Administration of the Avaya G350 Media Gateway - Avaya Support
Administration of the Avaya G350 Media Gateway - Avaya Support Administration of the Avaya G350 Media Gateway - Avaya Support
ContentsConfiguring VRRP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 198Overview of VRRP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 198VRRP configuration example . . . . . . . . . . . . . . . . . . . . . . . . . . . 199VRRP commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 200Configuring fragmentation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 201Overview of fragmentation . . . . . . . . . . . . . . . . . . . . . . . . . . . . 201Reassembly parameters. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 202Fragmentation commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . 202Chapter 17: Configuring IPSec VPN . . . . . . . . . . . . . . . . . . . . 203Overview of IPSec VPN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 203Configuring a site-to-site IPSec VPN . . . . . . . . . . . . . . . . . . . . . . . . . 204Overview of IPSec VPN configuration . . . . . . . . . . . . . . . . . . . . . . 204Prerequisite – coordinating with the VPN peer . . . . . . . . . . . . . . . . . 208Installing the VPN license file . . . . . . . . . . . . . . . . . . . . . . . . . . . 208Configuring ISAKMP policies . . . . . . . . . . . . . . . . . . . . . . . . . . . 209Configuring transform-sets . . . . . . . . . . . . . . . . . . . . . . . . . . . . 210Configuring ISAKMP peer information . . . . . . . . . . . . . . . . . . . . . . 211Configuring crypto maps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 213Configuring crypto-lists . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 214Configuring interfaces. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 216Deactivating crypto lists to modify IPSec VPN parameters. . . . . . . . . 217IPSec VPN maintenance. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 218Displaying IPSec VPN configuration . . . . . . . . . . . . . . . . . . . . . . . 218Displaying IPSec VPN status . . . . . . . . . . . . . . . . . . . . . . . . . . . 218IPSec VPN intervention . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 219IPSec VPN logging. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 219Typical installations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 221Simple VPN topology: VPN hub and spokes. . . . . . . . . . . . . . . . . . . 221Configuring the simple VPN topology . . . . . . . . . . . . . . . . . . . . 222Full or partial mesh . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 226Configuring the mesh VPN topology . . . . . . . . . . . . . . . . . . . . . 227Hub-and-spoke with hub redundancy/load sharing . . . . . . . . . . . . . . . 238Configuring the VPN hub redundancy/load sharing topologies . . . . . . 239Full solution: hub-and-spoke with VPN for data and VoIP control backup . . 245Configuring hub-and-spoke with VPN for data and VoIP control backup . 24612 Administration of the Avaya G350 Media Gateway
ContentsChapter 18: Configuring policy . . . . . . . . . . . . . . . . . . . . . . . 253Policy overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 253Access control lists . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 254QoS lists . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 254Policy-based routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 255Managing policy lists . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 255Defining policy lists . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 256Creating and editing a policy list . . . . . . . . . . . . . . . . . . . . . . . . . 256Defining list identification attributes . . . . . . . . . . . . . . . . . . . . . . . 257Default actions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 257Deleting a policy list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 257Attaching policy lists to an interface . . . . . . . . . . . . . . . . . . . . . . . . . 258Device-wide policy lists . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 260Defining global rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 260Defining rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 261Overview of rule criteria . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 261Editing and creating rules. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 262Rule criteria . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 262IP protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 262Source and destination IP address . . . . . . . . . . . . . . . . . . . . . . 263Source and destination port range . . . . . . . . . . . . . . . . . . . . . . 264ICMP type and code . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 265TCP Establish bit (access control lists only) . . . . . . . . . . . . . . . . 265Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 265Composite operations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 266Overview of composite operations . . . . . . . . . . . . . . . . . . . . . . . . 266Pre-configured composite operations for access control lists. . . . . . . . . 266Pre-configured composite operations for QoS lists. . . . . . . . . . . . . . . 267Configuring composite operations . . . . . . . . . . . . . . . . . . . . . . . . 268Composite operation example . . . . . . . . . . . . . . . . . . . . . . . . . . 269DSCP table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 269Displaying and testing policy lists . . . . . . . . . . . . . . . . . . . . . . . . . . 270Displaying policy lists . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 270Simulating packets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 272Issue 3 January 2005 13
- Page 1 and 2: Administration of theAvaya G350 Med
- Page 3 and 4: Electromagnetic Compatibility (EMC)
- Page 5: ContentsAbout this Book . . . . . .
