network server to Flash memory 63 Auto provisionin...

Page 60: ...rver s memory the Volatile memories and the Per sistent memory The remote tftp server has one logical region tftp which can contain various configuration files and batch files for system software upgr...

Page 61: ...ed numerous user defined operating configuration files you can change the startup default configuration file simply by copying the selected config file into startup config and rebooting the SmartNode...

Page 62: ...elease version and the current hardware configuration If you have just completed a download of new system software from the tftp server you must execute the reload command in order to be running with...

Page 63: ...A new system image file must be stored permanently into the flash memory of your SmartNode to be present when booting the device Downloading a new system image file means storing it permanently at a d...

Page 64: ...a software upgrade Refer to the release notes of the upgrade to find out which one to use Auto provisioning of firmware and configuration The auto provisioning capability enables you to automatically...

Page 65: ...ommand The last option can be used to e g reload a unit at 2 a m after a successful automatic upgrade Step Command Purpose 1 name pf prov CONFIG destination configuration Chooses the unit s startup co...

Page 66: ...TP server IP as delivered by the DHCP server only if DHCP is enabled dhcp 67 DHCP option 67 Boot file name as delivered by the DHCP server only if DHCP is enabled To use and debug provisioning To cont...

Page 67: ...ing up the entire system is handling the operating configuration The configuration startup config is copied from the logical region nvram in nonvolatile memory to the logical region running config in...

Page 68: ...m image handling The bootloader ensures that basic operations network access and downloads are possible in case of interrupted or corrupted application image downloads Note Refer to the getting starte...

Page 69: ...ration with a configuration from Flash memory 74 Copying configurations to and from a remote storage location 75 Replacing the startup configuration with a configuration downloaded from TFTP server 76...

Page 70: ...then switch to the configuration mode with the command configure Once in configuration mode enter the configuration commands that are necessary to configure your SmartNode You can also create a new co...

Page 71: ...123 version 4 sntp client poll interval 600 sntp client gmt offset 01 00 00 system definitions system clock source 1 2 hostname node IP context configuration context ip router route 0 0 0 0 0 0 0 0 17...

Page 72: ...s factory configuration initially parameterizes the most useful network and component settings of SmartWare Once a user specific configuration is created and stored as the startup configuration the fa...

Page 73: ...mory Configuration files may be copied into the local memory in order to switch between different configurations Remember the different local memory regions in SmartWare as shown in figure 11 Figure 1...

Page 74: ...predefined configuration file names for which it is optional to specify the memory region namely factory config startup config and running config Mode Administrator execution Example Backing up the s...

Page 75: ...e persistent memory region nvram are often uploaded to the remote data store for backup edit or cloning pur poses The latter procedure is very helpful when you have several SmartNode devices each usin...

Page 76: ...new startup nvram startup config Download 100 node cfg 2 Check the content of the persistent startup configuration by listing its command settings with the show command node show nvram startup config...

Page 77: ...e Because it is located in volatile memory to be made permanent your modifications must be copied to the persistent non volatile memory In most cases you will store it as the upcoming startup configur...

Page 78: ...region nvram under the name startup config Finally restart the SmartNode by using the reload command to activate the changes Mode Administrator execution Step Command Purpose 1 node copy running conf...

Page 79: ...guration file current config on the TFTP server takes place node copy tftp 172 16 36 80 user current config nvram startup config Download 100 node reload Press yes to restart no to cancel yes The syst...

Page 80: ...ized users have configuration access to the SmartNode The configurations can be stored in plain form on the SmartNode SNMP Write Access shall be restricted by means of communities and ACLs to prevent...

Page 81: ...e key contains more than 24 characters only the first 24 characters are considered The key may contain variables that are resolved when the key file is downloaded to a SmartNode Using this mechanism y...

Page 82: ...al using the CLI copy command the auto provisioning feature HTTP or SNMP download The SmartNode automatically detects that a downloaded file is encrypted and tries to decrypt the file using the pre in...

Page 83: ...e system banner 87 Setting time and date 88 Display clock information 88 Display time since last restart 89 Configuring the Web server 89 Determining and defining the active CLI version 89 Restarting...

Page 84: ...task list All tasks in the following sections are optional though some such as setting time and calendar services and sys tem information are highly recommended To configure basic system parameters pe...

Page 85: ...ile on a TFTP server node cfg copy tftp 172 16 4 3 keystore myLicense lic licenses Mode Configure Example Installing license keys from the console The following example shows the command used to insta...

Page 86: ...n to describe the system physical location of your SmartNode e g server room wiring closet 3rd floor etc is very supportive This entry corresponds to the MIB II system sys Location object The system p...

Page 87: ...ators and operators such as scheduled maintenance or system shutdowns By default no banner is present on login To create a system banner use the banner command followed by the message you want display...

Page 88: ...rated SNTP client allows synchronization of time of day and date to a reference time server Refer to chapter 20 SNTP client configuration on page 235 for more details Example Setting time and date The...

Page 89: ...he configuration mode node cfg webserver language en node cfg webserver port 80 Determining and defining the active CLI version SmartWare allows having a number of CLI version installed together where...

Page 90: ...g configuration no need to type yes or no The question whether to save the running configuration is automatically answered with no the question whether to reload or not with yes Mode Administrator exe...

Page 91: ...tch back a suspended command and terminate a currently active command on your device if you start from the configu ration mode node ping 172 16 36 80 1000 timeout 3 Sending 1000 ICMP echo requests to...

Page 92: ...mpletion for detailed description of all configuration options Some examples timer FIRMWARE_UPDATE now 2 minutes every 10 minutes provisioning execute FIRMWARE Starts a timer named FIRMWARE_UPDATE who...

Page 93: ...it for a specified period of time This makes identification of the physical unit very easy Step Command Purpose 1 node show crc filename Displays checksum of a configuration Step Command Purpose 1 nam...

Page 94: ...t 96 General AAA Configuration 97 RADIUS configuration 99 Configuring RADIUS clients 100 Configuring RADIUS accounting 101 Configuring the RADIUS server 103 Attributes in the RADIUS request message 10...

Page 95: ...a user usually in the form of a login window where the user is expected to enter a username and password before allowing access to a client The AAA component compares the user s authentication login i...

Page 96: ...the sequence in which methods are applied to obtain AAA information Figure 15 illustrates the correlation between the Telnet login and console login services Figure 15 How to use AAA methods and AAA p...

Page 97: ...onsole login services node enable node configure node cfg profile authentication remote radius node pf auth remote method radius radius_deepblue node pf auth remote method radius radius_extern node pf...

Page 98: ...second The Tel net login and the console login service use this profile If an emergency occurs you can reload this default configuration by reloading the factory configuration as described in section...

Page 99: ...radius_extern node radius radius_ radius server 219 144 12 1 node radius radius_ shared secret authentication dd9351e13cc335 node radius radius_ exit node cfg node cfg show radius client RADIUS clien...

Page 100: ...n a ATTRIBUTE Connect Time 33 string Patton a ATTRIBUTE Disconnect Time 34 string Patton a ATTRIBUTE Disconnect Cause 35 integer Patton b ATTRIBUTE Disconnect Source 36 string Patton c ATTRIBUTE Calle...

Page 101: ...Define your newly created radius client as the AAA method to be used Note If you require redundancy you can create multi ple radius clients and add all of them to the AAA profile 6 node pf auth pf nam...

Page 102: ...erim update shall be sent if necessary The default is not to send periodic interim updates 14 node svc aaa svc name port name Create a port for the routing path you want to route through the AAA servi...

Page 103: ...vendor data including Vendor Type and Vendor Length Vendor String Not null terminated String with the value console or Telnet Configuring the local database accounts The final step in configuring the...

Page 104: ...g Note If you are creating an account that does not require a password type to indicate that no password is needed For example if you were configuring an account for an operator named James that did n...

Page 105: ...ning your IP configuration 109 IP interface related information 109 QoS related information 109 Configuring physical ports 109 Creating and configuring IP interfaces 109 Configuring NAPT 110 Configuri...

Page 106: ...IP related protocols and services for data and voice The IP context performs much the same function as a standalone IP router and since every context is defined by a name the IP context is named rout...

Page 107: ...ng configuration on page 189 and chapter 17 RIP configuration on page 196 give you the required information For essential knowledge related to network security requirements refer to chapter 18 Access...

Page 108: ...does your provider perform packet classification e g which ToS bits have to be used to define the sup ported classes of service Configuring physical ports The configuration of a port includes paramet...

Page 109: ...routing traffic in the global Internet and is an interior gateway protocol IGP which means that it performs routing within a single autonomous system RIP sends routing update messages at regular inte...

Page 110: ...h the order of the condi tions is critical If no conditions match the software rejects the address For information and examples on how configure access control lists refer to chapter 18 Access control...

Page 111: ...T DMZ interface 115 ICMP message processing 116 ICMP redirect messages 116 Router advertisement broadcast message 116 Defining the MTU and MSS of the interface 117 Configuring an interface as a point...

Page 112: ...rm the tasks in the following sections Creating an IP interface see page 112 Deleting an IP interface see page 113 Setting the IP address and netmask see page 114 ICMP message processing see page 115...

Page 113: ...ult Deleting an existing interface in the IP context is often necessary Mode Context IP Example Delete IP interfaces The procedure below assumes that you would like to delete an IP interface named ext...

Page 114: ...specific IP interfaces to be excluded from NAPT translations although their traffic is routed through an IP interface to which a NAPT profile is bound This configuration is usually neces sary for DMZ...

Page 115: ...The redirect message instructs the sender to remove the receiving device from the route and substitute a specified device representing a more direct path This feature is enabled by default ICMP messa...

Page 116: ...edium must have the same protocol MTU in order to operate accurately Procedure To set the MTU packet size or the MSS to size on the interface name Mode Interface Example Defining the MTU of the interf...

Page 117: ...e ctx ip router interface lan node if ip lan point to point Displaying IP interface information The show ip interface command displays IP information for all interfaces The command is available in ope...

Page 118: ...g for a reply datagram from that host Results from this echo protocol can help in evaluating the path to host reliability delays over the path and whether the host can be accessed or is functioning Mo...

Page 119: ...xecution mode node ping 172 16 1 10 Sending 5 ICMP echo requests to 172 16 1 10 timeout is 1 seconds Reply from 172 16 1 10 Time 10ms Reply from 172 16 1 10 Time 10ms Reply from 172 16 1 10 Time 10ms...

Page 120: ...1 Lost 0 0 loss RTT Minimum 10ms Maximum 10ms Average 10ms Example Display the ARP information node cfg show arp IP Interface eth0 Remote IP Remote MAC State TTL TxReq RxRep Usage 69 138 216 1 00 01...

Page 121: ...e 2 node if ip if name igmp interface type proxy upstream Define the interface as the IGMP proxy upstream interface 3 node ctx ip ctx name interface if name Go to an IP interface which shall act as an...

Page 122: ...NAPT traversal 126 NAT NAPT configuration task list 127 Creating a NAPT profile 127 Configuring a NAPT DMZ host 128 Defining NAPT port ranges 128 Preserving TCP UDP port numbers in NAPT 129 Defining t...

Page 123: ...ponent It allows hosts on the local network to access any host on the global network by using the global interface address as source address It modifies not only the source address but also the source...

Page 124: ...Dynamic NAT NAT only modifies addresses but not ports Dynamic NAT assigns a global address from a global NAT address pool each time a local host wants to access the global network It creates a dynamic...

Page 125: ...that do not build on UDP or TCP but directly on IP e g GRE ESP and protocols that open addi tional connections unknown to the NAT NAPT component e g FTP H 323 SIP do not easily traverse a NAPT The Sm...

Page 126: ...activates the basic behavior of the Dynamic NAPT 2 optional node pf napt name range local ip range start local ip range stop global ip Configures and activates the enhanced behavior of the Dynamic NA...

Page 127: ...receives any inbound traffic on the global NAPT interface which Is not translated by any static or dynamic NAPT entry and Is not handled by the device itself The following procedure shows how a DMZ h...

Page 128: ...st is ordered by the security of the NAPT type starting with the highest security type symmetric port restricted cone address restricted cone full cone You find a detailed description of these NAPT ty...

