Archive for March, 2009

Cisco 2800 ISR configuration for SIP voice with NAT and Firewall

Posted in Network Security, Unified Communications on March 30th, 2009 by Rolf – Be the first to comment

2800_isr

 

I had the enjoyable opportunity over the last few weeks to jump in and do a basic Cisco voice install. It was about 110 phones, with the Cisco Unified Communications Manager Business Edition. This is a single box that includes Call Manager 6.1.3, and Unity Connection 2.1. It had to be done fast, and it had to be done right, so I stuck to mostly tried and true configurations. 

Since this was a price sensitive design, we used the 2800 router to its maximum potential. The 2800 is an amazingly flexible piece of equipment; it can be configured to do large variety of things. Sometimes known as the Integrated Services Router, or ISR, it can be set up as a router, firewall, VPN, Voice Gateway, SIP session border controller, transoder, conference bridge, and survivable remote gateway, all at the same time, on the same box! read more »

Cisco 2800 ISR Router Configuration Example for NAT and VPN

Posted in Data Networks, Network Security, Unified Communications on March 30th, 2009 by Rolf – Be the first to comment

2800_isrI recently did a somewhat complex install of a Cisco 2800 Integrated Services Router. I enabled many of the features that come standard in the Advanced IP Services IOS, and thought it would be useful to show what a relatively current configuration would look like.

What made this installation fun was the use of object groups on the 2800 router. That is a new feature in the 12.4.20T version of code that made things interesting. The router has a GUI, but of course everything was set up in command line. I learned some neat things from this install, and based on the experience, I created a clean reference config for discussion purposes. This example is for the NAT and VPN, I will leave the voice configuration for a different example. Also, I did not set up SSL VPN on this box, nor did I use the newer version of firewall – this one is based on CBAC. read more »

How to choose the right Cisco switches for your LAN

Posted in Data Networks on March 6th, 2009 by Rolf – 5 Comments

cisco_ha_campus_designIt seems like one of the major tasks that I have been doing on a daily basis for the last ten years is creating network designs for people. Since a large part of the business that my company does is put in place a complete IP phone system into organizations that have between 50 and 3000 users, me and the other design guys create a lot of designs. 

Most organizations do not upgrade their LAN to prepare for the future – most of them don’t touch the network as long as it is running properly and supporting the user’s applications. When starting the planning process for putting a secure voice system on the network, that takes the network requirements to another level.

read more »