ADMINISTRATION GUIDE Cisco SRP500 Series Services Ready Platforms (SRP520 Models)
Cisco and the Cisco Logo are trademarks of Cisco Systems, Inc. and/or its affiliates in the U.S. and other countries. A listing of Cisco's trademarks can be found at www.cisco.com/go/trademarks. Third party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1005R) © 2012 Cisco Systems, Inc. All rights reserved.
Contents Chapter 1: Introducing the SRP500 Series Services Ready Platform (SRP520 Models) 10 Feature Overview 10 Product Overview 11 Model Numbers 11 Front Panel 11 SRP521W Front Panel 11 SRP526W / SRP527W Front Panel 12 Front Panel Lights 12 Back Panel 13 SRP521W Back Panel 13 SRP526W / SRP527W Back Panel 13 Back Panel Descriptions 14 Side View 15 Top View 16 Default Settings 17 Chapter 2: Getting Started with the Configuration Utility 18 Logging In to the Configuration Utili
Contents Firewall 23 NAT 24 Chapter 4: Setting up the Interfaces of the Services Ready Platforms Setting up the WAN Interface 25 25 Internet Setup 26 Adding a Subinterface 29 Encapsulation Settings 32 IPoA Settings 32 PPPoE Settings 33 PPPoA Settings 34 Internet Options 35 Mobile Network 36 Failover and Recovery 40 Setting up the VLAN Interfaces and LAN Ports 42 DHCP Server 42 VLAN Settings 45 Port Settings 47 Setting up the Wireless LAN 48 Basic Wireless Settings 49 Wir
Contents Intervlan Routing NAT 66 66 NAT Setting 66 Port Forwarding 67 Port Range Triggering 69 QoS 71 QoS Bandwidth Control 71 QoS Policy 72 CoS To Queue 74 DSCP To Queue 75 Firewall 75 Firewall Filter 75 Internet Access Control 77 PPPoE Relay 79 DDNS 80 DMZ 82 IGMP 83 UPnP 84 CDP Setting 85 Chapter 6: Configuring Voice 87 Configuring Voice Services 87 Understanding Voice Port Operations 87 SRP Voice Features 88 Supported Codecs 88 SIP Proxy Redundancy 89 Ot
Contents Configuring Dial Plans 102 About Dial Plans 102 Digit Sequences 102 Digit Sequence Examples 104 Acceptance and Transmission the Dialed Digits 106 Dial Plan Timer (Off-Hook Timer) 107 Syntax for the Dial Plan Timer 107 Examples for the Dial Plan Timer 108 Interdigit Long Timer (Incomplete Entry Timer) 108 Syntax for the Interdigit Long Timer 109 Example for the Interdigit Long Timer 109 Interdigit Short Timer (Complete Entry Timer) 109 Syntax for the Interdigit Short Timer
Contents Firmware Upgrade 134 General Purpose Parameters 135 Regional Page 136 Defining Ring and Cadence and Tone Scripts 136 Call Progress Tones 138 Distinctive Ring Patterns 141 Distinctive Call Waiting Tone Patterns 141 Distinctive Ring/CWT Pattern Names 142 Ring and Call Waiting Tone Spec 144 Control Timer Values (sec) 144 Vertical Service Activation Codes 147 Vertical Service Announcement Codes 153 Outbound Call Codec Selection Codes 153 Miscellaneous 154 Line Pages (1–2)
Contents GRE Tunnel 188 VPN Passthrough 190 Cisco VPN Server 191 Configuring Users Chapter 8: Administration Settings 194 195 Web Access Management 196 Remote Management 197 TR069 197 SNMP 199 SNMP Port Descriptions Local TFTP 200 201 Time Setup 202 Setup Wizard 203 User List 204 User Privilege Control 204 Logging 205 Factory Defaults 206 Firmware Upgrade 206 Backup & Restore 207 Backup Configuration 207 Restore Configuration 207 Reboot 208 Status 208 Switch Set
Contents Chapter 10: Viewing the Services Ready Platforms Status 212 Router Settings 213 Firewall Status 214 Interface Information 216 Wireless Network Status 217 Wireless Client Information 218 Mobile Network Status 218 DHCP Server Information 220 QoS Status 221 Routing Table 222 ARP Table 222 RIP Status 223 IGMP Status 223 VPN Status 224 CDP Neighbor Information 225 Appendix A: Specifications 226 Appendix B: Where to Go From Here 228 Cisco SRP500 Series Services Ready Pl
1 Introducing the SRP500 Series Services Ready Platform (SRP520 Models) Thank you for choosing the Cisco SRP500 Series Services Ready Platforms (SRP520 Models). The SRP500 Series are flexible devices that enable small businesses to connect to a variety of services (high quality data, hosted voice, and security services) offered by service providers. This chapter provides information to familiarize you with the product.