Page 129: ...ce lan node cfg context ip router node ctx ip router interface lan node if ip lan use profile napt access Displaying NAT NAPT configuration information Two commands are available to display an existin...

Page 130: ...STATIC NAPT RANGE MAPPINGS Local IP Start Local IP Stop Global IP 192 168 1 10 192 168 1 19 131 1 1 15 STATIC NAT RANGE MAPPINGS Local IP Start Local IP Stop Global IP Start Global IP Stop 192 168 1...

Page 131: ...133 Configuring Ethernet encapsulation type for an Ethernet port 134 Binding an Ethernet port to an IP interface 134 Multiple IP addresses on Ethernet ports 135 Configuring a VLAN 136 Configuring laye...

Page 132: ...r an Ethernet port advanced see page 136 Closing an Ethernet port see page 138 Entering the Ethernet port configuration mode To enter port configuration mode and begin configuring an Ethernet port ent...

Page 133: ...Example Configuring Ethernet encapsulation type for an Ethernet port The following example shows how to configure the encapsulation type to IP for the Ethernet port on slot 0 and port 0 node cfg port...

Page 134: ...eth 0 0 bind interface lan router Multiple IP addresses on Ethernet ports It is possible to use multiple IP addresses on an Ethernet port by binding the port to multiple IP interfaces Each of the IP...

Page 135: ...that is bound to this port is also closed All static routing entries that are using this interface change their state to invalid and all dynamic routing entries will be removed from the route table m...

Page 136: ...scribes how to change layer 2 CoS to service class mapping Step Command Purpose 1 node config port ethernet slot port Enter Ethernet port configura tion 2 node prt eth slot port vlan id Create new VLA...

Page 137: ...into a firm ware specific service class value Each conversion is stored as a mapping table entry so the receive mapping table consists of several mapping table entries This procedure describes how to...

Page 138: ...down command This command also disables and closes the IP interface that is bound to that port All static routing entries that are using this interface change their state to invalid and all dynamic ro...

Page 139: ...t 0 gets also closed Checking the state of the IP interface wan indicates this with the CLOSED for parameter state node prt eth 0 1 show ip interface Context router Name wan IP Address 172 17 100 210...

Page 140: ...the capture buffer is full 2 Now the sniffer is active and will capture the datapackets on the specified ethernet port 3 name cfg no sniff ether net 0 1 Disable the sniffer on ethernet port 0 1 Note...

Page 141: ...ontrol list 149 Creating a service policy profile 150 Specifying the handling of traffic classes 152 Defining fair queuing weight 152 Defining the bit rate 153 Defining absolute priority 153 Defining...

Page 142: ...ice and data packets To improve QoS you can configure the SmartNode to send no more data to the Internet than the modem can carry This keeps the modem s queue empty and gives the SmartNode control ove...

Page 143: ...ent because they will not use up the entire bandwidth Weighted fair queuing WFQ This arbitration method assures a given minimal bandwidth for each source An example you specify that traf fic class A g...

Page 144: ...at the burstiness needed for sources to catch up after collisions is implicitly allowed Future versions of SmartWare might allow setting the burst rate and bursting size if more control over its behav...

Page 145: ...he voice and data multiplexing to the capacity of the access link is the most common application of the SmartWare link scheduler 1 Create a minimal profile profile service policy modem 512 rate limit...

Page 146: ...Release 12 2 QoS commands are in contrast with the respective SmartWare commands Link scheduler configuration task list To configure QoS features perform the tasks described in the following sections...

Page 147: ...hat matches decides what happens to the packet As far as filtering is concerned the rule decides if the packet is discarded deny or passed on permit You can also add a traffic class to the rule and if...

Page 148: ...sed as source address in the permit statement of the IP filter rule for the access control list Figure 25 Scenario with Web server regarded as a single source host A new access control list has to be...

Page 149: ...ontrol lists the link arbiter needs rules defining how to handle the different traffic classes For that purpose you create a service policy profile The service policy profile defines how the link arbi...

Page 150: ...class local voice priority source traffic class Web share 30 source traffic class local default share 20 source traffic class default queue limit 40 share 50 The first line specifies the name of the l...

Page 151: ...ing fair queuing weight The command share is used with wfq link arbitration to assign the weight to the selected traffic class When defining a number of source classes the values are relative to each...

Page 152: ...the class name Excess pack ets are dropped Used in class mode queuing only happens at the leaf of the arbitration hierarchy tree The no form of this command reverts the queue limit to the internal def...

Page 153: ...ice RFC791 RFC1349 The precedence field is defined by the first three bits and supports eight levels of priority The low est priority is assigned to 0 and the highest priority is 7 The no form of this...

Page 154: ...time critical data Under 802 1p a 4 byte Tag Control Info TCI field is inserted in the Layer 2 header between the Source Address and the MAC Client Type Length field of an Ethernet Frame Table 6 list...

Page 155: ...packets that have to be included in the QoS process base upon their size In the service policy profile exists a command that allows mapping of a specific packet size or a range to a traffic class Ther...

Page 156: ...ed voice traffic will be pro cessed like local generated voice traffic 4 name pf srvp name out source traffic class local voice Enters traffic class configuration mode 5 name src local v priority Spec...

Page 157: ...ders may use input shaping to improve downlink voice jitter in the absence of voice support The default setting no service policy sets the interface to FIFO queuing Mode Interface Example Devoting the...

Page 158: ...eduling profile information The show profile service policy command displays link scheduling profile information of an existing ser vice policy profile This command is only available in the administra...

Page 159: ...or all queues of a profile The following example shows how to enable statistic gathering for all traffic classes node enable node configure node cfg profile service policy sample node pf srvpl sample...

Page 160: ...166 Configuring the baudrate 166 Enter Frame Relay mode 168 Configuring the LMI type 168 Configuring the keep alive interval 169 Enabling fragmentation 169 Entering Frame Relay PVC configuration mode...

Page 161: ...ks enable end stations to dynamically share the network medium and the available bandwidth Variable length packets are used for more efficient and flexible transfers These packets are then switched be...

Page 162: ...mmand output of show port serial node cfg port serial 0 0 node prt ser 0 0 shutdown node prt ser 0 0 show port serial Serial Interface Configuration Port serial 0 0 0 State CLOSED Hardware Port V 35 T...

Page 163: ...interface use the encapsulation interface configuration command This procedure describes how to set the encapsulation type of the serial interface Mode Administrator execution Example Configuring the...

Page 164: ...35 protocol to be used x21 for X 21 protocol to be used Mode Administrator execution Example Configuring the hardware port protocol The following example enables X 21 as hardware port protocol for th...

Page 165: ...inverted in the command output of show port serial node cfg port serial 0 0 node prt ser 0 0 transmit data on edge negative node prt ser 0 0 show port serial Serial Interface Configuration Port seria...

Page 166: ...the baudrate of the selected hardware node cfg port serial 0 0 node prt ser 0 0 transmit data on edge negative node prt ser 0 0 show port serial detail 5 HDLC Driver 0x8496b8 Slot 0 Number of Ports 1...

Page 167: ...mode for the serial interface on slot 0 and port 0 node cfg port serial 0 0 node prt ser 0 0 framerelay node frm rel 0 0 Configuring the LMI type For a Frame Relay network the line protocol is the pe...

Page 168: ...val Mode Frame Relay To disable keep alives on networks that do not utilize LMI use the no keepalive interface configuration command Example Configuring the keep alive interval The following example s...

Page 169: ...elay to the real time data The FRF 12 Implementation Agree ment defines FRF 12 fragmentation This standard was developed to allow long data frames to be fragmented into smaller pieces fragments and in...

Page 170: ...the basis for connections between stations attached to the same Frame Relay network The resulting set of interconnected devices forms a private Frame Relay group which may be either fully inter conne...

Page 171: ...a Frame Relay network This procedure describes how to set the encapsulation type to comply with RFC 1490 Mode Frame Relay Example Configuring the PVC encapsulation type The following example sets the...

Page 172: ...rface name which is related to the IP context router Mode PVC Example Binding the Frame Relay PVC to IP interface The following example binds the Frame Relay PVC 1 to the IP interface wan of IP contex...

Page 173: ...fig and verify that the entry no shutdown occurs in the con figuration part responsible for this PVC node pvc 1 show running config Running configuration pvc 1 encapsulation rfc1490 bind interface wan...

Page 174: ...sly impact your system performance This procedure describes how to display the Frame Relay configuration settings for the serial interface Mode Administrator execution Command Purpose no debug framere...

Page 175: ...d 1 Displaying Frame Relay information Since Frame Relay configuration for the serial interface is complex and requires many commands it is helpful to list the frame relay configuration on screen This...

Page 176: ...rst PVC labeled as PVC 1 connects to the MSP access device The second PVC labeled PVC 2 connects to the VPN provider access device on the leased line network A SmartNode is working as a DTE and access...

Page 177: ...de configure 2 Set up the IP interface configuration first Be aware that not all of the necessary settings are listed below node cfg context ip router node ctx ip router interface external node if ip...

Page 178: ...able fragmentation for PVC 1 The voice uses codec G 723 at a packet size of 30ms so the minimum fragment size must be 66 Bytes Setting the fragment size to 300 Bytes introduces an additional delay of...

Page 179: ...ring T1 E1 application mode 183 Configuring T1 E1 LOS threshold 184 Configuring E1 T1 Loopback detection 184 Configuring T1 E1 encapsulation 185 Create a Channel Group 185 Configuring Channel Group Ti...

Page 180: ...the T1 E1 port Enable Disable T1 E1 port Configuring the T1 E1 port type Configuring T1 E1 clock mode Configuring T1 E1 line code Configuring T1 E1 framing Configuring T1 line build out LBO T1 only C...

Page 181: ...the other case the data transmission will fail due to bit failures Mode port e1t1 slot port Configuring T1 E1 line code Three different line codes can be selected on the T1 E1 port whereas only ami i...

Page 182: ...tching must be adapted RJ45 120 Ohm BNC 75 Ohm Mode port e1t1 slot port Configuring T1 E1 application mode The T1 E1 port can be configured to work in either short haul or in long haul mode Short haul...

Page 183: ...to the customer It sends the loopback up code to the customer device then subsequently starts for example a Pseudo Random Bit Sequence PRBS to determinate the quality of the connection Depending on t...

Page 184: ...an the total number of timeslots for the channel 1 31 for E1 1 24 for T1 is able to configure single or multiple timeslots for data transmission To use this feature the encapsulation must be configure...

Page 185: ...nly the encapsulation type hdlc is available For more details see Configuring T1 E1 Encapsulation Mode channel group group name Entering HDLC Configuration Mode The hdlc configuration mode can be ente...

Page 186: ...ting up framerelay or ppp is exactly the same as for an X 21 V 35 serial port For that reason see chapter 14 Serial port configuration on page 160 for more details about frame relay configu ration and...

Page 187: ...T1 E1 port configuration Example 1 Frame Relay without a channel group port e1t1 0 0 port type e1 framing crc4 encapsulation hdlc hdlc encapsulation framerelay framerelay lmi type itu pvc 100 encapsul...

Page 188: ...pe itu pvc 100 encapsulation rfc1490 bind interface pvc100 router no shutdown port e1t1 0 0 no shutdown Example 3 PPP without a channel group port e1t1 0 0 port type e1 framing crc4 encapsulation hdlc...

Page 189: ...ting 191 Policy routing 191 Basic IP routing configuration task list 191 Configuring static IP routes 192 Deleting static IP routes 193 Displaying IP route information 193 Configuring policy routing 1...

Page 190: ...outing algorithms must converge rapidly i e all routers must agree on optimal routes When a network event causes routes either to go down or to become unavailable routers distribute routing update mes...

Page 191: ...the network or subnet and the 0 bits indicate the host portion of the network address provided address The IP address of a next hop router that can access the target network or subnet interface The na...

Page 192: ...s command displays the destination address next hop interface protocol local static RIP or ICMP metric flags U up H host G Gateway L local D default and amount of use for each route in the routing tab...

Page 193: ...ed as routing criteria The follow ing traffic classes are defined Default all IP packets that are arriving from the WAN or the LAN and need to be routed through Local voice IP packets that are created...

