Polycom V2IU 4350 - Manual

Introduction 1 - 3 — Diffserv marking and policing — Traffic shaping — VoIP call admission control prevents oversubscription of priority queue • Security — Stateful packet inspection firewall — VoIP aware firewall dynamically provisions and closes UDP ports used for VoIP calls — IPSec: 3DES, SHA-1 —...

User Manual V 2 IU 4350 Converged Network Appliance 1 - 4 Back Panel The back panel of the 4350E contains the following connections: Name Description A Power Connector Accepts the plug from the supplied power cord to connect the unit to an AC power source B 10/100 Mbps LAN Ports 4 x Local Area Netwo...

2 - 1 2 Getting Started Physical Installation The V 2 IU 4350 is designed for desktop, rack or wall-mount installation. Please observe the following guidelines when installing the system: • Never assume that the AC cord is disconnected from a power source. Always check first. • Always connect the AC...

User Manual V 2 IU 4350 Converged Network Appliance 2 - 2 • If the T1/E1 port will be used to connect to WAN: — T1 cable to connect the T1/E1 port to a T1 line. • Ethernet cables to connect the LAN ports to LAN switches or to individual IP phones. They can also be used to connect the Ethernet WAN po...

Getting Started 2 - 3 4. Mount the 4350 on the wall as shown below. Do not mount the 4350 on the wall as shown below. 1. Connect the power and network cables to the appropriate ports on the back of the system. Rack-Mount Installation You can mount the 4350 in a shelf by using the rack-mount kit supp...

User Manual V 2 IU 4350 Converged Network Appliance 2 - 4 Connecting the Power and Cables The 4350 comes with an AC power cord and power adapter for connecting the unit to the AC outlet. If you are connecting to the WAN using the T1, then connect the T1 cable to the T1/E1 port and the other end of t...

3 - 1 3 Configuring the V 2 IU 4350 The V 2 IU 4350 is a flexible, easy to use converged network appliance that provides many critical networking functions for IP based voice, video and data. It can be installed in several different topologies: • At the customer premise for IP Centrex and hosted vid...

User Manual V 2 IU 4350 Converged Network Appliance 3 - 2 Configuration Guide For IP Centrex Applications A typical 4350 installation for an IP Centrex application requires no external router or firewall. The 4350 WAN port is connected directly to the T1/E1 line and the LAN port(s) are connected dir...

Configuring the V2IU 4350 3 - 3 • NAT/PAT translation for IP phones and PC’s. This allows a single public IP address to be used on the WAN link to represent all of the private IP addresses assigned to the LAN IP phones and PC’s. • Static NAT entries. This enables the customer to use a WAN public IP ...

User Manual V 2 IU 4350 Converged Network Appliance 3 - 4 Configuration Guide For Station Side IP PBX Applications Most private enterprise VoIP networks use an IP PBX at the corporate headquarters location to provide voice switching between headquarters, branch offices and the PSTN. The 4350 is used...

User Manual V 2 IU 4350 Converged Network Appliance 3 - 6 Configuration Guide For Trunk Side IP PBX Applications Companies with existing IP-based WAN links for inter-office voice and data communications can use the 4350 as a traffic shaper to meet the stringent jitter, latency and packet loss requir...

User Manual V 2 IU 4350 Converged Network Appliance 3 - 8 Configuration Guide For Hosted Video Applications A typical 4350 installation for hosted video applications is depicted in the diagram below. In this scenario, the 4350s are used to connect all of the video endpoints to the Gatekeeper. The vi...

User Manual V 2 IU 4350 Converged Network Appliance 3 - 10 Configuration Guide For Enterprise Video Applications A typical 4350 installation for enterprise video applications is depicted in the diagram below. In this scenario, the 4350s are used to connect all of the video endpoints to the Gatekeepe...

User Manual V 2 IU 4350 Converged Network Appliance 3 - 12 System Configuration This section explains how to configure the 4350 to function in your IP network. You will configure the T1/E1 WAN interface, Ethernet interfaces, network addresses, DNS settings, default gateway, SNMP settings and change ...

User Manual V 2 IU 4350 Converged Network Appliance 3 - 16 Assign the 4350’s ALG to your Priority VLAN Once you have completed your VLAN configuration you must assign the 4350 ALG to the VLAN containing your VoIP phones. 1. Select the VoIP ALG from the main configuration menu. 2. Use the drop down m...