1 Introducing the SRP500 Series Services Ready Platform (SRP520 Models) Product Overview Product Overview This section lists the available model numbers to help you become familiar with your SRP, and shows the front panel, back panel, and side view of the unit. Model Numbers The following table describes the SRP520 Model numbers: Model Description SRP521W Fast Ethernet WAN 2 Phone (FXS) ports, 1 Line (FXO) port, 1 WAN (10/100) port, 4 LAN (10/100) ports, 1 USB 2.0 port, 802.
1 Introducing the SRP500 Series Services Ready Platform (SRP520 Models) Product Overview SRP526W / SRP527W Front Panel Cisco Small Business Pro SRP 526W 2 3 4 LAN 1 2 PHONE CD Data DSL WLAN USB WPS 195210 1 POWER/SYS Front Panel Lights The following table describes the lights on the front panel of the SRP. These lights are used for monitoring system activity. Lights (Green) Description POWER/SYS Lights when the SRP has successfully booted and is ready to use.
1 Introducing the SRP500 Series Services Ready Platform (SRP520 Models) Product Overview Back Panel The back panel is where you connect the network devices. The ports on the panel vary depending on the model.
Introducing the SRP500 Series Services Ready Platform (SRP520 Models) Product Overview 1 Back Panel Descriptions Feature Description DSL port Connects the SRP to your DSL connection. SRP526/SRP527W only Phone (FXS) ports (1–2) Connect directly to an analog telephone, fax machine, or similar device.
1 Introducing the SRP500 Series Services Ready Platform (SRP520 Models) Product Overview Side View USB Connector 236283 Reset Button RESET 236284 Antenna Feature Description Reset button Press and hold for 5 seconds to reset the SRP. Press and hold for 10 seconds to reset the SRP to its factory defaults. To press the button, insert a paper clip or similar object into the opening. USB port Connects to a compatible USB Modem.
1 Introducing the SRP500 Series Services Ready Platform (SRP520 Models) Product Overview 276378 Top View WPS Button Feature Description WPS Button Use to automatically configure wireless security for devices that support WiFi Protected Setup (WPS). To configure WPS, press and hold this button until the WPS light flashes. Make sure that the device is located near the SRP during setup.
Introducing the SRP500 Series Services Ready Platform (SRP520 Models) Product Overview 1 Default Settings Parameter Value Device IP 192.168.15.1 Username cisco Password cisco Admin Username admin Admin Password admin DHCP Range 192.168.15.
2 Getting Started with the Configuration Utility This chapter describes how to configure and use the Services Ready Platform Configuration Utility. This is a web-based utility you use to manage and provision your SRP (Services Ready Platform). This chapter includes the following sections:. • Logging In to the Configuration Utility • Overview of the Configuration Utility Logging In to the Configuration Utility This section describes how to log in to Services Ready Platform Configuration Utility.
2 Getting Started with the Configuration Utility Overview of the Configuration Utility STEP 4 Click Log In. The Services Ready Platform Configuration Utility opens. Overview of the Configuration Utility Main Window Areas This section describes the Main menu bar areas and icons that the Configuration Utility uses. Number Component Description 1 Menu Bar Contains the major function categories. Click a menu item to change to another category.