Page 194: ...escribed in the subsection Testing connections with the ping command on page 118 in Chapter 10 IP interface configuration Traceroute refer to the traceroute command described in the subsection Tracero...

Page 195: ...ter Status codes valid U up H host G Gateway L local D default Destination Nexthop Protocol Metric Flags Used 127 0 0 1 32 local 0 LHG n a 172 16 40 1 24 local 0 LHG n a 172 17 100 1 24 local 0 LHG n...

Page 196: ...pecifying the receive RIP version 201 Enabling RIP learning 201 Enabling an interface to receive RIP 202 Enabling RIP announcing 202 Enabling RIP auto summarization 203 Specifying the default route me...

Page 197: ...or the router can source generate the default network itself with RIP In both cases the default net work is advertised through RIP to other RIP neighbors a SmartNode will send and receive RIP informa...

Page 198: ...IP commands have the character of a flag which is either enabled or disabled Enabling send RIP Enabling an interface to receive RIP see page 199 Specifying the send RIP version see page 199 Specifying...

Page 199: ...router interface wan node if ip wan rip receive Specifying the send RIP version By default RIP 1compatible packets are sent Alternatively you can explicitly configure the RIP version to be sent with...

Page 200: ...ute whose destination is already in the local table the new route is used only if it has a lower cost The cost of a route is determined by adding the cost of reaching the gateway that sent the update...

Page 201: ...specific routing information to other elements in a network The RIP announcing command is used for this purpose and offers options for default for RIP default routes host for IP host routes self as d...

Page 202: ...destination net work Each hop in a path from source to destination is assigned a hop count value which is typically 1 When a SmartNode receives a routing update that contains a new or changed destina...

Page 203: ...lit horizon processing The following example shows how to enable split horizon on IP interface wan node cfg context ip router node ctx ip router interface wan node if ip wan rip split horizon Enabling...

Page 204: ...holding down aged routes The following example shows how to enable holding down of aged routes on IP interface wan node cfg context ip router node ctx ip router interface wan node if ip wan rip route...

Page 205: ...self as default disabled route holddown enabled poison reverse disabled auto summary disabled split horizon disabled default route value 0 Displaying global RIP information SmartWare also support disp...

Page 206: ...ccess control list 210 Creating an access control list profile and enter configuration mode 211 Adding a filter rule to the current access control list profile 211 Adding an ICMP filter rule to the cu...

Page 207: ...to forward or drop the packet based on the criteria you specified within the access lists Access list criteria could be the source address of the traffic the destination address of the traffic the up...

Page 208: ...tioned between two parts of your network to control traffic entering or exiting a specific part of your internal network To provide the security benefits of access lists you should configure access li...

Page 209: ...t matching the criteria to be dropped To delete an entire access control list enter configuration mode and use the no form of the profile acl com mand naming the access list to be deleted e g no profi...

Page 210: ...al statements that will make up the access control list Use the no form of this command to delete an access control list profile You cannot delete an access control list profile if it is currently lin...

Page 211: ...ontrol list entry that denies access defined according to the command options Keyword Meaning src The source address to be included in the rule An IP address in dotted decimal format e g 64 231 1 10 s...

Page 212: ...procedure describes how to create an ICMP access control list entry that denies access Mode Profile access control list Step Command Purpose 1 node pf acl name permit icmp src src wildcard any host s...

Page 213: ...luded in the rule An IP address in dotted decimal format e g 64 231 1 10 dest wildcard A wildcard for the destination address See src wildcard host dest The address of a single destination host msg na...

Page 214: ...Mode Profile access control list This procedure describes how to create a TCP UDP or SCTP access control list entry that denies access Mode Profile access control list Step Command Purpose 1 node pf...

Page 215: ...Indicates that a packets port must be equal to the specified port in order to match the rule lt port Optional Indicates that a packets port must be less than the specified port in order to match the r...

Page 216: ...ist profile to incoming packets on the interface wan in the IP router context node cfg context ip router node cfg ip router interface wan node cfg if wan use profile acl WanRx in Step Command Purpose...

Page 217: ...rofile Mode Administrator execution or any other mode except the operator execution mode Example Displaying an access control list entries The following example shows how to display the access control...

Page 218: ...e disables the debug monitor for access control lists globally node no debug acl Step Command Purpose 1 node cfg context ip router Selects the IP router context 2 node ctx ip router interface if name...

Page 219: ...lan Figure 33 Deny a specific subnet on an interface The commands that have to be entered are listed below 172 16 2 1 enable 172 16 2 1 configure 172 16 2 1 cfg profile acl Jamming 172 16 2 1 pf acl...

Page 220: ...dentification of a SmartNode via SNMP 223 SNMP tools 224 SNMP configuration task list 224 Setting basic system information 224 Setting access community information 226 Setting allowed host information...

Page 221: ...n SNMP agent and resides on a managed network Managed devices collect and store management information and make this information available to NMSs using SNMP Managed devices sometimes called network e...

Page 222: ...and naming objects and events for the purpose of management The first ver sion Structure of Management Information SMIv1 is described in RFC 1155 Structure and Identifica tion of Management Informati...

Page 223: ...nformation The implementation of the MIB II system group is mandatory for all systems By default an SNMP agent is configured to have a value for any of these variables and responds to get commands fro...

Page 224: ...ternet mgmt mib 2 system sysLocation After setting these values according to 1 through 3 any SNMP MIB browser application should read the values using a get or get next command as shown in figure 34 T...

Page 225: ...displays the IP address of the Ethernet port over which the Telnet session is running but shows the newly entered host name Setting access community information SNMP uses one or more labels called com...

Page 226: ...ffected devices possibly without the system administrators being aware that changes are being made resulting in a failure of integrity and a possible failure of device availability To prevent these si...

Page 227: ...a message that the SNMP agent sends to a network management station For example an SNMP agent would send a trap when an interface s status has changed from up to down The SNMP agent must know the add...

Page 228: ...loset 3rd floor contact Bill Anybody Phone 818 700 1504 Hosts 172 16 224 44 security name public Targets 172 16 224 44 security name Not4evEryOne Communities public access right ro Not4evEryOne access...

Page 229: ...orm the same operations as the options available in the toolbar The left frame holds the MIB tree A MIB tree is a structure through which all the MIBs loaded can be viewed The MIB tree component enabl...

Page 230: ...the value in the Port text field is 162 Enter the desired port in the field on which the viewer will listen The default value in the Community text field is public Set the community of the incoming tr...

Page 231: ...n the MIB II sysUpTime variable converted into hours minutes and seconds Enterprise This field shows the OID of the management enterprise that defines the trap message The value is represented as an O...

Page 232: ...with the SNMP warmStart TRAP TYPE ENTERPRISE snmp DESCRIPTION A warmStart trap signifies that the sending protocol entity is reinitializing itself such that neither the agent configuration nor the pro...

Page 233: ...community string which does not correspond to the system setting coldStart TRAP TYPE ENTERPRISE snmp DESCRIPTION A coldStart trap signifies that the sending protocol entity is reinitializing itself s...

Page 234: ...19 SNMP configuration 2002 09 06T14 54 39 LOGINFO Link up on interface eth00 2002 09 06T14 54 39 LOGINFO Link up on interface eth01 2002 09 06T14 56 02 LOGINFO Link up on interface SLOT2 00 ISDN D 20...

Page 235: ...abling the SNTP client 240 Defining SNTP client poll interval 240 Defining SNTP client constant offset to GMT 240 Defining the SNTP client anycast address 241 Enabling and disabling local clock offset...

Page 236: ...enticate traffic although you can configure extended access lists to provide some protection An SNTP client is more vulnerable to misbe having servers than an NTP client and should only be used in sit...

Page 237: ...elative to the server In anycast mode multipoint to point the client sends a request to a designated local broadcast or multicast group address and expects a reply from one or more anycast servers In...

Page 238: ...ation port on SNTP time server fields in the UDP header The local port number which the SNTP client uses to contact the primary or secondary SNTP time server in unicast mode has to be defined Note The...

Page 239: ...ode Configure Example Setting the SNTP client poll interval In the following example the SNTP client poll interval is set to 30 seconds node cfg sntp client poll interval 30 Defining SNTP client const...

Page 240: ...e anycast servers listen on the designated local broadcast address or multicast group address Each anycast server upon receiving a request sends a unicast reply message to the originating client The c...

Page 241: ...liseconds relative to the server In addition this provides a simple method to verify that the server reply is in fact a legitimate response to the specific client request and to avoid replays In multi...

Page 242: ...ntp client SNTP client enabled Operating mode unicast Local port 123 Primary server 172 16 1 10 123 v4 Secondary server 128 138 140 44 123 v4 Anycast address 224 0 1 1 123 Poll interval 30sec Local cl...

Page 243: ...e the SNTP debug monitor and end any debug information node cfg no debug sntp client Recommended public SNTP time servers NIST Internet time service The National Institute of Standards and Technology...

Page 244: ...formation about NIST Internet Time Service ITS check their web server at http www boulder nist gov timefreq service its htm Additional information on NTP and a list of other NTP servers The site http...

Page 245: ...an IP interface 248 Release or renew a DHCP lease manually advanced 250 Get debug output from DHCP client 250 DHCP server configuration tasks 251 Configure DHCP server profiles 251 Use DHCP server pro...

Page 246: ...ssigning IP addresses was replaced by automatic distributing IP addresses The days when a network administrator had to manually configure each new network device before it could be used on the network...

Page 247: ...DHCP client on an IP interface Release or renew a DHCP lease manually advanced see page 249 Get debug output from DHCP client see page 249 Configure DHCP agent Enable DHCP client on an IP interface On...

Page 248: ...an IP interface node cfg context ip node ctx ip router interface eth0 node if ip eth0 ipaddress dhcp node if ip eth0 show dhcp client Context router Name eth0 IpAddress 172 16 224 102 255 255 0 0 Defa...

Page 249: ...renew node cfg context ip node ctx ip router interface eth0 node if ip eth0 debug dhcp client node if ip eth0 dhcp client release 01 12 28 DHCPC router eth0 Rels Unicasting DHCP release xid 490cb56b s...

Page 250: ...the steps mentioned below Configure DHCP server profiles Use DHCP server profiles and enable the DHCP server and to clear lease database see page 252 Check DHCP server configuration and status see pa...

Page 251: ...pf dhcps name lease time days hours minutes Defines the time a lease is valid DHCP Option 51 6 optional node pf dhcps name no domain name domain name A PC DHCP client may use this domain name to compl...

Page 252: ...r This example shows how to assign a profile to the DHCP server and to start the DHCP server node ctx ip router dhcp server use LAN node ctx ip router dhcp server 10 optional node pf dhcps name no boo...

Page 253: ...e 192 168 1 32 192 168 1 63 Lease Time 2 days Default Router 192 168 1 1 Domain Name Server 80 254 161 125 80 254 161 126 Bound leases 192 168 1 32 Dufour Address ethernet 00 10 A4 7C 7A F8 Client Id...

Page 254: ...OFFER to 192 168 1 32 via 255 255 255 255 68 21 41 29 DHCPS Deferring save of lease database 21 41 29 DHCPS Last saved at 2002 12 04T21 40 29 next at 2002 12 04T21 55 29 21 41 29 DHCPS Request from et...

Page 255: ...255 Chapter 22 DNS configuration Chapter contents Introduction 257 DNS configuration task list 257 Enabling the DNS resolver 257 Enabling the DNS relay 258...

Page 256: ...t originated the query This process enables the SmartNode to provide answers more quickly to often queried DNS names reducing the number of DNS que ries that must be sent across the access link DNS co...

Page 257: ...scovered IP 81 221 250 10 Not used Discovered IP 81 221 252 10 Not used node cfg Configured IP indicates a domain name server that has been configured as shown at the beginning of this section Discove...

Page 258: ...vers can be consulted from the SmartNode The DNS resolver must be configured before you can use the DNS relay feature see section Enabling the DNS resolver on page 256 to enable the DNS resolver if yo...

Page 259: ...ion 261 DynDNS configuration task list 261 Creating a DynDNS account 261 Configuring the DNS resolver 261 Configuring basic DynDNS settings 262 Configuring advanced DynDNS settings optional 262 Defini...

