Avaya VF 3000 Instrukcja Użytkownika

Avaya Solution & Interoperability Test Lab Avaya Hosted IP Telephony R3.0 Solution LSP Configuration with the Juniper VF 3000 SBC – Issue 1

TC; Reviewed: PV 04/24/2006 Avaya – Proprietary Use as authorized only pursuant to your signed agreement or Avaya policy. No other disclosure is perm

TC; Reviewed: PV 04/24/2006 Avaya – Proprietary Use as authorized only pursuant to your signed agreement or Avaya policy. No other disclosure is perm

5. Avaya HIPT R3.0 Environment The overview of the HIPT R3.0 solution with LSP Support is shown in Figure 5. Figure 5 – Avaya Hosted IP Telep

TC; Reviewed: PV 04/24/2006 Avaya – Proprietary Use as authorized only pursuant to your signed agreement or Avaya policy. No other disclosure is perm

TC; Reviewed: PV 04/24/2006 Avaya – Proprietary Use as authorized only pursuant to your signed agreement or Avaya policy. No other disclosure is perm

6. Avaya Hosted IP Telephony Release 3.0 LSP Configuration 6.1. PC-LAN Configuration (Private-Private) 6.1.1. Configure Avaya Communication Manag

6.1.1.2. Configure Avaya Communication Manager for LSP Support Step 1. Use the “change node-names ip” command to add the name and IP Address of the

Step 2. Use the “change ip-network-region <region number>” command to add the LSP Native IP Address to the appropriate Network Region shown in F

TC; Reviewed: PV 04/24/2006 Avaya – Proprietary Use as authorized only pursuant to your signed agreement or Avaya policy. No other disclosure is perm

Figure 10 - LSP Configuration Web Page 7. Select “This is a local survivable processor with a Blade server as the primary controller”. This option

TC; Reviewed: PV 04/24/2006 Avaya – Proprietary Use as authorized only pursuant to your signed agreement or Avaya policy. No other disclosure is perm

6.1.3. Configuring the Juniper NetScreen-25 Firewall This Section assumes that Juniper NetScreen-25 Firewall basic provisioning has been performed. R

Step 2. The following WEB Admin screen appears upon successful login as shown in Figure 12. Figure 12 Note: Virtual Router (trust-vr) has common co

Step 3. Create a Virtual Router for enterprise site A (VR-A) and Data Center (trust-vr). From the left pane click on Network Æ Routing Æ Virtual Route

Step 4. Create security zones and assign the zone to the appropriate Virtual Routers. From the left hand panel of the NetScreen-25 Firewall Web admin

Step 5. Create security zones and assign the zone to the appropriate Virtual Routers. From the left hand panel of the NetScreen-25 Firewall Web admin

Step 6. Select Network Æ Zones in the left pane to view the list of configured zones as shown in Figure 16. Additional Zones are shown that are not re

Step 7. Configure Interface with Mapped IP (MIP). The physical interface toward enterprise site A is configured using sub-interfaces. The physical int

Step 8. Configure Sub-Interface ethernet2.1 MIP for LSP to Avaya Communication Manager Static 1-to-1 NAT. From the NetScreen-25 Firewall Sub-IF screen

Step 9. Configure Interface with Mapped IP (MIP). The physical interface toward the Data Center does not use sub-interfaces. From the NetScreen-25 Fir

Step 10. Configure Sub-Interface ethernet1 MIP for Avaya Communication Manager to LSP Static 1-to-1 NAT. From the NetScreen-25 Firewall Sub-IF screen,

TC; Reviewed: PV 04/24/2006 Avaya – Proprietary Use as authorized only pursuant to your signed agreement or Avaya policy. No other disclosure is perm

Step 11. Select Network Æ Interfaces in the left pane again to view the list of configured Interfaces shown in Figure 21. Additional Interfaces are sh

Step 12: In this network environment Static routing is used. The screen capture below is a list of all routes required for end-to-end LSP connectivity

Step 13. Policies decide what traffic and protocols are permitted from one security zone to another. Policies for specific protocols and applications

Step 14. From the NetScreen-25 Firewall Web Admin screen, select Policies in the left window pane. Create a Policy for permitting traffic from Trust Z

Step 15. Select Policies in the left pane to view the list of configured policies as shown in Figure 25. Figure 25 TC; Reviewed: PV 04/24/2

6.1.4. Configure the Juniper VF 3000 SBC The following section describes how to configure the Juniper VF 3000 SBC for LSP enterprise sites. Only th

Step 2. Enter command exit Æ and then show to verify sr-policy configuration as shown in Figure 27. Figure 27 TC; Reviewed: PV 04/24/2006 Avaya –