2 Getting Started with the Configuration Utility Overview of the Configuration Utility Number Component Description 2 Navigation Pane Provides easy navigation through the configurable device features.The main branches expand to provide the subfeatures. Click on the triangle next to the main branch title to expand or contract its contents. Click on the title of a feature or subfeature to open it. 3 Main Content The main content of the feature appears in this area.
3 The Quick Setup Menu This chapter describes how to use the Quick Setup Menu to set up the essential connectivity features for your Services Ready Platforms. It includes the following sections: • Basic Configuration Setup • Advanced Configuration Setup The Quick Setup menu is displayed by default when you first logon to the SRP. You can use these setup pages to quickly get the device up and running. The menu also provides convenient links to features found in the Configuration Utility.
3 The Quick Setup Menu Basic Configuration Setup STEP 4 Click Submit to save your settings. WAN Setup (ADSL) Use the WAN Setup page to quickly setup your ADSL WAN interface. STEP 1 Click Quick Setup > WAN Setup. STEP 2 The WAN Setup window opens. STEP 3 Enter your VC and IP settings as defined in Internet Setup, page 26, STEP 4 Click Submit to save your settings. LAN Setup Use the LAN Setup page to quickly setup the LAN interface. STEP 1 Click Quick Setup > LAN Setup. The LAN Setup window opens.
The Quick Setup Menu Advanced Configuration Setup 3 Remote Provisioning Use the TR-069 page to configure communication with an Auto-Configuration Server (ACS) through the TR-069 CPE WAN Management Protocol (CWMP). STEP 1 Click Quick Setup > Remote Provisioning. The Remote Provisioning window opens. STEP 2 Click Enabled to enable remote provisioning. STEP 3 Specify the remote provisioning settings as defined in Remote Management, page 197. STEP 4 Click Submit to save your settings.
The Quick Setup Menu Advanced Configuration Setup 3 NAT Use the NAT option to administer the NAT (Network Address Translation) settings. For more details, see NAT, on page 66.
4 Setting up the Interfaces of the Services Ready Platforms This chapter describes how to set up the interfaces for your SRP. It includes the following sections: • Setting up the WAN Interface • Setting up the VLAN Interfaces and LAN Ports • Setting up the Wireless LAN • Using the Management Interface To access these pages click Interface Setup from the Configuration Utility menu bar.
Setting up the Interfaces of the Services Ready Platforms Setting up the WAN Interface 4 Internet Setup Use the Internet Setup page to configure the settings for WAN networking. NOTE After you configure the interface settings, we recommend that you create a new password for your SRP. To change it, see User List, page 204. Taking this precaution increases security by protecting the SRP from unauthorized changes. STEP 1 Click Interface Setup > WAN > Internet Setup. The Internet Setup window opens.
Setting up the Interfaces of the Services Ready Platforms Setting up the WAN Interface 4 VC Settings Field Description Multiplexing Defines the way in which different protocols are handled within a DSL virtual circuit. You an choose between Logical Link Control (LLC) encapsulation (also called LLC-SNAP) or Virtual Channel (VC) multiplexing (also called VC-Mux).
Setting up the Interfaces of the Services Ready Platforms Setting up the WAN Interface 4 NOTE When using the interface failover feature, the Interface Default Route automatically selects the subinterface that is used to pass traffic redirected from a failed interface. STEP 7 To view the interface information, select a WAN interface from the WAN Interface List. The WAN Interface Detail area displays information about the interface as described in the table below.
Setting up the Interfaces of the Services Ready Platforms Setting up the WAN Interface 4 Adding a Subinterface Use the WAN Interface List page from the Internet Setup window to add a subinterface to the SRP. These options are the same as those for configuring a main WAN interface except you cannot configure an Ethernet subinterface for PPTP or L2TP. The SRP supports multiple logical interfaces per physical port. For Ethernet ports, VLAN interfaces are created as part of an IEEE 802.1p trunk.