Configuring the V2IU 4350 3 - 19 Timing Display and set the clock timing source for the T1/E1 interface. The timing can be either derived from the network (External) or provided to the T1 interface by the V 2 IU (Internal). With a carrier-provided T1, the timing is usually derived from the network (...

User Manual V 2 IU 4350 Converged Network Appliance 3 - 22 Configure Hostname, SNMP and Remote Logging The 4350 can be managed remotely by an SNMP network management system such as HP Openview. The 4350 supports SNMPv1 or SNMPv3 and MIB-II (RFC1213). All MIB-II variables are read only. The MIB varia...

Configuring the V2IU 4350 3 - 25 1. Enter the password you chose in step C again in the Confirm Password to ensure that there were no mistakes in the initial entry. 2. Press Submit. Read-only User This feature works by creating a new user with read-only access to the system. All information is displ...

User Manual V 2 IU 4350 Converged Network Appliance 3 - 26 Note: All open web browsers must be closed when you change between administrative user “root” and read-only “rouser.” 4. Enter a new password. The password must be a minimum of six characters long. 4. Re-enter the new password to confirm it....

Configuring the V2IU 4350 3 - 27 When viewing the Network Information page, Subinterfaces are designated in the Interface Information section with the device name and number, separated by a colon (for example, eth0:100). Configuring Subinterfaces To configure subinterfaces, use the following steps: ...

User Manual V 2 IU 4350 Converged Network Appliance 3 - 28 ToS Byte Setting Since the Internet itself has no direct knowledge of how to optimize the path for a particular application or user, the IP protocol provides a limited facility for upper layer protocols to convey hints to the Internet Layer ...

Configuring the V2IU 4350 3 - 35 H.323 Activity To access the H.323 Activity page, select VoIP ALG > H.323 Activity in the Configuration Menu. The H.323 Activity page is a read-only page that shows the following infor-mation: • Current time • WAN Gatekeeper status • Current payload bandwidth • Es...

Configuring the V2IU 4350 3 - 39 Regular Expressions Alias manipulation patterns and prefixes use regular expressions to match a string in the destination alias. A regular expression can be a string of literal characters to match or a set of special expressions. Alias manipulation patterns can match...

User Manual V 2 IU 4350 Converged Network Appliance 3 - 40 Forwarding Rules Forwarding Rules allows a system administrator to forward data traffic for a subnet from one interface to another, overriding the Firewall’s default drop rules. Allowing a subnet to be forwarded is commonly used when servers...

Configuring the V2IU 4350 3 - 41 Configuring Forwarding Rules To configure address forwarding rules, use the following steps: 1. Using the configuration graphical user interface, from the Configuration Menu on the left-hand side, click Firewall . 2. Click Forwarding Rules . The window shown below op...

Configuring the V2IU 4350 3 - 43 — Any: for the specified network, allows all ports and protocols through the system. No ports are required because not all protocols support the concept of ports. • Port or Port Range: The port number or port range allowed through the system when UDP or TCP are selec...

Configuring the V2IU 4350 3 - 45 Proxy provides an access point into this network and is responsible for the E.164 dial plan using NANP (North American Numbering Plans or NAP’s). The NAP’s in this case are 831 and 408. Dial plan integrity is required to insure proper routing of prefix's. This means ...

User Manual V 2 IU 4350 Converged Network Appliance 3 - 46 the Peering Proxy IP 10.10.10.1. The Peering Proxy applies the same rule set, in this case, NO matching prefix is found and ANNEX O dialing is applied. The call is now routed to Site A's V 2 IU. The call is forwarded to the LAN Side PathNavi...

Configuring the V2IU 4350 3 - 47 Embedded Gatekeeper Mode. In this mode, the endpoint is directly registered, an E.164 registered client match is made, and the call is routed to the called endpoint. Outbound from Site C to Public IP Endpoint Site C dials the public endpoint: [email protected]. The PathNa...

Configuring the V2IU 4350 3 - 49 The prefix routing table shows all currently configured prefixes. The prefixes are searched in the order they are entered. Each prefix can be moved up or down in the list. You can select and delete prefixes. 3. To strip a matching prefix, select the checkbox and clic...