Page 260: ...ifferent levels of service The basic services are offered free of charge while the more advanced services are chargeable The SmartNode supports the following DynDNS services Dynamic DNS Static DNS Cus...

Page 261: ...required you can define a mail exchanger or a backup mail exchanger for your hostname on the DynDNS server Mode DynDNS Step Command Purpose 1 node dyndns authentication user pass word Defines the auth...

Page 262: ...Hostname test dyndns org You can also monitor current activities of the DynDNS client This includes ongoing DNS queries for DynDNS servers verification of the currently registered IP address and updat...

Page 263: ...You can also force the DynDNS client to resume normal operation if the state of the DynDNS client is shown as blocked and the problem which led to the blocked state has been solved The DynDNS client w...

Page 264: ...able interface IP address auto configuration from PPP 271 Configuring a PPPoE session 271 Configuring a serial port for PPP 273 Creating a PPP profile 274 Displaying PPP configuration information 275...

Page 265: ...ctivity over different types of link layers all PPP configuration elements connect to the IP context through an IP interface This connection is relayed via a subscriber profile if either PPP peer requ...

Page 266: ...nterface must apply a network address port translation NAPT if the PPP service provider only offers a single IP address and not an IP sub net or if the IP addresses on the LAN shall be private and hid...

Page 267: ...P address offered by the PPP remote peer The parameter netmask specifies the size of the subnet in case no point to point is configured 4 optional node if ip name no tcp adjust mss rx tx mtu mss Limit...

Page 268: ...disables automatic configuration of the interface IP address from the PPP network control protocol negotiation Mode profile ppp Creating a PPP subscriber One or more PPP subscriber shall be configured...

Page 269: ...in 3 node subscr name no authentication chap pap chap pap Defines the authentication protocol to be used PAP and or CHAP 4 optional node subscr name no identification outbound inbound user password p...

Page 270: ...terface IP address auto configuration from PPP This procedure enables disables automatic configuration of the interface IP address from the PPP network control protocol negotiation Mode profile ppp Co...

Page 271: ...ssion with the name name 7 node pppoe slot port no bind inter face name router or node pppoe slot port no bind sub scriber name Binds the PPPoE session directly to the IP inter face name in case no au...

Page 272: ...ulation ppp node prt ser 0 0 bind subscriber joe_example node prt ser 0 0 no shutdown Step Command Purpose 1 node cfg port serial slot port Enters the configuration mode for the serial port on slot an...

Page 273: ...node cfg no profile ppp name default Creates the new PPP profile name and enters the PPP profile configuration The profile default already exists 2 optional node pf ppp name mtu min min max max Define...

Page 274: ...ion inbound none Identification outbound patton patton Timeout for disconnect no absolute timeout no idle timeout Max sessions no limit IP address none Callback none Binding interface ppp_interface ro...

Page 275: ...LCP Configure Request interval 3000 ms max 10 LCP Configure Nak max 5 LCP Terminate Request interval 3000 ms max 2 LCP Echo Request interval 10000 ms max 3 MTU 68 1492 MRU 68 1492 Callback both CHAP a...

Page 276: ...us configuration information and sta tistics of PPPoE in general and of the PPPoE ses sion s Check whether state of the respective session is Opened level specifies to level of details displayed 1 4 d...

Page 277: ...Local ID 100000020390 Remote ID Local configured options Magic Number 0x00000000 MRU 1492 68 1492 ACCM 0xffffffff Local acknowledged options Remote configured options Magic Number 0xb89d9e6b MRU 1492...

Page 278: ...sion Protocol VJC Max Slot Id 31 Comp Slot Id 1 Remote configured options IP Address 0 0 0 0 IP Compression Protocol VJC Max Slot Id 24 Comp Slot Id 1 Remote acknowledged options IP Address 10 10 10 1...

Page 279: ...ce ipaddress 172 16 1 1 255 255 0 0 interface ppp_interface ipaddress unnumbered point to point tcp adjust mss rx mtu tcp adjust mss tx mtu use profile napt WAN context ip router route 0 0 0 0 0 0 0 0...

Page 280: ...on numbered interface context ip router interface ppp_interface ipaddress 172 17 1 1 255 255 255 252 point to point port serial 0 0 encapsulation ppp bind interface ppp_interface no shutdown With auth...

Page 281: ...profile for IPSEC 293 Configuration of an IP interface and the IP router for IPSEC 293 Policy matching 293 Sample configuration snippet 293 Troubleshooting 294 Encrypted Voice Performance consideratio...

Page 282: ...s a combination of the keyed hashing for message authentication HMAC and the mes sage digest version 5 MD5 hash algorithm It requires an authenticator of 128 bit length and calculates a hash of 96 bit...

Page 283: ...e applied to reverse engineering a DES key it can take from 3 hours to 3 days to break the key Thus for maximum security DES keys must be manually updated regularly AES or 3DES keys because they are m...

Page 284: ...defines which IPsec transformation profile to apply and whether transport or tunnel mode shall be most effective The SPI identifies a secured communication channel The IPsec component needs the SPI t...

Page 285: ...ee section Authentication on page 282 and Encryption on page 282 or explicit specification Keys must be available for inbound and out bound directions They can be different for the two directions Make...

Page 286: ...ic passes an ACL if available twice once before and once after encryption authentication So the respective ACLs must permit the encrypted authenticated and the plain traffic For detailed information o...

Page 287: ...mation This section shows how to display and verify the IPsec configuration information Procedure To display IPsec configuration information Mode Configure Step Command Purpose 1 node cfg context ip r...

Page 288: ...problems Procedure To debug IPsec connections Mode Configure Example IPsec Debug Output node cfg debug ipsec IPSEC monitor on 23 11 04 ipsec Could not find security association for inbound ESP packet...

Page 289: ...y authenticates the peers establishes a shared secret between them and negoti ates cryptographic transforms in order to create an ISAKMP security association between the two peers The ISAKMP security...

Page 290: ...nfigure an ISAKMP transform profile Mode configure Step Command Purpose 1 optional node pf ipstr ctx name key life time seconds seconds Define a new maximum lifetime of the security associations in se...

Page 291: ...an group to be used Note The higher the group number is the higher is the key length during the diffie hellman exchange and the higher is the processing time for the establishment of the shared secret...

Page 292: ...ction group ID in the ISAKMP IPSEC policy profiles of all the peers which should use the same remote policy In this case if the system receives an initial IKE packet it will search for an ISAKMP IPSEC...

Page 293: ...unnel peer 1 2 3 4 diffie hellman group group2 use profile ipsec transform 1 IPSEC_3DES_192 use profile isakmp transform 1 ISAKMP_3DES_192 context ip interface WAN use profile acl WAN_Out out Troubles...

Page 294: ...aphic accelerator hardware which does these computationally intensive tasks for the main CPU On such systems RTP encryption has almost no impact on the overall system performance You can see using the...

Page 295: ...oint to mul tipoint links However you can manually enable or disable the Call Hold feature using the following com mand The default setting can be achieved using the auto configuration option Mode int...

Page 296: ...uration profile ipsec transform DES esp encryption des cbc 64 profile ipsec policy manual VPN_DES use profile ipsec transform DES session key inbound esp encryption 1234567890ABCDEF session key outbou...

Page 297: ...16 1 1 255 255 0 0 interface FastEthernet0 1 ip address 200 200 200 1 255 255 255 252 crypto map VPN_DES ip route 192 168 1 0 255 255 255 0 FastEthernet0 1 IPsec tunnel AES encryption at 256 bit key...

Page 298: ...nge the name of the IPsec policy profile in the ACL profile VPN_Out IPsec tunnel 3DES encryption at 192 bit key length ESP authentication with HMAC MD5 96 SmartNode configuration profile ipsec transfo...

Page 299: ...0987654321 authenticator FEDCBA0987654321FEDCBA0987654321 set session key outbound esp 7777 cipher 1234567890ABCDEF1234567890ABCDEF1234567890ABCDEF authenticator 1234567890ABCDEF1234567890ABCDEF set t...

Page 300: ...ones 308 Configuring voice over IP parameters 308 Configuring ISDN ports 309 Configuring FXS ports 309 Configuring an H 323 VoIP connection 309 Configuring a SIP VoIP connection 309 Activating CS cont...

Page 301: ...sponsible for all aspects of circuit signaling switching and emulation Besides the CS context itself the CS entity consists of the following indicated by the shaded area enclosed by a dashed line in f...

Page 302: ...e relationship between the CS configuration components We recommend that you perform the CS context configuration in the sequence described below Many of the parameters have default values that do not...

Page 303: ...ding on its prefix and number length Figure 42 Remote office in an Enterprise network An application like that shown in figure 42 would require the following CS configuration Since the remote office i...

Page 304: ...section Configuring an H 323 VoIP connection on page 308 Two Ethernet ports and their corresponding IP interfaces will be needed You must not start to configure the CS context and its components until...

Page 305: ...another The call router determines the destination interface for every incoming call It supports complex call routing and call property manipula tion e g number manipulation functions See chapter 33...

Page 306: ...f CS contexts are supported The name of the default instance is switch The name and number of CS interfaces depends on your own configuration The interfaces on the CS context represent logi cal connec...

Page 307: ...gnals The tones are configured in tone set profiles that are used from a specific CS interface If no tone set profile is specified a default tone set profile is used In most cases the default profile...

Page 308: ...address For examples and information on how to configure direct call sig naling on H 323 voice connections refer to chapter 31 H 323 interface configuration on page 360 To con figure gatekeeper routed...

Page 309: ...ion on page 491 In order to become active the CS context must be enabled When recovering from the shutdown status the CS context and call router configuration is checked and possible errors are indica...

Page 310: ...6652 dest interface IF NODE B default dest interface IF LOCAL BA Table switch CAC APPLE Key Value Function Dest Type Dest Name called e164 called e164 1055 1 node cfg debug call router node cfg contex...

Page 311: ...precall service 02 14 33 CR switch Loading table IF NODE C precall service node ctx cs switch Example Configure SmartNode in an Enterprise Network Situation Figure 44 shows an enterprise network with...

Page 312: ...inter faces A hunt group that summarizes two ISDN interfaces is configured later during call router configura tion For every remote H 323 device we need a H 323 interface There are two in total One g...

Page 313: ...node ctx cs switch interface isdn IF PBX2 node if pstn IF PBX2 route call dest table TAB CALLED NUMBER node if pstn IF PBX2 exit node ctx cs switch interface isdn IF PUBLIC PSTN1 node if pstn IF PUBL...

Page 314: ...ault dest service HUNT PUBLIC PSTN node rt tab TAB CAL exit node ctx cs switch The hunt group HUNT COMPOFF A tries to reach the company office A routing the call directly to the H 323 interface IF COM...

Page 315: ...x cs switch interface h323 IF COMPOFF B node if h323 IF COMP use profile voip H323 VOIP PROFILE node if h323 IF COMP exit node cfg Configuring BRI ports Next step is to configure the BRI ports and to...

Page 316: ...call signaling node cfg gateway h323 h323 node gw h323 h323 no ras node gw h323 h323 faststart node gw h323 h323 bind interface eth0 node gw h323 h323 exit node cfg Activating the CS context configura...

Page 317: ...323 Gateway h323 RAS Engine Administrative Status no Gatekeeper Discovery auto Gatekeepers Re Registration Time 90s Local Aliases Source Information Faststart yes Early H 245 no H 245 Tunneling no Ca...

Page 318: ...gth 20 codec 3 g711ulaw64k rx length 20 tx length 20 context ip router interface eth0 ipaddress 147 86 130 1 255 255 225 0 mtu 1500 interface eth1 ipaddress 10 0 0 1 255 255 225 0 mtu 1500 context cs...

Page 319: ...out of order drop cause temporary failure drop cause switching equipment congestion drop cause access info discarded drop cause circuit channel not available drop cause resources unavailable route cal...

Page 320: ...0 half encapsulation ip bind interface eth0 router no shutdown port ethernet 0 1 medium 10 half encapsulation ip bind interface eth1 router shutdown port bri 2 0 clock auto encapsulation q921 q921 pro...

Page 321: ...21 q921 protocol pp uni side auto encapsulation q931 q931 protocol dss1 uni side user encapsulation cc isdn bind interface IF PUBLIC PSTN1 port bri 2 2 no shutdown port bri 2 3 clock auto encapsulatio...