Setting up the Interfaces of the Services Ready Platforms Setting up the WAN Interface 4 Ethernet WAN Interface Settings Field Description WAN WAN1 is the interface identity for the SRP’s WAN port. This value cannot be changed. VLAN ID VLAN identity for the interface or subinterface. This value cannot be changed after the interface is first created. Connection Type Type of Internet connection that your ISP provides. Automatic Configuration/DCHP Connection type often used with cable modems.
Setting up the Interfaces of the Services Ready Platforms Setting up the WAN Interface 4 Ethernet WAN Interface Settings Field Description PPPoE Choose this option if your ISP uses PPPoE (Point-to-Point Protocol over Ethernet). Enter the User Name and Password for your ISP account and the Service Name if required by your ISP. Select either the Connect on Demand or Keep Alive option. Connect on Demand Opens a connection only when a user attempts to connect to the Internet.
Setting up the Interfaces of the Services Ready Platforms Setting up the WAN Interface 4 Ethernet WAN Interface Settings Field Description L2TP Select this option if your ISP uses L2TP (Layer 2 Tunneling Protocol) and has provided you with a static IP address. Enter the L2TP Server IP address and the User Name and Password for your account. If your service provider does not dynamically assign an IP address, disable DHCP and enter the address, mask and gateway details provided for your account.
Setting up the Interfaces of the Services Ready Platforms Setting up the WAN Interface 4 IPoA Settings Field Description Internet IP Address and Subnet Mask The SRP’s IP Address and Subnet Mask as seen by external users on the Internet (including your ISP). Your ISP provides you with this information. Default Gateway Your ISP provides you with the Gateway IP Address. Primary/Secondary DNS Use to define one or two DNS servers.
Setting up the Interfaces of the Services Ready Platforms Setting up the WAN Interface 4 PPPoE Settings Field Description Keep Alive Maintains the connection to your ISP all the time. If the link goes down for a given number of seconds (the “redial period”), the gateway automatically tries to reestablish it. The default redial period is 20 seconds.
Setting up the Interfaces of the Services Ready Platforms Setting up the WAN Interface 4 Internet Options Use the Internet Options page to supplement the information configured for your Internet connection. STEP 1 Click Interface Setup > WAN > Internet Option. The Internet Option window opens. STEP 2 Enter the Host Name and Domain Name if provided by your ISP. STEP 3 Enter the IP addresses for up to three DNS servers.
Setting up the Interfaces of the Services Ready Platforms Setting up the WAN Interface 4 Mobile Network Use the Mobile Network page to configure your SRP to connect to a Mobile Broadband USB modem that is connected to its USB interface. For information about compatible modems see: www.cisco.com/go/srp500. STEP 1 Click Interface Setup > Mobile Network. The Mobile Network window opens. STEP 2 Connect to the USB Modem.
Setting up the Interfaces of the Services Ready Platforms Setting up the WAN Interface 4 Field Description Connect Mode Choose Auto or Manual Mode. If you are using manual mode, you will need to access the Configuration Utility to establish an Internet connection through the mobile connection. Click Connect to establish a connection when required. Click Disconnect to tear down the connection.
Setting up the Interfaces of the Services Ready Platforms Setting up the WAN Interface 4 Field Description Card Status Displays the current modem connection status as initializing, connecting, connected, disconnecting, or disconnected. These messages might also appear: • Please set APN manually Appears when the SRP is unable to determine the APN from the operator in automatic mode. • Searching for service...
Setting up the Interfaces of the Services Ready Platforms Setting up the WAN Interface 4 Field Description Dial Number Dial number for the Internet connection. Enter the Dial Number provided by your mobile network service provider. User Name/ Password User name and password provided by your mobile network service provider. SIM PIN PIN code associated with your SIM card. Enter your SIM PIN number here. This field is only displayed for GSM cards.
Setting up the Interfaces of the Services Ready Platforms Setting up the WAN Interface 4 Failover and Recovery An Internet connection can be established through the WAN port or a wireless modem plugged into the USB port. See www.cisco.com/go/srp500 for more details on compatible USB modem devices. While both Ethernet and a USB modem may be connected, only one can be used to establish a link at a time.