User Manual V 2 IU 4350 Converged Network Appliance 3 - 50 — Manually entering all clients that are allowed to use the system — Running the system without the Client List lockdown feature until all desired clients have registered • Enabling this feature. This feature is useful for lists involved wit...

Configuring the V2IU 4350 3 - 51 H.323 Activity Monitor The H.323 Activity Monitor shows any recent H.323 events that may be of interest to the administrator of the system. The information appears in three columns: • Event/Time • Source • Destination Following this information are a number of lines ...

User Manual V 2 IU 4350 Converged Network Appliance 3 - 52 Type of Events The events that may currently be listed in the activity monitor are as follows: • Bandwidth change - the endpoint requested a change of the bandwidth used for its call, only sent if the bandwidth management is enabled. • Call ...

User Manual V 2 IU 4350 Converged Network Appliance 3 - 54 Call Termination The call termination cause may also give some information about why the call terminated or failed to be established. • “Out of system resources” The call could not be completed because the system was out of system resources....

Configuring the V2IU 4350 3 - 55 The call could not be established because the system already is at the maxi-mum allowed bandwidth. • “Received admission reject” The call was terminated because an admission reject was received from the gatekeeper. • “Received disengage request” The call was terminat...

User Manual V 2 IU 4350 Converged Network Appliance 3 - 56 VoIP Configuration The 4350 provides a VoIP application layer gateway (ALG) for the SIP, MGCP, and H.323 protocols. The ALG proxies the connection between the VoIP softswitch, IP PBX or gatekeeper and voice and video devices such as IP phone...

Configuring the V2IU 4350 3 - 57 Configure the VoIP ALG In order to configure the VoIP ALG the 4350 must be told where to reach the signaling servers and TFTP server on behalf of the voice devices. 1. Select VoIP ALG. 2. If using VLANs assign the ALG to a specific VLAN id using the drop down menu. 3...

Configuring the V2IU 4350 3 - 59 11. The Current payload bandwidth calculates the current video traffic, without IP overhead, traversing the Appliance. The Estimated total bandwidth calculates the total video traffic, plus IP overhead, traversing the Appliance. 12. The H.323 Max Aliases limits the n...

Configuring the V2IU 4350 3 - 61 2. Select System Overview. 3. Select VoIP Subnet Routing. 4. Enter the IP Network (e.g. 10.10.12.0).This is the IP address of the remote subnet containing the voice devices. 5. Enter the Netmask (e.g. 255.255.255.0).This is the mask of the IP address of the subnet co...

User Manual V 2 IU 4350 Converged Network Appliance 3 - 62 Data Networking Configuration The 4350 provides static IP routing and two types of Network Address Translation (NAT) functions for data traffic. This section describes the use and configuration of these features. NAT for Data Traffic NAT all...

User Manual V 2 IU 4350 Converged Network Appliance 3 - 64 Delete a Static NAT entr y 1. Select NAT. 2. To delete an IP address or a range of IP addresses highlight the entry in the Static NAT Client Entries list and press the Delete key on your keyboard. 3. Press Submit. Static IP routing In additi...

Configuring the V2IU 4350 3 - 65 4. Select the Apply Route checkbox. 5. Enter the IP Network address. This address is the remote data network you would like the 4350 to forward to the gateway. The hosts portion of the IP address should be set to “0”. For example, 10.10.20.0 6. Enter the Netmask of t...

User Manual V 2 IU 4350 Converged Network Appliance 3 - 68 If a given packet does not match any of the configured rules, it is dropped. 1. Select Firewall. 2. Enter the desired Advanced Settings using the table above as a guide. 3. Select Submit. Remove Advanced Setting Entries To remove an advanced...

Configuring the V2IU 4350 3 - 69 • Controls the data transfer rate of far-end WAN TCP devices to limit WAN link congestion. • Supports network-based QoS applications by setting the TOS bits for all VoIP packets sent to the WAN and the LAN. TOS bits are used so that VoIP packets can be prioritized in...

User Manual V 2 IU 4350 Converged Network Appliance 3 - 70 3. Specify the upstream and downstream bandwidth of your WAN link 4. Enter the WAN Downstream Bandwidth in Kbps. 5. Enter the WAN Upstream Bandwidth in Kbps. Optionally enable priority IP addresses VoIP traffic from devices that use the VoIP...