Page 322: ...ion Chapter contents Introduction 324 CS interface configuration task list 324 Creating and configuring CS interfaces 325 Configuring call routing 326 Configuring the interface mapping tables 327 Conf...

Page 323: ...Figure 46 illustrates the function of the CS interfaces The types of CS interfaces are PSTN interfaces telephony Binding is done from a port to an interface VoIP interface provide voice over IP setti...

Page 324: ...deleted as described in the following table Procedure Create and configure CS interfaces Mode Configure Examples Create CS interfaces and delete another Step Command Purpose 1 node cfg context cs Ente...

Page 325: ...l router sn43 IF PBX1 IF PBX2 IF PUBLIC PSTN1 IF PUBLIC PSTN2 IF COMPOFF A HUNT COMPOFF A HUNT PBX HUNT PUBLIC PSTN node ctx cs switch no interface isdn IF PBX1 node ctx cs switch Configuring call rou...

Page 326: ...when a call arrives on a CS interface and is routed to another interface through routing and mapping tables This imposes a limitation to call property manipulation When a call property like a party s...

Page 327: ...er to the chapter 33 Call router configuration on page 381 for more information about how to create and configure mapping tables Procedure To use mapping tables to filter properties on an CS interface...

Page 328: ...pplied to the called party number and the call ing party number The mapping table adds a prefix of 00419988825 to the called and calling party number Incoming call 2 originally has a calling party num...

Page 329: ...lementary services like call waiting etc Precall service tables are configured as part of the call router in the context CS configuration mode Precall service tables are used on an FXS interface where...

Page 330: ...C map 43 to activate cw node pcs tab SUPP SVC map 43 to deactivate cw node pcs tab SUPP SVC map 43 to interrogate cw node pcs tab SUPP SVC exit node ctx cs switch interface fxs IF PHONE node if fxs IF...

Page 331: ...ng ringback tone on ISDN user side interfaces 335 Configuring call waiting optional 335 Disabling call waiting on ISDN DSS1 network interfaces 335 Configuring date time publishing to terminals optiona...

Page 332: ...nd network side of the following protocols DSS1 NI2 NTT The settings are automatically taken from the port that binds to the interface and changes on the port are automat ically reflected on the inter...

Page 333: ...the digits arrive twice as keypad facility messages and also as DTMF tones Procedure To enable DTMF dialing Mode Interface ISDN Example Enable DTMF dialing The following example shows how to enable D...

Page 334: ...terface the interface can a Signal the new call to all connected terminals although both B Channels are in use One terminal can then put its current call on hold to accept the new one putting the call...

Page 335: ...BRI ports by accepting or rejecting explicit call transfer ECT invocations An ISDN phone that is connected to a BRI port and that has two active calls can send an ECT invocation to connect the two cal...

Page 336: ...2 0 3 En et 0 Vo ice Po rts Po w er R un Vo IP Li nk 0 4 0 5 0 6 0 7 Co ns ole Vo IP Ga tewa y Ro ut er To IP In te gr at ed Ac ce ss De vice Smar tN ode 45 24 Li nk 10 0M Ac tiv ity 0 0 0 1 0 2 0 3...

Page 337: ...hanism on a SIP interface No REFER message is sent when a call is detected that is looped internally ISDN Advice of Charge support The exchange of Advice of Charge information is supported between two...

Page 338: ...llowing procedure enables the transmission of AOC message on an ISDN network interface even if Step Command Purpose 1 node ctx ip ctx name interface isdn if name Go to the ISDN interface for which you...

Page 339: ...sdn if name aoc d automatic Enables the transmission of AOC D messages even if there is not charge information from the network for all calls 4 node if isdn if name aoc e automatic Enables the transmi...

Page 340: ...warded to the peer interface Information for warded to the peer interface Information for warded to the peer interface Information for warded to the peer interface ISDN Network Interface connected to...

Page 341: ...st call 344 FXS interface configuration task list 345 Configuring a subscriber number recommended 345 Configuring an alternate PSTN profile optional 345 Configuring caller ID presentation optional 346...

Page 342: ...be a port that binds to the interface for the interface to become functional see figure 51 Figure 51 FXS interfaces on the CS context FXS supplementary services description FXS interfaces offer a set...

Page 343: ...ent call is active you will put the current call on hold then make your sec ond call Procedure To make a second call to another party while keeping the current call press flash hook which puts your cu...

Page 344: ...going call goes off hook and dials the dialed digits form the called party number But there is no calling party information available from the POTS protocol To insert calling party information and mak...

Page 345: ...port configuration on page 469 for other caller ID related settings Procedure To configure presentation of the calling party number to the analog device connected to the FXS port associated with the i...

Page 346: ...see section Configuring the precall service tables on page 329 for more information The configuration in the FXS interface is administrative this means if call waiting is disabled here the user canno...

Page 347: ...call offering The following example shows how to disable call holding node enable node configure node cfg context cs node ctx cs switch interface fxs MyFxsIf node if fxs myFxsIf no additional call off...

Page 348: ...n caller ID 353 Configuring an alternate PSTN profile optional 353 Configuring when the digits are dialed optional 354 Configuring the number of rings to wait before answering the call optional 356 Co...

Page 349: ...l process in SmartWare Recall that an interface in SmartNode products is a logical device and a port is a physical device So the FXO feature consists of the logical interface with all its processes to...

Page 350: ...ITU Call routing based on caller ID Second dial tone for two stage DTMF dialing with call routing based on DTMF numbers Creating an FXO interface Interface names can be any arbitrary string Use self e...

Page 351: ...e interface Mode Context CS Step Prompt command Purpose 5 node ctx cs switch interface fxo name The interface fxo command creates the new interface name which represents an FXO inter face This command...

Page 352: ...he command ring number Instead of specifying the number of ring bursts to wait before going off hook for calls coming in through FXO it is now also possible to go off hook upon reception of the caller...

Page 353: ...to wait Zero 0 seconds means that the interface dials immediately Step Prompt command response Purpose 1 node Basic prompt in Operator Exec mode 2 node enable Enters Administration execution mode node...

Page 354: ...re dialing enter the command again using dial tone Step Prompt command response Purpose 1 node Basic prompt in Operator Exec mode 2 node enable Enters Administration execu tion mode node Response The...

Page 355: ...ther hand numerous countries send the CLID prior to the first ring so the default setting of 1 would be satisfactory Mode Interface FXO Example Configure the ring number to wait for CLID by setting th...

Page 356: ...call to be completely cleared Note Verify that the busy and release tones are correctly configured for the country where the SmartNode is installed see chapter 34 Tone configuration on page 446 for co...

Page 357: ...led the SmartNode waits for the call connect signal from the FXS switch Mode Interface FXO Note Only disable connect signal if you are sure that the FXS switch provides a call connect signal Step Prom...

Page 358: ...is the 3 node configure Enters the Configure configuration mode node cfg Response The prompt in the Configure configuration mode is cfg 4 node cfg context cs Enters the Context CS configure mode node...

Page 359: ...rface fxo pstn local node if fxo pstn local connect signal battery reversal node if fxo pstn local ring number 2 node if fxo pstn local route call dest interface pstn 1 voip Example 2 Configuring an F...

Page 360: ...optional 364 Configuring CLIP CLIR support optional 365 Enabling early proceeding on H 323 interfaces 366 Enabling the early call disconnect optional 366 Enabling the via address support optional 367...

Page 361: ...d call When a call arrives over H 323 in the H 323 gateway The gateway looks for the best matching H 323 inter face which is bound to that gateway If there is an H 323 interface which contains the IP...

Page 362: ...instance named h323 node enable node configure node cfg context cs node ctx cs switch interface h323 MyH323If node if h323 MyH323If bind gateway h323 Configure a remote IP address If the gateway to w...

Page 363: ...onfigure node cfg context cs node ctx cs switch interface h323 MyH323If node if h323 MyH323If use profile voip myprofile Configure information transfer capability handling Optional Normally the H 323...

Page 364: ...lement in the Q 931 part of the H 323 setup message Note This functionality is not standardized and might cause interoperability prob lems if enabled Procedure To enable tunnelling of CLIP CLIR inform...

Page 365: ...following example shows how to enable early call disconnect on an H 323 interface named MyH323If node enable node configure node cfg context cs node ctx cs switch interface h323 MyH323If node if h323...

Page 366: ...dress support on an H 323 interface named MyH323If node enable node configure node cfg context cs node ctx cs switch interface h323 MyH323If node if h323 MyH323If via address support Override the defa...

Page 367: ...h do no respond to these status inquiries This causes every call to be dropped after being connected for two minutes using the default setting As a workaround for these non compliant implementations i...

Page 368: ...dvice of Charge support You can enable disable reception and transmission of AOC D messages separately on each H 323 interface When reception is enabled AOC D messages received in incoming H 323 FACIL...

Page 369: ...de if h323 if name no aoc d emit Enables or disables transmission of AOC D information in FACILITY messages received from the other side of the gateway Default Transmission is disabled When enabled th...

Page 370: ...le Optional 374 Configuring early call connect disconnect optional 375 Configuring a phone context optional 375 Mapping call control properties to SIP headers 376 Configuring ISDN Redirecting Number T...

Page 371: ...all When a call arrives over SIP in the SIP gateway The gateway looks for the best matching SIP interface which is bound to that gateway If there is a SIP interface which contains the IP address of th...

Page 372: ...ce named sip node enable node configure node cfg context cs node ctx cs switch interface sip MySipIf node if sip MySipIf bind gateway sip Configure a remote host You can define a remote host within th...

Page 373: ...VoIP profile defined in the SIP gateway is used for all the calls over that gateway However it is possible to specify an alternate VoIP profile in the SIP interface In that case the VoIP profile defi...

Page 374: ...sconnect Mode Interface SIP Example Enable early call connect and early call disconnect The following example shows how to enable early call disconnect on a SIP interface named MySipIf node enable nod...

Page 375: ...ny sipbob mysipdomain com Without the special configuration of this example these URIs would look as follows sip 41318432343 mysipdomain com user phone sip 531 mysipdomain com sipbob mysipdomain com M...

Page 376: ...and Redirecting Reason This is implemented per the IETF draft standard method according to draft jennings sip voicemail uri 05 The figure below shows a call that is redirected in the PSTN network and...

Page 377: ...the Asserted Identity header can be configured in the same way as for any other SIP header using the address translation command in the SIP interface configuration mode The privacy header is mapped t...

Page 378: ...connected ISDN interfaces react similarly to internally looped calls The push back mechanism is enabled by default for ISDN interfaces BRI ports by accepting or rejecting explicit call transfer ECT i...

Page 379: ...3 En et 0 Vo ice Po rts Po w er R un Vo IP Li nk 0 4 0 5 0 6 0 7 Co ns ole Vo IP Ga tewa y Ro ut er To IP In te gr at ed Ac ce ss De vice Smar tN ode 45 24 Li nk 10 0M Ac tiv ity 0 0 0 1 0 2 0 3 En e...

Page 380: ...mit configures if a call reaching the device over this interface and leaving the device over this interface shall be pushed back to the network i e if a call transfer request ECT or REFER shall be sen...

Page 381: ...umber routing table 398 Number type routing table 398 Numbering plan routing table 399 Name routing table 400 IP address routing table 400 URI routing table 401 Presentation Indicator Routing Table 40...

Page 382: ...reating a hunt group service 423 Creating a distribution group service 432 Distribution Group Min Concurrent setting 434 Call router limiter service 434 Priority service 435 CS Bridge service VoIP Lea...

Page 383: ...g More complex call forwarding decisions can be configured in the call router The call router is a very efficient and flexible tool for routing calls between CS interfaces Based on a set of routing cr...

Page 384: ...number calling e164 also called source Nr A Nr MSN DDI or CLIP Called party number called e164 also called destination Nr or B Nr Calling and called party number type Calling and called party number...

Page 385: ...s and factors that may influence the call router configuration Some examples are On net off net call routing ISDN service routing Carrier selection Service quality Fallback strategies Network and gate...

Page 386: ...e Context CS Configure general call router behavior Configure address completion timeout A call that is routed through a called party number routing table possibly has a called party number that is to...