Setting up the Interfaces of the Services Ready Platforms Setting up the WAN Interface 4 Failover and Recovery Settings Field Description Connection Recovery Enable to ensure that your primary internet connection in backed up. Interface Connection Failover Failover detection works by detecting the physical connection and/or presence of traffic on the Internet link. If the link is idle, the SRP attempts to ping a destination.
Setting up the Interfaces of the Services Ready Platforms Setting up the VLAN Interfaces and LAN Ports 4 Setting up the VLAN Interfaces and LAN Ports This section describes how to set up the SRP VLAN and LAN ports. It includes the following sections: • DHCP Server • VLAN Settings • Port Settings To access these pages click Interface Setup > LAN from the Configuration Utility.
Setting up the Interfaces of the Services Ready Platforms Setting up the VLAN Interfaces and LAN Ports 4 DHCP Server Settings Field Description Router IP DHCP Name Label which identifies this DHCP Server configuration and is used to assign the service to a VLAN interface. Local IP Address/ Subnet Mask IP address and subnet mask used to configure the VLAN interface to which this DHCP rule is applied.
Setting up the Interfaces of the Services Ready Platforms Setting up the VLAN Interfaces and LAN Ports 4 DHCP Server Settings Field Description Option 67 Provides a configuration/bootstrap filename to hosts requesting this option. This is used in conjunction with option 66 to allow the client to form an appropriate TFTP request for the file. DNS Proxy If DNS proxy is enabled, local clients are offered the SRP Local IP Address to use for DNS requests.
Setting up the Interfaces of the Services Ready Platforms Setting up the VLAN Interfaces and LAN Ports 4 VLAN Settings VLAN settings are configured on this page. After clicking Add Entry, you can create another VLAN. STEP 1 Click Interface Setup > LAN > VLAN Setting. The VLAN Setting window opens. From this page you can view the list of configured VLANs, add or delete a VLAN, and view the details for a selected VLAN.
Setting up the Interfaces of the Services Ready Platforms Setting up the VLAN Interfaces and LAN Ports 4 VLAN Settings Field Description VLAN Name Bridge or VLAN name. VLAN ID Bridge or VLAN ID. Voice VLAN Click this box if you want to use voice. Only use this option in VLAN mode. Address Type Address type determines the way in which the VLAN IP interface is configured. • Choose None if an IP interface is not required. This would typically be the case when bridging ports only.
Setting up the Interfaces of the Services Ready Platforms Setting up the VLAN Interfaces and LAN Ports 4 Port Settings Use the Port Settings page to set the LAN port attributes, edit the port settings, or view the port settings. STEP 1 Click Interface Setup > LAN > Port Setting. The Port Setting window opens. STEP 2 Specify the flow control and speed duplex settings as defined in the Port Settings table. You can only configure these settings for LAN ports 1–4.
Setting up the Interfaces of the Services Ready Platforms Setting up the Wireless LAN 4 Port Settings Field Description Enabled Flow Control Mechanism for temporarily stopping the transmission of data on this physical interface. For example: A situation might arise where a sending station (computer) is transmitting data faster than some other part of the network (including the receiving station) can accept.
Setting up the Interfaces of the Services Ready Platforms Setting up the Wireless LAN 4 Basic Wireless Settings Use the Basic Wireless Settings page to the SRP's integrated wireless access point and up to four wireless networks. STEP 1 Click Interface Setup > Wi-Fi Settings > Basic Wireless Settings. The Basic Wireless Settings window opens. STEP 2 Configure the wireless network settings as defined in the Basic Wireless Settings table. When you are finished, click Submit to save your settings.
Setting up the Interfaces of the Services Ready Platforms Setting up the Wireless LAN 4 Basic Wireless Settings Field Description Network Mode Choose the wireless mode based on the type of devices in your network. NOTE The wireless access point is disabled by default to ensure network security. You must select an active network mode to enable it before configuring further. Radio Band • If you have Wireless-N, Wireless-G, and Wireless-B devices in your network, select Mixed.
