Avaya VF 3000 - Manual

different enterprise customer. The Juniper VF 3000 SBC in the data center can make use of this VLAN information to resolve overlapping IP address issues 1 . The Juniper VF 3000 SBC segregates the access traffic into separate customer streams and routes the traffic to the respective Avaya Communicati...

TC; Reviewed: PV 04/24/2006 Avaya – Proprietary Use as authorized only pursuant to your signed agreement or Avaya policy. No other disclosure is permitted or authorized. 6 of 61 HT3-LSP-VF.doc architecture that may occur. This is similar to Figure 1 , except that the data center uses public IP addre...

Figure 3 - Supporting LSPs in the Private-Public-Private Architecture Figure 4 shows the architecture for a corresponding solution applied to the architecture of Figure 2 . As in Figure 3 , an extra NAT/FW device has been placed at the data center edge. This FW device must be VLAN supported in order...

Figure 4 - Supporting LSPs in the Private-Private Architecture 3. Configuration Overview This section gives a high-level overview of how to configure enterprise sites and data center networks and how to administer the Avaya Communication Manager servers and LSPs for LSP functionality to work in HIPT...

TC; Reviewed: PV 04/24/2006 Avaya – Proprietary Use as authorized only pursuant to your signed agreement or Avaya policy. No other disclosure is permitted or authorized. 9 of 61 HT3-LSP-VF.doc 3.1. Private-Public-Private Architecture In order to build components in Figure 3 use the following: Enterp...

TC; Reviewed: PV 04/24/2006 Avaya – Proprietary Use as authorized only pursuant to your signed agreement or Avaya policy. No other disclosure is permitted or authorized. 10 of 61 HT3-LSP-VF.doc Avaya Communication Manager server administration: • SA8853 Support of LSPs Behind NAT Green feature must ...

TC; Reviewed: PV 04/24/2006 Avaya – Proprietary Use as authorized only pursuant to your signed agreement or Avaya policy. No other disclosure is permitted or authorized. 11 of 61 HT3-LSP-VF.doc 4. Equipment and Software Validated This application note details one way to set up the LSP solution. The ...

5. Avaya HIPT R3.0 Environment The overview of the HIPT R3.0 solution with LSP Support is shown in Figure 5 . Figure 5 – Avaya Hosted IP Telephony Release 3.0 LSP Solution TC; Reviewed: PV 04/24/2006 Avaya – Proprietary Use as authorized only pursuant to your signed agreement or Avaya policy. No oth...

TC; Reviewed: PV 04/24/2006 Avaya – Proprietary Use as authorized only pursuant to your signed agreement or Avaya policy. No other disclosure is permitted or authorized. 13 of 61 HT3-LSP-VF.doc 5.1. Service Provider Data Center The Data Center simulates two customers, PC-LAN (Private-Private) and C-...

TC; Reviewed: PV 04/24/2006 Avaya – Proprietary Use as authorized only pursuant to your signed agreement or Avaya policy. No other disclosure is permitted or authorized. 14 of 61 HT3-LSP-VF.doc Communication Manager in the Data Center is lost. All enterprise Local Survivable Processors (LSPs) will a...

6. Avaya Hosted IP Telephony Release 3.0 LSP Configuration 6.1. PC-LAN Configuration (Private-Private) 6.1.1. Configure Avaya Communication Manager The following Avaya Communication Manager provisioning is required to support the LSP Configuration. This provisioning is performed via the SAT interfac...

6.1.1.2. Configure Avaya Communication Manager for LSP Support Step 1 . Use the “ change node-names ip ” command to add the name and IP Address of the LSP Native IP Address and static 1-to-1 NAT LSP IP address configured in the NetScreen-25 Firewall ( Figure 20 ) to the node-names form shown in Figu...

Step 2 . Use the “ change ip-network-region <region number>” command to add the LSP Native IP Address to the appropriate Network Region shown in Figure 8 . Submit the changes. Figure 8 Step 3 . Use the “ change lsp ” command to add the static 1-to-1 LSP IP address configured in the NetScreen-2...

Figure 10 - LSP Configuration Web Page 7. Select “ This is a local survivable processor with a Blade server as the primary controller ”. This option was selected for the Avaya SBS3000 shared blade server. 8. In the “ CLAN IP address of the primary controller ” and “ Primary controller’s IP address ”...

6.1.3. Configuring the Juniper NetScreen-25 Firewall This Section assumes that Juniper NetScreen-25 Firewall basic provisioning has been performed. Refer to [1] for more information. Step 1 . From a PC, connect to the Juniper Networks NetScreen-25 Firewall using a web browser, by typing https://<...

Step 3 . Create a Virtual Router for enterprise site A (VR-A) and Data Center (trust-vr). From the left pane click on Network Æ Routing Æ Virtual Routers . On the right pane, click the New button on the top right hand corner to create a new Virtual Router. Set Virtual Router Name and leave all other...

Step 4 . Create security zones and assign the zone to the appropriate Virtual Routers. From the left hand panel of the NetScreen-25 Firewall Web admin screen, click on Network Æ Zones . From the right hand pane, click the New button to create a new zone. Create security zones for the Virtual Router ...

Step 6 . Select Network Æ Zones in the left pane to view the list of configured zones as shown in Figure 16 . Additional Zones are shown that are not related to this Application Note. Figure 16 TC; Reviewed: PV 04/24/2006 Avaya – Proprietary Use as authorized only pursuant to your signed agreement o...

Step 7 . Configure Interface with Mapped IP (MIP). The physical interface toward enterprise site A is configured using sub-interfaces. The physical interface toward the Data Center does not use sub-interfaces. From the NetScreen-25 Firewall Web Admin screen, click on Network Æ Interfaces , and selec...