Page 387: ...is the pound character by default Note The digit completion timeout is active when the call router waits for optional digits of a called party number before placing the call to the selected destinati...

Page 388: ...possibility to expand these numbers before entering the first call router table Note The configured prefix is not removed at the exit of the call router i e when a destination interface is found but...

Page 389: ...g table A routing table forwards the call to another table interface or service based on a specific call property like the called party number or the current date The call router provides a number of...

Page 390: ...umber Route calls based on the calling party number type ISDN distinguishes different type of numbers called numbering plan Route calls based on the called party numbering plan ISDN distinguishes diff...

Page 391: ...at least four additional digits matches this entry In addition to the period there are several other symbols that can be used as wildcard characters in the key These symbols provide additional flexibi...

Page 392: ...ange of numbers between 99 and 102 using 99 102 Indicates a pattern For example 888 2525 It is used in conjunction with the symbol or or when replacing a number in a mapping table Indicates that the p...

Page 393: ...llowing example shows how the T indicator is set to allow variable length numbers node cfg context cs node ctx cs switch routing table called e164 collect node rt tab collect route 0041T dest interfac...

Page 394: ...igit collection Consider the following examples routing table called e164 TAB PREFIX route 099 dest interface IF OUT routing table called e164 TAB COMPLETE route 099 dest interface IF OUT routing tabl...

Page 395: ...t tab DIST route 001T dest interface USVOIP node rt tab DIST route default dest interface PSTN Example Digit collection of any number If you want to route calls from interface A directly to interface...

Page 396: ...nal mandatory digits or drops the call after 12 seconds address completion timeout 2 5 No entry matches so the default entry is selected the call is placed immediately 11 No entry is selected Though t...

Page 397: ...any digit appearing zero or more times followed by 52 and a 3 or 5 matches the entry For exam ple the following calling party numbers match the first entry 0998882523 or 0998882525 or simply 523 or 5...

Page 398: ...e digits network specific Network specific number used to indicate administration or service number specific to the serving network e g used to access an operator subscriber Subscriber number the numb...

Page 399: ...isdn telephony dest table TAB INCOMING ISDN node rt tab NP route data dest table TAB INCOMING DATA node rt tab NP route default dest table TAB INCOMING UNKNOWN Name routing table The calling display...

Page 400: ...ming calls is not set unless modified by a previous mapping table in the routing path You can use regular expressions to specify the parts of an URI that must match in order to route the call to a spe...

Page 401: ...ty string as it is shown in the example below Example Presentation indicator routing table This example uses a pseudo routing table that just forwards all calls to the interface IF OUT but first execu...

Page 402: ...mber that was not accepted by the network user failed we drop the call Else we route the call to the interface IF OUT but first execute the mapping table NO CNPN This mapping table again examines the...

Page 403: ...cfg context cs node ctx cs switch routing table itc ITC node rt tab ITC route unrestricted digital dest interface IF ACCESS node rt tab ITC route 7k audio dest interface IF LOCAL BREAKOUT node rt tab...

Page 404: ...ding to the day of the week The days are defined by the long lowercase names monday tuesday wednesday thursday friday saturday and sunday To configure weekday routing table entries use the following c...

Page 405: ...F1 route 11 dest interface IF2 route 12 dest interface IF3 route default dest interface IF4 To remove the first two entries from the table enter the following commands node cfg context cs node ctx cs...

Page 406: ...a call property pair characterizes a mapping table the input and output type While the input type defines which call property is examined by the call router the output type defines which property is m...

Page 407: ...rs to use parts of the lookup key e164 If the output type is also a generic kind of property this mapping table is applied to both this calling e164 and the called e164 property If the input type is a...

Page 408: ...and the called name If the input type is also a generic kind of property this mapping table is applied to both the calling name and the called name property called ip Selects an entry based on the re...

Page 409: ...tring Example 3 This example shows a mapping table that selects the best matching entry based on the called party number and once found changes the same property the called party number This is a very...

Page 410: ...ntext CS Example Called and calling party manipulation mapping table node cfg context cs node ctx cs switch mapping table e164 to uri SETURI node rt tab SETURI map 100 to sip john smith nil net node r...

Page 411: ...ted This means setting the calling party number to 09988825 1 The last part of the value a backslash followed by a single digit number is a placeholder and means that the first pattern expression in b...

Page 412: ...ling party number when restricted Input calling e164 0998882525 calling pi restricted Output calling e164 calling pi restricted node cfg context cs node ctx cs switch mapping table calling pi to calli...

Page 413: ...SIP calls from the called party number of an incoming call The following example shows how to set the called party name based on the called party number Mode Context CS Other mapping tables Example M...

Page 414: ...e rt tab TRANS map 554 to 254 node rt tab TRANS map 555 to 255 node rt tab TRANS map 556 to 256 node rt tab TRANS map 557 to 257 node rt tab TRANS map 558 to 258 node rt tab TRANS map 559 to 259 Note...

Page 415: ...e164 MY TABLE map 12 to 22 map 13 to 23 Procedure To delete an entire mapping table Mode Context CS Example Remove an entire mapping table node cfg context cs node ctx cs switch no mapping table MY TA...

Page 416: ...omplex function MY FUNC execute 1 MAP1 execute 2 MAP2 execute 3 MAP3 execute 4 MAP4 Step Command Purpose 1 node ctx cs switch complex function function name Create a complex function function name 2 n...

Page 417: ...s transparently address complete indications or to explicitly insert or remove it for incoming and outgoing calls In addition the behavior of the call router can be configured Some call signaling prot...

Page 418: ...ut elapses Filtering out the terminating character and optionally set the address complete indication Setting the address complete indication when a called party number matches a fully specified call...

Page 419: ...ddress complete indication The extensions configure what action s shall be performed when the digit collection timeout is stopped by the reception of a terminating character Normally without specifyin...

Page 420: ...he terminating character while the set address complete indication action sets the address complete indication Whether or not the egress interface propagates the address complete indication depends on...

Page 421: ...r sion types and the default setting for each interface type The following procedure demonstrates how to disable overlap sending for incoming SIP calls SIP does not provide an overlap dialing procedur...

Page 422: ...ion is not reachable another destination is tried until one of the con figured destinations accept the call Creating a hunt group service A hunt group service hunts an incoming call to multiple interf...

Page 423: ...BRI1 which in turn also drops the call due to unavailable resources In our example the hunt group then tries the third and eventually the fourth destination When an interface accepts a call the interf...

Page 424: ...d destination Note When you use the hunt group for a fallback scenario you must switch off cyclic operation mode 3 node svc hunt service name timeout timeout Configures a timeout in seconds after whic...

Page 425: ...ause the transit network does not exist or because that particular network while it does exist does not serve the equipment that is sending this cause no route to destination Drop original call The ca...

Page 426: ...ates that the equipment send ing this cause does not wish to accept this call although it could have accepted the call because the equipment sending this cause is neither busy nor incompatible number...

Page 427: ...rloaded access info discarded Hunt for next desti nation The network cannot provide the requested access information This cause indicates that the network could not deliver access information to the r...

Page 428: ...riginal call The network cannot provide unrestricted digital information bearer capability This cause indicates that a device has requested an unrestricted bearer service but the equipment sending thi...

Page 429: ...nsit network Drop original call This cause indicates that a transit network identification of an incorrect format was received invalid message Drop original call Received an invalid message with no st...

Page 430: ...not exist Drop original call The remote equipment receives a message that includes information elements or call properties that are not recognized invalid ie contents Drop original call The remote eq...

Page 431: ...ally one of the phones e g PHONE10 goes off hook The other three calls to interfaces PHONE11 PHONE12 and PHONE13 are immediately dropped and the phones on these interfaces stop ringing Now the distrib...

Page 432: ...nt Configures how many destinations shall be called at the same time If you also configure a timeout the first call is cleared and an additional call is made after that timeout Thus only the specified...

Page 433: ...lowing commands node svc hunt service name min concurrent 1 node svc hunt service name max concurrent 2 node svc hunt service name timeout 3 node svc hunt service name route call dest interface PHONE1...

Page 434: ...n the limiter port configuration mode There is no limitation on the number of ports a limiter can have You can create as many as you need for your application Priority service The service priority can...

Page 435: ...g destination for calls received on this port 4 Optional node port port name service priority Define the priority for calls received through this port The default priority level is 0 5 node port port...

Page 436: ...network Clearly the FXO port at a location must connect to an FXS port But since the network between the two sites is IP there needs to be a mapping of the information on the FXS FXO link to a method...

Page 437: ...es However if the listener port loses its connection that is its call the dialer port does not disconnect its RTP call but remains connected to the other SmartNode s dialer port Similarly if the local...

Page 438: ...e deletes a bridge service 2 name svc bridg BRIDGE1 port DIALER Creates a port on the service that can accept or spawn calls the max number of ports is currently limited to two 3 name port DIALER dial...

Page 439: ...e you must explicitly enter the no shutdown command to activate the call router Step Command Purpose 1 node ctx cs switch no service service name Delete the service service name Note You do not have t...

Page 440: ...rt tab TEST route default dest interface IF5 node rt tab TEST exit node ctx cs switch no shutdown node ctx cs switch debug call router detail 5 node ctx cs switch test call router TEST called e164 123...

Page 441: ...ider the following Enterprise Network Figure 68 Call routing example network Note The SmartNodes in this Network may be owned and operated by the Com pany or by a Service Provider The goal of this sce...

Page 442: ...on the local breakout 5 Route local calls to the local breakout 6 Route national calls to carrier Orange 7 Route mobile calls to carrier Apple 8 Calls from the PSTN nodes B and C are forwarded directl...

Page 443: ...l to create the configuration offline and download it using TFTP Note In the following lines the prompt is omitted as in a configuration file and for better readability Call Router Config File context...

Page 444: ...dd prefix 1066 mapping table called e164 to called e164 MAP CAC ORANGE map to 1066 1 Number manipulation CLI MELON Truncate CLI to last 2 digits and add 08004455 prefix in front mapping table calling...

Page 445: ...ext cs node ctx cs switch no shutdown 02 14 30 CR Updating tables in 3 seconds 02 14 33 CR switch Reloading tables now 02 14 33 CR switch Flushing all tables 02 14 33 CR switch Loading table TAB ISDN...

Page 446: ...ents Introduction 447 Tone set profiles 447 MGCP Events 448 Tone configuration task list 448 Configuring call progress tone profiles 449 Configure tone set profiles 449 Enable tone set profile 450 Sho...

Page 447: ...one you hear when you try to reach a remote extension but it is busy Confirmation tone Tone you hear when you enable a supplementary service and the system has accepted and activated it for future use...

Page 448: ...th your country MGCP Events MGCP uses events to request tone playback on the gateway There are several dozens of events The MGCP gateway provides a mapping of the MGCP events to configured call progre...

Page 449: ...gian no play 1000 Tones and pauses can be arbitrarily sequenced up to a number of 10 elements per call progress tone The default call progress tone is an empty tone The total number of different play...

Page 450: ...point doesn t notifies availability of inband infor mation and the PSTN endpoint is NOT of type ISDN USER or FXO If availability of inband information will be notified by one endpoint the bearer chann...

Page 451: ...Show call progress tone profile The following example shows how to display the call progress tone profiles node show profile call progress tone belgianSpec Profiles belgianSpec Play 330ms 950Hz at 4dB...

Page 452: ...K and apply it to the isdn interface bri0 Create the call progress tone profiles node cfg profile call progress tone dial UK node pf callp dial UK play 5000 350 0 440 0 node pf callp dial UK profile c...

Page 453: ...Tone configuration task list 453 SmartWare Software Configuration Guide 34 Tone configuration node ctx cs switch interface isdn bri0 node if isdn bri0 use profile tone set UK...

Page 454: ...on Concept 458 ISDN Layering 458 Configuration example 459 Description 459 ISDN port configuration task list 460 Shutdown and enable ISDN ports 460 Configure BRI port parameters Layer 1 460 Configure...

Page 455: ...and one synchronization timeslot on a standard E1 G 704 physical layer PRI ports are also called S2m ports The related PSTN access service is also called Primary Rate Access PRA ISDN reference points...