Configuring the V2IU 4350 3 - 71 Determining the maximum number of concurrent calls The maximum number of concurrent calls that can be supported by the WAN access link is calculated using the following formula:Max calls = (Maximum WAN upstream bandwidth * .85)/VoIP codec ratewhere,Maximum WAN upstre...

User Manual V 2 IU 4350 Converged Network Appliance 3 - 72 applied to traffic in both the upstream (LAN to WAN) and downstream (WAN to LAN) direction. Each direction is independent of the other and can support different size priority queues. Classifying High priority voice and video traffic generate...

Configuring the V2IU 4350 3 - 73 clocked out at the WAN link’s full rate LESS the bandwidth currently being used for high-priority (voice) data. High-priority data is clocked out at the WAN’s full link rate. Any long-lasting burst condition in low-priority data will cause these packets to be delayed...

4 - 1 4 System Diagnostics The V 2 IU 4350 provides a powerful set of diagnostic information, troubleshooting tools and utilities for system maintenance to network operators. Viewing Software Version, Hardware Platform and the LAN MAC Address The software version, hardware platform, and LAN MAC addr...

User Manual V 2 IU 4350 Converged Network Appliance 4 - 2 Viewing the ALG registration code You will also find a link to the ALG registration code on the System page. The registration code enables the ALG and is pre-installed at the factory. If the registration code is inadvertently deleted you can ...

User Manual V 2 IU 4350 Converged Network Appliance 4 - 4 The interface statistics can point to areas of congestion in the network. If the errors statistic is a few percent or more of the total packets sent it may be an indication of excessive congestion on the network interface. If the congestion i...

System Diagnostics 4 - 5 System Logging Messages Displays information logged during system boot and normal operation. Logging messages may indicate unauthorized attempts to access the 4350, process restart messages, and excessive resource utilization messages. Passive Voice Call Monitoring The 4350 ...

5 - 1 5 Saving and Restoring the V 2 IU 4350 Configuration The V 2 IU 4350 stores all configuration information for the system in a series of individual files that reside in local flash memory. These files are read at boot time to determine the configuration identity of the 4350 and then stored in R...

User Manual V 2 IU 4350 Converged Network Appliance 5 - 2 1. Use a NULL modem cable to connect to serial port 1 of the 4350 2. Use a terminal emulator such as Hyperterminal set to a baud rate of 9600, 8, 1 and none (databits, stop bits and parity) Alternatively you can connect to the 4350 remotely u...

Saving and Restoring the V2IU 4350 Configuration 5 - 3 Delete a Backup File # ewn delete <filename> Delete the backup file specified in the filename. Load a Backup File so that it Becomes the Running Configuration # ewn load <filename> Loads the specified backup file into RAM and makes i...

6 - 1 6 Upgrading the V 2 IU 4350 This chapter describes how to upgrade your 4350 to the latest software release available from Polycom. It is recommended that you reboot the 4350 prior to performing the upgrade. This is to make sure there is enough dynamic memory available to handle the upgrade pro...

Appendix - 1 Appendix Troubleshooting Tips This section contains possible solutions to problems regarding the installation of the V 2 IU 4350. I am having trouble reaching the Internet through the 4350. We recommend connecting a PC directly (or via a switch) to the LAN port of the 4350. The default ...

User Manual V 2 IU 4350 Converged Network Appliance Appendix - 2 5. Select Network Test Tools. 6. Enter the softswitch address in the IP Address to Ping field. 7. Press Ping. Specifications WAN Ports 1xT1 CSU/DSU or 10/100 Ethernet LAN Ports 4x10/100 Ethernet (switched) Serial Ports 1xRS-232 Dimensi...

Regulatory Notices - 1 Regulatory Notices END-USER LICENSE AGREEMENT FOR POLYCOM® SOFTWARE IMPORTANT-READ CAREFULLY BEFORE USING THE SOFTWARE PRODUCT: This End-User License Agreement (“Agreement”) is a legal agreement between you (and/or any company you represent) and either Polycom (Neth-erlands) B...

V 2 IU 4350 Converged Network Appliance User Manual 10 write to the Free Software Foundation; we sometimes make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software g...