- Page 8 and 9: ContentsConfiguring PPP . . . . . .
- Page 10 and 11: ContentsPort classification . . . .
- Page 14 and 15: ContentsChapter 19: Configuring pol
- Page 16 and 17: Contents16 Administration of the Av
- Page 18 and 19: About this Book4. Scroll down to fi
- Page 20 and 21: About this BookSending us commentsA
- Page 22 and 23: Introduction●●●●●●●
- Page 24 and 25: Configuration overviewIf you intend
- Page 26 and 27: Configuration overviewSaving config
- Page 28 and 29: Accessing the Avaya G350 Media Gate
- Page 30 and 31: Accessing the Avaya G350 Media Gate
- Page 32 and 33: Accessing the Avaya G350 Media Gate
- Page 34 and 35: Accessing the Avaya G350 Media Gate
- Page 36 and 37: Accessing the Avaya G350 Media Gate
- Page 38 and 39: Accessing the Avaya G350 Media Gate
- Page 40 and 41: Accessing the Avaya G350 Media Gate
- Page 42 and 43: Accessing the Avaya G350 Media Gate
- Page 44 and 45: Accessing the Avaya G350 Media Gate
- Page 46 and 47: Accessing the Avaya G350 Media Gate
- Page 48 and 49: Accessing the Avaya G350 Media Gate
- Page 50 and 51: Basic device configurationConfiguri
- Page 52 and 53: Basic device configurationThe Media
- Page 54 and 55: Basic device configurationSetting r
- Page 56 and 57: Basic device configuration●●●
- Page 58 and 59: Basic device configurationEach firm
- Page 60 and 61: Basic device configurationThe follo
ContentsConfiguring VRRP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 198Overview <strong>of</strong> VRRP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 198VRRP configuration example . . . . . . . . . . . . . . . . . . . . . . . . . . . 199VRRP commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 200Configuring fragmentation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 201Overview <strong>of</strong> fragmentation . . . . . . . . . . . . . . . . . . . . . . . . . . . . 201Reassembly parameters. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 202Fragmentation commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . 202Chapter 17: Configuring IPSec VPN . . . . . . . . . . . . . . . . . . . . 203Overview <strong>of</strong> IPSec VPN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 203Configuring a site-to-site IPSec VPN . . . . . . . . . . . . . . . . . . . . . . . . . 204Overview <strong>of</strong> IPSec VPN configuration . . . . . . . . . . . . . . . . . . . . . . 204Prerequisite – coordinating with <strong>the</strong> VPN peer . . . . . . . . . . . . . . . . . 208Installing <strong>the</strong> VPN license file . . . . . . . . . . . . . . . . . . . . . . . . . . . 208Configuring ISAKMP policies . . . . . . . . . . . . . . . . . . . . . . . . . . . 209Configuring transform-sets . . . . . . . . . . . . . . . . . . . . . . . . . . . . 210Configuring ISAKMP peer information . . . . . . . . . . . . . . . . . . . . . . 211Configuring crypto maps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 213Configuring crypto-lists . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 214Configuring interfaces. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 216Deactivating crypto lists to modify IPSec VPN parameters. . . . . . . . . 217IPSec VPN maintenance. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 218Displaying IPSec VPN configuration . . . . . . . . . . . . . . . . . . . . . . . 218Displaying IPSec VPN status . . . . . . . . . . . . . . . . . . . . . . . . . . . 218IPSec VPN intervention . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 219IPSec VPN logging. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 219Typical installations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 221Simple VPN topology: VPN hub and spokes. . . . . . . . . . . . . . . . . . . 221Configuring <strong>the</strong> simple VPN topology . . . . . . . . . . . . . . . . . . . . 222Full or partial mesh . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 226Configuring <strong>the</strong> mesh VPN topology . . . . . . . . . . . . . . . . . . . . . 227Hub-and-spoke with hub redundancy/load sharing . . . . . . . . . . . . . . . 238Configuring <strong>the</strong> VPN hub redundancy/load sharing topologies . . . . . . 239Full solution: hub-and-spoke with VPN for data and VoIP control backup . . 245Configuring hub-and-spoke with VPN for data and VoIP control backup . 24612 <strong>Administration</strong> <strong>of</strong> <strong>the</strong> <strong>Avaya</strong> <strong>G350</strong> <strong>Media</strong> <strong>Gateway</strong>