Page 456: ...opean countries the U interface is not accessible to the subscriber the operator always provides the NT1 In the US and some other countries the NT1 can be integrated into the NT2 i e the PBX is connec...

Page 457: ...d in the CS context This reference clock source can be internal or it can be derived from one of the ISDN ports If the clock reference is not configured in accordance with the network environment cloc...

Page 458: ...al results of the attached devices It also handles the assignment of the B channels Parameters network user side protocol i e DSS1 maximum number of channels Figure 74 ISDN layering model The layered...

Page 459: ...ace isdn01 switch 13 port bri 0 1 14 no shutdown Description 1 Enter configuration mode for port bri 0 1 2 Clock mode is automatically determined by layer 2 UNI side settings 3 Use q921 as layer 2 pro...

Page 460: ...how to enter the configuration mode for BRI port 0 0 disable and activate the port 172 16 40 71 enable 172 16 40 71 configure 172 16 40 71 cfg port bri 0 0 172 16 40 71 prt bri 0 0 shutdown If requir...

Page 461: ...ine or accept the clock from the line The options master or slave determine the clocking method Master Generates clock Slave Accepts clock If the clock mode is not specified or set to auto the setting...

Page 462: ...s master or slave determine the clocking method Master Generates clock Slave Accepts clock If the clock mode is not specified or set to auto the setting is derived from the next higher layer In case o...

Page 463: ...o an ISDN S Bus In some cases small PBXs are also connected to the public ISDN in point to multipoint mode Point to point is typically used to connect PBXs to a public or private ISDN PRI ports always...

Page 464: ...martWare ISDN ports support Euro ISDN E DSS1 Q SIG PSS1 and National ISDN NI2 signaling The layer 3 signaling must correspond to the connected ISDN equipment or network 2 node q931 slot port signallin...

Page 465: ...fined Default all 30 T1 23 time slots are avail able for use The no form of the command restores the default settings 6 node q931 slot port bchan number order ascending or node q931 slot port bchan nu...

Page 466: ...of Ports 4 Hardware Type BRI Emergency Mode off Clock Source Port 0 Statistics Leased buffers 25 Max leased buffers 37 Next Call Key 0 Proxy Port BRI 0 3 1 Admin State Open Real State Open Operating L...

Page 467: ...lock slave on uni network interface The following example shows how to configure both ports of a SmartNode 1400 with network signaling but receive the clock via port 0 from the peer The peer must be c...

Page 468: ...71 q931 1 0 signalling rule etsi 172 16 40 71 q931 1 0 max channels 8 172 16 40 71 q931 0 0 exit 172 16 40 71 q921 0 0 exit 172 16 40 71 prt e1 0 0 no shutdown Example PRI Configure PRI port 1 0 as c...

Page 469: ...configuration Chapter contents Introduction 470 Shutdown and enable FXS ports 470 Bind FXS ports to higher layer applications 471 Configure country specific FXS port parameters 471 Other FXS port par...

Page 470: ...wide and will do so in the future These analog devices be they phones facsimile machines and the like represent a large investment and it is desirable to have the technical means to hook such devices...

Page 471: ...er for your country is available as a profile before you begin operation Procedure Configure country specific FXS parameters Mode Port FXS Step Command Purpose 1 node config port fxs slot port Enter c...

Page 472: ...duration in ms Default busy tone 4 optional node prt fxs slot port caller id for mat bell etsi Specifies which line protocol is used for caller id transmission Use bell for US Canada etsi for Europe...

Page 473: ...1 cfg port fxs 0 0 172 16 40 71 prt fxs 0 0 use profile fxs us 172 16 40 71 prt fxs 0 0 caller id format bell 172 16 40 71 prt fxs 0 0 flash hook duration 350 172 16 40 71 prt fxs 0 0 encapsulation cc...

Page 474: ...O port configuration Chapter contents Introduction 475 Shutdown and enable FXO ports 475 Bind FXO ports to higher layer applications 475 Configure country specific FXO port parameters 476 Other FXO po...

Page 475: ...also can be configured when they are active But keep in mind that configuration of an active port temporarily disables the port for a short time some milliseconds Mode Configure Bind FXO ports to hig...

Page 476: ...Configure country specific FXO parameters Mode Port FXO Other FXO port parameters This section describes the commands available for the configuration of an FXO port Procedure Configure the FXO port pa...

Page 477: ...d for mat bell etsi Specifies which line protocol is used for caller id transmission Use bell for US Canada etsi for Europe If caller id is not enabled or wrong configured detection of caller id is no...

Page 478: ...481 Configure H 235 Security optional 482 H 235 configuration 483 Advanced configuration options optional 486 Enabling H 245 Tunneling 486 Enabling the fastconnect procedure 487 Enabling the early H 2...

Page 479: ...and is an implementation of the ITU T H 323 Version 4 standard The H 323 gateway has bindings to interfaces on the two different contexts The CS Context has H 323 CS interfaces and the IP context has...

Page 480: ...eway to an IP interface Binding the gateway to one of the available IP interfaces is required to allow the gateway to determine the local IP address it should use The gateway needs to know the local I...

Page 481: ...re names E 164 numbers or gatekeeper prefixes which can be specified using this procedure too Furthermore the gatekeeper discovery method must be specified as automatic or manual Normally the remote I...

Page 482: ...escribes enhancements within the framework of the H 3xx Series Recommendations to incorporate security services such as Authentication and Privacy data encryption Step Command Purpose 1 node gw h323 h...

Page 483: ...ord must be a random alphanumeric character string of 1 through 12 characters e g 12ygR34230kG The master password must be a 32 digit hex number characters 0 9 a f To achieve best encryption security...

Page 484: ...The password to be entered is the output of the tool getcryptopassword exe Configures the password used for crypto hashed token calculation The password is entered in clear text min 1 max 12 alpha nu...

Page 485: ...int rx response no h235 security ras auth int rx reject h235 security ras auth int tx request h235 security ras auth int tx response no h235 security ras auth int tx reject The command show h235 secur...

Page 486: ...23 h235security time window 100 172 16 224 102 gw h323 h323 h235security version v2 172 16 224 102 gw h323 h323 h235security ras auth int tx 172 16 224 102 gw h323 h323 h235security ras auth int rx 17...

Page 487: ...323 h323 faststart Enabling the early H 245 procedure If the early H 245 procedure is enabled the H 245 connection is opened as soon as possible instead of waiting for the call signaling connect messa...

Page 488: ...already defined H 323 Gateway node cfg gateway h323 h323 node gw h323 h323 timeout response 6 Setting the connect timeout Per default the H 323 gateway waits for 60s when the call is in the alerting...

Page 489: ...3 h323 node gw h323 h323 terminal type gateway Troubleshooting You can display basic status information of the H 323 gateway using the following command Mode Configure Example Display H 323 gateway st...

Page 490: ...ng table Command to enable the monitor Output of the monitor node cfg debug gateway h323 error Logs all errors detected within the H 323 gateway node cfg debug gateway h323 tpktchan Logs all H 225 cal...

Page 491: ...on of the NAT IP address for SIP 497 SIP Remote Party ID 497 Enable the session timer optional 498 Advanced configuration options optional 498 Changing the listening port for inbound call signaling 49...

Page 492: ...es SIP CS interfaces which are explained in detail in the chapter about SIP Interface Con figuration The SIP interfaces in the CS context must be explicitly bound to a SIP gateway The SIP gateway itse...

Page 493: ...chapter of this configuration guide Binding the gateway to an IP interface Binding the gateway to one of the available IP interfaces is required to allow the gateway to determine the local IP address...

Page 494: ...hone numbers or usernames associated with these terminals with a registrar Procedure To register users with a SIP registrar Mode Gateway SIP Step Command Purpose 1 node gw sip sip no shutdown Enable t...

Page 495: ...omain name Mode Gateway SIP Example Defining the name of the SIP domain The following example shows how to define the SIP domain name node cfg gateway sip sip node gw sip sip domain mycompany com Conf...

Page 496: ...me username as the local SIP URI of the SIP session If there is no set of credentials which contains the username found in the local SIP URI the gateway will use the set of credentials for the challen...

Page 497: ...software releases but the IP address had to be specified explicitly there Note This is not a general solution for all SIP nat traversal problems It only works in some specific scenarios The complete...

Page 498: ...P listening port for inbound call signaling connections is per default 5060 as defined in the SIP standard The following procedure describes how to change the port number Mode Gateway SIP Example Defi...

Page 499: ...nt SIP equipment the gateway supports two different versions of the draft standards available for the call transfer feature You can configure which version of the draft standards should be used The fo...

Page 500: ...e IP addresses but not the port numbers it is possible to get SIP working through the NAT by configuring the global IP address of the NAT router as the contact address in the SIP gateway The following...

Page 501: ...as soon as a single transaction with that server fails Mode gateway sip sip Disabling SIP transport protocols The following command disables one of the SIP gateways transport protocols Some SIP serve...

Page 502: ...te Up User Agent 0xb69ef0 Local Address 172 16 32 19 5060 Allocated Endpoints 0 Allocated Sessions 0 Allocated Audio Datapath Controllers 0 The SIP gateway also provides several debugging monitors to...

Page 503: ...contact address default server domain nat traversal new session after redirect registrar registration lifetime session timer session timer version use profile sip There is now also a new command real...

Page 504: ...ication of calls which are originated by that user The new syntax of the user command is as follows Mode gateway sip service The following procedure guides through the steps required to configure a SI...

Page 505: ...ce you want to use 6 name gw svc svc name context cs Change to the context cs mode 7 name ctx cs switch interface sip if name Create a SIP interface for your service 8 name if sip if name bind gateway...

Page 506: ...payload types 512 Configuring RTP payload type for Cisco NSE 512 Configuring Cisco NSE for Fax 513 Configuring the dejitter buffer advanced 513 Enabling disabling filters advanced 516 Configuring Fax...

Page 507: ...gurable Codecs and codec parameters such as silence suppression RTP payload type and audio filters DTMF relay Dejitter buffer Fax transmission Modem transmission Figure 78 VoIP profile association VoI...

Page 508: ...you can configure VoIP components Note The VoIP profile named default always exists in the system It is used by all interface components if there is no other VoIP profile available If VoIP parameters...

Page 509: ...the tab key after entering a few letters of a configuration com mand the full command name will display or a listing of commands that begin with those letters will display Press the enter key to selec...

Page 510: ...lows silence suppression to be used with this codec If the codec g729 already existed in the list its parameters are updated with the entered values The following codecs are available g711alaw64k g711...

Page 511: ...ed Mode VoIP name Configuring DTMF relay Dual tone multi frequency DTMF tones are usually transported accurately in band when using high bit rate voice codecs such as G 711 Low bit rate codecs such as...

Page 512: ...fined in RFC 2833 Various telephony signaling events use tones for example DTMF NSEs and NTEs communicate these tones for representing signaling events not by the presence of tones but by sending a bi...

Page 513: ...E standard which uses RFC2833 events for modem transmission over a VoIP SIP or H 323 network Upon detecting a modem transmission the called peer issues NSE Event 192 NSE Event 192 indicates a Voice Ba...

Page 514: ...ect of smoothing packet flow and increasing the resiliency of the codec to packet loss delayed packets and other transmission effects The negative side of dejitter buffering is that it can add signifi...

Page 515: ...modem transmission without using the T 38 or fax bypass features described later in this chapter Figure 81 Adaptive versus static dejitter buffer Procedure Configure the dejitter buffer In the adaptiv...

Page 516: ...g This procedure describes how to disable post filtering and high pass filtering Mode Profile VoIP Example Disable filters The following example shows how to disable the decoder output post filter and...

Page 517: ...data Compressing and decompressing always incurs a loss of data SmartWare provides two solutions for fax transmission problems Fax bypass When a fax transmission is detected by the SmartNode it automa...

Page 518: ...ed list of fax transmission modes the most preferred fax transmission mode is the first one in the list Procedure Configure fax bypass RTP Stream Node Node Node Node Node Node Node Node generated tone...

Page 519: ...ecessary to increase this value maximum 400ms Step Command Purpose 1 node pf voip name fax transmis sion relay t38 udp Adds fax relay transmission with T 38 protocol over UDP to the list of fax transm...