Setting up the Interfaces of the Services Ready Platforms Setting up the Wireless LAN 4 Basic Wireless Settings Field Description Standard Channel If you selected Wide-40MHz Channel or Standard -20MHz Channel for the Radio Band setting, then this setting will be available. Select the channel for Wireless-N, Wireless-G, and Wireless-B networking. If you selected Wide-40MHz Channel for the Radio Band setting, then the Standard Channel will be a secondary channel for Wireless-N. The default is channel 11.
Setting up the Interfaces of the Services Ready Platforms Setting up the Wireless LAN 4 Basic Wireless Settings Field Description Broadcast Network Name When wireless clients survey the local area for available wireless networks, they detect the SSIDs that are broadcast by nearby wireless networks. If you want to broadcast the SSID, keep the box checked. If you do not want to broadcast the SSID, uncheck the box. In this case, wireless users would have to know the SSID to associate with the network.
Setting up the Interfaces of the Services Ready Platforms Setting up the Wireless LAN 4 Field Description Encryption Select a level of WEP encryption, 64-bit,10 hex digits or 128bit, 26 hex digits. The default is 64-bit,10 hex digits. Higher encryption levels offer higher levels of security, but due to the complexity of the encryption, they may decrease network performance. Passphrase Enter a passphrase to automatically generate the WEP keys. Then click Generate. Valid keys appear.
Setting up the Interfaces of the Services Ready Platforms Setting up the Wireless LAN 4 Field Description WPA Algorithms WPA2 supports two encryption methods, TKIP and AES, with dynamic encryption keys. Select the type of algorithm, AES or TKIP + AES. The default is TKIP + AES. WPA Shared Key Enter a Passphrase of 8-63 characters. Group Key Renewal Enter an interval in seconds to specify how often the SRP changes the encryption keys.
Setting up the Interfaces of the Services Ready Platforms Setting up the Wireless LAN 4 Field Description Key Renewal Timeout Enter an interval in seconds to specify how often the SRP changes the encryption keys. The default Group Key Renewal period is 3600 seconds, which is 1 hour. Wireless Protected Setup Use the Wi-Fi Protected Setup page to automatically configure wireless security for your wireless networks. NOTE Make sure that the WPS client device is located near the SRP during setup.
Setting up the Interfaces of the Services Ready Platforms Setting up the Wireless LAN 4 WPS Method 2 Use this method if your client device has a Wi-Fi Protected Setup PIN number. STEP 1 Enter the PIN number in the field on this page. STEP 2 Click Register. STEP 3 After the client device is configured, click OK. Then refer to your client device or its documentation for further instructions. WPS Method 3 Use this method if your client device asks for the SRP PIN number.
Setting up the Interfaces of the Services Ready Platforms Setting up the Wireless LAN 4 STEP 6 Select Save to MAC Address Filter List for any device you want to add to the list and click Add. To retrieve the most up-to-date information, click Refresh. To exit this page and return to the Wireless MAC Filter page, click Close. NOTE Wireless access can be filtered by using the MAC addresses of the wireless devices transmitting within your network radius. STEP 7 Click Submit to save your settings.
Setting up the Interfaces of the Services Ready Platforms Setting up the Wireless LAN 4 Advanced Wireless Settings Use the Wireless Settings page to configure advanced wireless functions for the SRP. NOTE These settings should only be configured by an experienced administrator. Before you configure these settings, make sure that wireless is enabled on the SRP. See Basic Wireless Settings, page 49. STEP 1 Click Interface Setup > Wi-Fi Settings > Advanced Wireless Settings.
Setting up the Interfaces of the Services Ready Platforms Setting up the Wireless LAN 4 Advanced Wireless Settings Field Description Global Settings AP Isolation Isolates all wireless clients and wireless devices from one another. Wireless devices will be able to communicate with the SRP but not with other wireless devices on the network. To use this function, select Enabled. AP Isolation is disabled by default. Basic Rate Series of rates at which the SRP can transmit.