6.2. G650/C-LAN Configuration (Private-Public-Private) 6.2.1. Configure Avaya Communication Manager The following Avaya Communication Manager pr

6.2.1.2. Configure Avaya Communication Manager for LSP Support Step 1. Use the “change node-names ip” command to add the name and IP Address of the

Step 2. Use the “change ip-network-region <region number>” command to add the LSP Native IP Address to the appropriate Network Region shown in F

data center edge and at the edge of each enterprise site. Note that the Juniper VF 3000 SBC can provide this NAT function. Figure 1 - Private-Pub

TC; Reviewed: PV 04/24/2006 Avaya – Proprietary Use as authorized only pursuant to your signed agreement or Avaya policy. No other disclosure is perm

Figure 32 - LSP Configuration Web Page 7. Select “This is a local survivable processor with a Blade server as the primary controller”. This option

6.2.3. Configuring the Juniper NetScreen-25 Firewall This Section assumes that Juniper NetScreen-25 Firewall basic provisioning has been performed.

Step 2. Create security zones and assign the zone to the appropriate Virtual Routers. From the left hand panel of the NetScreen-25 Firewall Web admin

Step 3. Select Network Æ Zones in the left pane to view the list of configured zones as shown in Figure 35 and click OK. Additional Zones are shown th

Step 4. Configure Interface with Mapped IP (MIP). The physical interface toward enterprise site B is configured using sub-interfaces. The physical int

Step 5. Configure Sub-Interface ethernet2.3 MIP for LSP to Avaya Communication Manager Static 1-to-1 NAT. From the NetScreen-25 Firewall Sub-IF screen

Step 6. Configure Sub-Interface ethernet2.3 MIP for LSP to C-LAN Static 1-to-1 NAT. From the NetScreen-25 Firewall Sub-IF screen, select MIP, and clic

Step 7. Select Network Æ Interfaces in the left pane again to view the list of configured Interfaces shown in Figure 39. Additional Interfaces are sho

Step 8. In this network environment Static routing is used. In the screen capture below is a list of all routes required for end-to-end LSP connectivi

different enterprise customer. The Juniper VF 3000 SBC in the data center can make use of this VLAN information to resolve overlapping IP address is

Step 9. Policies decide what traffic and protocols are permitted from one security zone to another. Policies for specific protocols and applications w

Step 10. From the NetScreen-25 Firewall Web Admin screen, select Policies in the left window pane. Create a Policy for permitting traffic from VRB-Unt

Step 11. From the NetScreen-25 Firewall Web Admin screen, select Policies in the left window pane. Create a Policy for permitting traffic from Trust Z

Step 12. Select Policies in the left pane to view the list of configured policies as shown in Figure 44. Figure 44 TC; Reviewed: PV 04/24/2

6.2.4. Configure the Juniper VF 3000 SBC The following section describes how to configure the Juniper VF 3000 SBC for LSP enterprise sites. Only the

Step 2. Enter command exit Æ and then show to verify sr-policy configuration as shown in Figure 46. Figure 46 TC; Reviewed:

6.2.5. Enterprise Customer Checkpoint Firewall Configuration The firewall at the enterprise sites must be configured to provide static 1-to-1 NAT fo

Step 2. From Checkpoint Smart Dashboard application, Select Network Objects, right click mouse on Networks and select New Networks. At the General tab

Step 3. Select the NAT tab, then add a static 1-to-1 NAT. The Translate to IP address is the public WAN IP address and then select HIPT-B1 from the In

Step 4. From Checkpoint Smart Dashboard application, Select Network Objects Æ Group Æ HIPT-B1_eth4. Add the static 1-to-1 NAT called “HT_B1_LSP_Static

TC; Reviewed: PV 04/24/2006 Avaya – Proprietary Use as authorized only pursuant to your signed agreement or Avaya policy. No other disclosure is perm

TC; Reviewed: PV 04/24/2006 Avaya – Proprietary Use as authorized only pursuant to your signed agreement or Avaya policy. No other disclosure is perm

TC; Reviewed: PV 04/24/2006 Avaya – Proprietary Use as authorized only pursuant to your signed agreement or Avaya policy. No other disclosure is perm

Figure 3 - Supporting LSPs in the Private-Public-Private Architecture Figure 4 shows the architecture for a corresponding solution applied to the a

Figure 4 - Supporting LSPs in the Private-Private Architecture 3. Configuration Overview This section gives a high-level overview of how to config

TC; Reviewed: PV 04/24/2006 Avaya – Proprietary Use as authorized only pursuant to your signed agreement or Avaya policy. No other disclosure is perm