Page 520: ...8 5 3 5 Default 9 5dB 5 optional node pf voip name fax max bit rate 2400 4800 7200 9600 12000 14400 Sets maximum allowed bit rate for fax relay Default 14400 Bit sec 6 optional node pf voip name fax d...

Page 521: ...indicates the data stream is via a voice band and it forces the calling peer to do two things deactivate voice activity detec tion and reconfigure the de jitter buffer for data reception The option ns...

Page 522: ...SmartWare also supports the Cisco NSE standard which uses RFC2833 events for modem transmission over a VoIP SIP or H 323 network Upon detecting a modem transmission the called peer issues NSE Event 1...

Page 523: ...over IP settings as needed based on the previous description First we create the VoIP profile with the needed configurations 1 node enable 2 node configure 3 node cfg profile voip Wire128kbit 4 node p...

Page 524: ...y enabled Mute Encoder enabled RTP Payload Type NTE 101 Description 3 Create VoIP profile and give it a name All settings have default values 4 5 Remove the default codecs G 711alaw and G 711uLaw 6 Ad...

Page 525: ...node pf voip g729_Fa fax max bit rate 9600 10 node pf voip g729_Fa show profile voip g729_FaxRelay VoIP Profile g729_FaxRelay Used by 0 module s Codecs G 729A rxlen 20 txlen 20 ss T 38 UDP Fax Transm...

Page 526: ...maximum bit rate the fax devices can communicate with each other to 9600 kbps 10 Show the configured profile Soft phone client gateway A soft phone client can only use G 711uLaw or G 723 codes neither...

Page 527: ...Speed Redundant Packets 0 Max Bit Rate 14400bps Volume 9 500dB Error Correction enabled HDLC enabled Dejitter Max Delay 200ms Modem Max Bit Rate 14400 Volume 9 500dB HDLC enabled DTMF Relay disabled...

Page 528: ...Chapter 41 PSTN profile configuration Chapter contents Introduction 529 PSTN profile configuration task list 529 Creating a PSTN profile 529 Configuring the echo canceller 530 Configuring output gain...

Page 529: ...nts that can be configured through the PSTN profile Creating a PSTN profile Configuring the echo canceller see page 530 Configuring output gain see page 530 If a PSTN profile is modified the saved mod...

Page 530: ...iguring output gain The output gain determines the voice output volume gain towards PSTN ports as shown in figure 87 Figure 87 Applying output gain Procedure Configure voice output gain Step Command P...

Page 531: ...le configuration task list 531 SmartWare Software Configuration Guide 41 PSTN profile configuration Mode Profile PSTN Step Command Purpose 1 node pf pstn name output gain gain Set the output gain to v...

Page 532: ...n outgoing call 537 Verify ISDN layer 1 2 3 status 539 Debugging FXS Signaling 540 Verify an incoming call 540 Verify an outgoing call 541 Debugging H 323 Signaling 542 Verify an incoming call 542 Ver...

Page 533: ...the link layer and check IP connectivity before working on application problems Work from the core to the edge Problems always show up end to end the phone does not ring or the browser cannot find the...

Page 534: ...connectivity This procedure describes how to use the ping command to test IP connectivity It verifies that your SmartNode can communicate with such hosts as a gatekeeper and IP phone a registrar and o...

Page 535: ...your unit debug the source signaling protocol depending on where the call comes from 3 Make sure that the call leaves correctly the context CS of your unit debug the destination signaling proto col de...

Page 536: ...ULL Event TERMINAL SETUP IND 18 34 10 ICC TERMINAL 00b73348 Set state to OVERLAP SENDING unit debug ccisdn error Prints all errors occurring in ISDN call control and ISDN datapath control Always switc...

Page 537: ...e chapter 35 ISDN port configuration on page 454 and the debug isdn events commands see below The SETUP message contains different elements among others the calling party number 60 and the called part...

Page 538: ...t state to DISCONNECT INDICATION 22 03 14 ICC PSTN 00b70a20 DISCONNECT DSS1 User Cause normal call clearing private network serving local user CCITT Q 931 Progress indicator inband information availab...

Page 539: ...com mand line unit cfg call 123456 drop The interface then sends a DISCONNECT message to the line and the PSTN answers with a RELEASE COMPLETE Verify ISDN layer 1 2 3 status ISDN layer 1 can be verif...

Page 540: ...ate to DIAL TONE 09 00 11 CFXS EP PHONE Change datapath direction to receive only 09 00 11 CFXS EP PHONE Play tone dial tone 09 00 11 FXS FXS 00 01 state filtering events event timeout 09 00 11 FXS FX...

Page 541: ...signaling of an outgoing call is to use the built in call generator You can place a call to any called party and verify that the connected phone is ringing unit enable unit configure unit cfg debug c...

Page 542: ...bug output below shows a normal work ing call setup sequence unit enable unit configure unit cfg debug gateway h323 error unit cfg debug gateway h323 signaling unit debug gateway h323 ras unit cfg sho...

Page 543: ...MINAL TRYING 00 29 03 H323 EP h323 00c13dc0 State TERMINAL TRYING Call Event PEER CON NECTED 00 29 03 H323 EP h323 00c13dc0 State TERMINAL TRYING Call Event PROGRESS 00 29 03 HRAS Stack Received Admis...

Page 544: ...erties In the present case the called party number is 60 00 29 03 HRAS Stack Received Admission Confirm says that the gatekeeper allowed us to accept the call Continue debugging call routing if the ca...

Page 545: ...ALERTING Call Event TERMINAL CONNECTED 01 00 14 H323 EP h323 00c07230 Set state to CONNECTED 01 00 14 H323 EP h323 00c07230 Stack Send STATUS INQUIRY 01 00 14 H323 EP h323 00c07230 Stack Opening the...

Page 546: ...to 5 more ver bose message content is printed unit debug gateway sip error General purpose error monitor of SIP Always enable this when debugging SIP unit debug gateway sip registration Prints all ac...

Page 547: ...ft to the SIP network 18 59 07 SIP_TR Received SIP 2 0 100 Trying indicate that responses are received from the SIP network This means that IP connectivity is OK and the remote gateway can be reached...

Page 548: ...TERMINAL 00df2760 Set state to ACTIVE 19 17 44 ICC TERMINAL 00df2760 CONNECT ACKNOWLEDGEMENT DSS1 Ntwk unit cfg unit cfg call 55 drop unit cfg 19 19 29 ICC TERMINAL 00df2760 State ACTIVE Event PEER RE...

Page 549: ...and port SSRC During operation displays periodically updated statistics containing the number of sent and received packets the number of lost packets Usage To verify that RTP packets are sent received...

Page 550: ...red for T 38 relay in the voip profile The call is established from a sig naling point of view see section Debugging voice data on page 549 Attention Special signaling procedures are used for the tran...

Page 551: ...ible configuration problems In the unlikely case of a suspected hardware problem also submit the serial number of your unit s and or interface cards Event logs Add the system event logs which you can...

Page 552: ...In certain cases it may be helpful to have a trace of the traffic on the IP network in order to inspect packet contents Please use one of the following tools supporting trace file formats which our t...

Page 553: ...553 Appendix A Terms and definitions Chapter contents Introduction 554 SmartWare architecture terms and definitions 554...

Page 554: ...t The bootloader is installed in the factory and is in general never upgraded Bootloader Image The binary code of the Bootloader stored in the persistent memory flash of a SmartNode Bootstrap The star...

Page 555: ...to the local ISDN equip ment e g telephone a variable delay is converted into a fixed delay giv ing voice a better quality See also Jitter Digit Collection Some devices PBX ISDN network remote gateway...

Page 556: ...oice coder input See also post filter Host Computer system on a network Similar to node except that host usually implies a PC or workstation whereas node generally applies to any net worked system inc...

Page 557: ...presents a physical connector on the SmartNode Port Address A port address can be assigned to a CS interface to realize a virtual voice tunnel between two nodes Post Filter The voice decoder output is...

Page 558: ...ve term for application images and interface card driver soft ware excluding configuration files System Memory The volatile memory that includes the system region holding the running config for the Sm...

Page 559: ...559 Appendix B Mode summary Chapter contents Introduction 560...

Page 560: ...mmand prompt Indicates that there could be more than one instance of this component Context IP context ip router host ctx ip name IP Interface interface name host if ip name DYNDNS host dyndns Service...

Page 561: ...port PPPoE Session session session host session session Gateway H323 gateway h323 name Port ISDN port isdn slot port host prt isdn slot port Gateway H323 Q 921 host q921 slot port Gateway H323 gatewa...

Page 562: ...manual name host pf ipsma name Gateway H323 Profile IPSEC Transform host pf ipstr name Profile NAPT profile napt name host pf napt name Gateway H323 gateway h323 name Profile PPP profile ppp name hos...

Page 563: ...563 Appendix C Command summary Chapter contents Introduction 565 New Configuration Commands 566 Other 566 Show help 566 Show command history 566 Restart system 566...

Page 564: ...ibed as follows Arguments where you must supply the value are surrounded by angle brackets Optional arguments within commands are shown in square brackets Alternative parameters within commands are se...

Page 565: ...iguration Guide You may download the release notes at www pat ton com support Current Revision Document Number 13211U8 001 Rev D Part Number 07MSWR320_SCG Revised July 17 2006 Other Show help Show com...

Page 566: ...566 Appendix D Internetworking terms acronyms Chapter contents Abbreviations 568...

Page 567: ...de CBR Constant Bit Rate CD ROM Compact Disc Read Only Memory CDR Call Detail Record CFP Call Forwarding Procedure CLEC Competitive Local Exchange Carriers CLI Command Line Interface CLIP Calling Line...

Page 568: ...P HyperText Transport Protocol HW Hardware I IAD Integrated Access Device ICMP Internet Control Message Protocol ILEC Incumbent Local Exchange Carriers IP Internet Protocol ISDN Integrated Services Di...

Page 569: ...pen Software Foundation OSPF Open Shortest Path First P PBR Policy Based Routing principles PBX Private Branch Exchange PC Personal Computer PMC Production Technology Management Commit tee POP Point o...

Page 570: ...otocol SME Small and Medium Enterprises SNMP Simple Network Management Protocol SOHO Small Office Home Office SONET Synchronous Optical Network SS7 Signaling System No 7 STM SDH Transmission at 155 Mb...

Page 571: ...571 Appendix E Used IP ports available voice codecs Chapter contents Used IP ports 573 Available voice codecs 574...

Page 572: ...19 odd numbers Voice statistics RTCP SIP UDP 5060 Call signaling port for SIP configurable TCP 5060 Call signaling port for SIP configurable UDP 4864 5118 even numbers Voice data RTP UDP 4865 5119 odd...

Page 573: ...est voice qual ity American audio digitizing G 723 1 6 3 30 17 Good voice quality at lowest bandwidth like analog phone acceptable delay G 729 G 729a 8 10 40 Best relationship between voice quality an...

Reviews:

No comments

Related manuals for SmartWare R.3.20

Brand: Acer Pages: 4

Wide Format 6030

Brand: Xerox Pages: 8

Work.Group/Windows 3

Brand: Amanda Pages: 106

Brand: Omron Pages: 4

NI Spectral Measurements Toolkit

Brand: National Instruments Pages: 35

Brand: Fortinet Pages: 4

ANTI-VIRUS LINUX CLIENT SECURITY -

Brand: F-SECURE Pages: 208

Secure Perfect 6.1.1

Brand: GE Pages: 269

Brand: Pioneer Pages: 11

Brand: Avaya Pages: 48

CONTRIBUTE 3 - DEPLOYING AND PUBLISHING SERVER

Brand: MACROMEDIA Pages: 38

BoilerNet Interface Controller II

Brand: IBC Pages: 52

ANTI-VIRUS 5.0 - FOR NOVELL NETWARE

Brand: KAPERSKY Pages: 123

VIAVOICE 10-PRO USB EDITION

Brand: IBM Pages: 160

DEEP FREEZE ENTERPRISE

Brand: FARONICS Pages: 104

AltiWare ACC 5.1

Brand: Altigen Pages: 383

AltiWare ACC 5.2

Brand: Altigen Pages: 399

Digital Video Software (Macintosh) Ver.11

Brand: Canon Pages: 56

Brands by name

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Popular brands

Load more brands