Setting up the Interfaces of the Services Ready Platforms Setting up the Wireless LAN 4 Advanced Wireless Settings Field Description CTS Protection Mode The SRP automatically uses CTS (Clear-To-Send) Protection Mode when your Wireless-N and Wireless-G products are experiencing severe problems and are not able to transmit to the SRP in an environment with heavy 802.11b traffic. This function boosts the SRP’s ability to catch all Wireless-N and Wireless-G transmissions but can impact performance.
Setting up the Interfaces of the Services Ready Platforms Using the Management Interface 4 WMM Setting Use the WMM Setting page to configure support for Wi-Fi Multimedia (WMM) devices on your network. STEP 1 Click Interface Setup > Wi-Fi Settings > WMM Setting. The WMM Setting window opens. STEP 2 If you have other devices on your network that support WMM, keep the default setting Enabled.
5 Configuring the Network This chapter describes how to configure the network settings for the Services Ready Platforms. It includes the following sections: • Routing • NAT • Port Range Triggering • Firewall • PPPoE Relay • DDNS • IGMP • UPnP • CDP Setting To access these pages click the Network Setup Tab from the Configuration Utility menu bar.
5 Configuring the Network Routing Routing This section describes how to configure various types of routing on the SRP including: • Static Routes • RIP • Intervlan Routing To access these pages click Network Setup > Routing from the Configuration Utility. Static Routes Use the Static Routes page to configure static routes for network traffic. STEP 1 Click Network Setup > Routing > Static Routes. The Static Routes window opens.
5 Configuring the Network Routing Static Route Settings Field Description Enter Route Name Enter a name for the static route. Destination Subnet IP Address of the network or host to which you want to assign a static route. Subnet Mask Determines which portion of an IP address is the network portion, and which portion is the host portion. Gateway IP address of the gateway device that allows for contact between the SRP and the network or host.
5 Configuring the Network Routing RIP Settings Field Description RIP List Interface: Displays the list of interfaces. RIP Enabled: Select to enable or disable RIP on the interface. Passive Mode: With the passive mode interface, all receiving packets are processed as normal and do not send either multicast or unicast RIP packets except to RIP neighbors. To select passive mode, select Enabled from the RIP Config Edit window.
5 Configuring the Network NAT Intervlan Routing Configuring VLANs helps control the size of the broadcast domain and keeps local traffic local. However, when an end station in one VLAN needs to communicate with an end station in another VLAN, intervlan communication is required. This communication is enabled by Intervlan Routing. NOTE Intervlan routing does not apply to the Guest VLAN if you have configured wireless guest access. STEP 1 Click Network Setup > Routing > Intervlan Routing.
Configuring the Network NAT 5 STEP 3 Click Submit to save your settings. Port Forwarding Use the Port Forwarding page if your network hosts network services (Internet applications) such as web, email, FTP, video conferencing or gaming. For each service, Internet traffic is forwarded by application (IP port) to the internal servers that host these services.
5 Configuring the Network NAT Port Forwarding Settings Field Description Port Forwarding Type Choose the type of port forwarding from the drop-down list Select Single Port Forwarding to forward traffic for a specified port on to the same or an alternative port on the target server in the LAN. Select Port Range Forwarding to forward traffic to a range of ports to the same ports on the target server in the LAN. Refer to the Internet application’s documentation for the required ports or ranges.
5 Configuring the Network NAT Port Forwarding Settings Field Description IP Address Enter the IP address of the local server that should receive forwarded traffic. Enabled Click Enabled to activate this forwarding rule. The default setting is unchecked (Disabled). Port Range Triggering Use the Port Range Triggering page to allow the SRP to monitor outgoing data for specific port numbers and dynamically create a forwarding rule to direct returning traffic to the requesting local client.
5 Configuring the Network NAT Port Range Triggering Settings Field Description Application Name Enter a name to identify the application in the Port Range Triggering List. WAN Choose the WAN Interface through which the trigger ports will be detected. LAN Choose the LAN where the host computer is located and to which forwarded traffic will be directed. Triggered Range Enter the starting and ending port numbers of the triggered port range.