Step 8 . Configure Sub-Interface ethernet2.1 MIP for LSP to Avaya Communication Manager Static 1-to-1 NAT. From the NetScreen-25 Firewall Sub-IF screen, select MIP , and click the New button from the right hand window pane. Configure MIP as shown in Figure 18 and click OK . Figure 18 TC; Reviewed: P...

Step 9 . Configure Interface with Mapped IP (MIP). The physical interface toward the Data Center does not use sub-interfaces. From the NetScreen-25 Firewall Web Admin screen, click on Network Æ Interfaces and then click the New button from the right hand window pane. Create Interface ethernet1, zone...

Step 11 . Select Network Æ Interfaces in the left pane again to view the list of configured Interfaces shown in Figure 21 . Additional Interfaces are shown that are not related to this Application Note. Figure 21 TC; Reviewed: PV 04/24/2006 Avaya – Proprietary Use as authorized only pursuant to your...

Step 12 : In this network environment Static routing is used. The screen capture below is a list of all routes required for end-to-end LSP connectivity to Avaya Communication Manager. Select Routing Æ Destination in the left pane to view the list of all routes as shown in Figure 22 . Refer to [1] fo...

Step 13 . Policies decide what traffic and protocols are permitted from one security zone to another. Policies for specific protocols and applications were not configured. Any to MIP policies were configured from one zone to another to verify LSP to Avaya Communication Manager Registration and File ...

Step 14 . From the NetScreen-25 Firewall Web Admin screen, select Policies in the left window pane. Create a Policy for permitting traffic from Trust Zone to VRA-Untrust Zone as shown in Figure 24 . From the Destination Address Book Entry pull down menu select the MIP entry added in Figure 20 and le...

Step 15 . Select Policies in the left pane to view the list of configured policies as shown in Figure 25 . Figure 25 TC; Reviewed: PV 04/24/2006 Avaya – Proprietary Use as authorized only pursuant to your signed agreement or Avaya policy. No other disclosure is permitted or authorized. 34 of 61 HT3-...

6.1.4. Configure the Juniper VF 3000 SBC The following section describes how to configure the Juniper VF 3000 SBC for LSP enterprise sites. Only the Signaling Card (SC) needs to be updated, not the Media Card (MC). In a High Reliability (HA) configuration, both the master and backup (SC) needs to be...

Step 2 . Enter command exit Æ and then show to verify sr-policy configuration as shown in Figure 27 . Figure 27 TC; Reviewed: PV 04/24/2006 Avaya – Proprietary Use as authorized only pursuant to your signed agreement or Avaya policy. No other disclosure is permitted or authorized. 36 of 61 HT3-LSP-V...

6.2. G650/C-LAN Configuration (Private-Public-Private) 6.2.1. Configure Avaya Communication Manager The following Avaya Communication Manager provisioning is required to support the LSP Configuration. This provisioning is performed via the SAT interface. In the following example, the Avaya Communica...

TC; Reviewed: PV 04/24/2006 Avaya – Proprietary Use as authorized only pursuant to your signed agreement or Avaya policy. No other disclosure is permitted or authorized. 40 of 61 HT3-LSP-VF.doc 6.2.2. Configure Avaya Local Survivable Processors (LSP) Local Survivable Processors (LSP) are normally co...

Figure 32 - LSP Configuration Web Page 7. Select “ This is a local survivable processor with a Blade server as the primary controller ”. This option was selected for the Avaya SBS3000 shared blade server. 8. In the “ CLAN IP address of the primary controller ” and “ Primary controller’s IP address ”...

6.2.3. Configuring the Juniper NetScreen-25 Firewall This Section assumes that Juniper NetScreen-25 Firewall basic provisioning has been performed. Refer to [1] for more information. Refer to section 6.1.3 for Netscreen-25 Firewall login procedures and for common configuration parameters for Virtual...

Step 6 . Configure Sub-Interface ethernet2.3 MIP for LSP to C-LAN Static 1-to-1 NAT. From the NetScreen-25 Firewall Sub-IF screen, select MIP , and click the New button from the right hand window pane. Configure MIP as shown in Figure 38 and click OK . Figure 38 TC; Reviewed: PV 04/24/2006 Avaya – P...

Step 8 . In this network environment Static routing is used. In the screen capture below is a list of all routes required for end-to-end LSP connectivity to Avaya Communication Manager. Select Routing Æ Destination in the left pane to view the list of all routes shown in Figure 40 . Refer to [1] for...

6.2.5. Enterprise Customer Checkpoint Firewall Configuration The firewall at the enterprise sites must be configured to provide static 1-to-1 NAT for LSP to Avaya Communication Manager connectivity. The following example in Figure 47 is shown for Checkpoint Firewall HIPT-B1 located in enterprise sit...

Step 3 . Select the NAT tab , then add a static 1-to-1 NAT . The Translate to IP address is the public WAN IP address and then select HIPT-B1 from the Install on Gateway pull down menu as shown in Figure 49 and click OK . Figure 49: NAT Properties of B1 LSP Static NAT TC; Reviewed: PV 04/24/2006 Ava...

Step 4 . From Checkpoint Smart Dashboard application, Select Network Objects Æ Group Æ HIPT-B1_eth4 . Add the static 1-to-1 NAT called “HT_B1_LSP_StaticNat” from the Not in Group table to the In Group table and click OK as shown in Figure 50. To activate changes made to HIPT-B1, select Policy Æ Inst...

TC; Reviewed: PV 04/24/2006 Avaya – Proprietary Use as authorized only pursuant to your signed agreement or Avaya policy. No other disclosure is permitted or authorized. 60 of 61 HT3-LSP-VF.doc • Verify the Avaya Communication Manager is updating the LSP by running command “ save trans lsp ” from th...