5 Configuring the Network QoS QoS This section describes how to configure Quality of Service (QoS) settings for the SRP. It includes the following sections: • QoS Bandwidth Control • QoS Policy • CoS To Queue • DSCP To Queue To access these pages click Network Setup > QoS from the Configuration Utility. QoS Bandwidth Control Use the QoS Bandwidth Control page to allow the SRP to rate limit upstream data transmissions to suit the broadband service.
5 Configuring the Network QoS Bandwidth Shaping Control Settings Field Description Upstream Bandwidth Enter the maximum available upstream bandwidth value for the connected broadband service. The default value is 100000 Kbps for Ethernet interfaces. NOTE Setting this value higher than the available service bandwidth can result in traffic being dropped arbitrarily in the service provider's network. Strict High Priority Queue Defines the bandwidth required for strict priority traffic.
5 Configuring the Network QoS The QoS Priority Setting window opens. STEP 4 Choose the QoS category from the drop-down list (Application, MAC Address, Ethernet Port, or VLAN). STEP 5 Specify the policy settings for the particular category as defined in the QoS Policy Settings: Classification table. STEP 6 Enter the QoS Queuing and Marking settings for the specified category. STEP 7 Click Submit to save your settings.
5 Configuring the Network QoS VLAN Category Name Enter the name of the Ethernet port. For example: data_Lan. VLAN Choose the source VLAN. IP Address Name Enter a name to describe this rule. Destination IP Enter the target IP address or network that will classify the traffic for this rule. Destination Mask Enter the mask for the target IP address or network. LAN Choose the source LAN.
5 Configuring the Network Firewall DSCP To Queue Use the DSCP to Queue page to queue traffic based on the Differentiated Services Code Point (DSCP) value in the incoming packet. STEP 1 Click Network Setup > QoS > DSCP To Queue. The DSCP To Queue window opens. STEP 2 Change the priority settings for each IP DiffServ value as necessary. STEP 3 Choose a priority level from the drop-down list. The priority defines the traffic forwarding queue to which traffic with the given DSCP is mapped.
5 Configuring the Network Firewall STEP 4 Click Submit to save your settings. Firewall Filter Settings Field Description SPI Firewall Protection To enable a firewall protection, select Enabled. The default is Enabled. Internet Filter Options Filter Anonymous Internet Requests Prevents your network from being "pinged" or detected by other Internet users. It also hides your network ports. Both make it more difficult for outside users to enter your network. This filter is enabled by default.
5 Configuring the Network Firewall Java Java is a programming language for websites. If you filter Java, you will prevent access to Internet sites created using this programming language. To enable Java filtering, check the box. This filter is disabled by default. ActiveX ActiveX is a programming language for websites. If you filter ActiveX, you will prevent access to Internet sites that use this programming language. To enable ActiveX filtering, check the box. This filter is disabled by default.
5 Configuring the Network Firewall STEP 8 Click Submit to save your settings. Internet Access Control Settings Field Description Enter Policy Name Enter a name for the policy. Status To enable this policy, click Enabled. To disable this policy, click Disabled. The default setting is Disabled From, To You can apply the rule to all traffic by choosing From All, To All, or you can limit the rule to apply only to particular interfaces, such as From VLAN1 to WAN1.
5 Configuring the Network PPPoE Relay Blocking by Destination IP Address Check this box to prevent users from accessing specified IP addresses. Enter up to four IP addresses. Blocking by Application Check this box to prevent users from accessing specified Internet services, such as FTP or Telnet (You can block up to three applications per policy.) From the Applications list, click the application that you want to block. Then click the right-arrow button (>>) to move the application to the Blocked List.
5 Configuring the Network DDNS STEP 5 Click Submit to save your settings. PPPoE Relay Settings Field Description WAN interface Select the WAN Interface for this rule. For example: WAN1 or WAN2. LAN interface Select the LAN Interface for this rule. For example: VLAN1 or VLAN100.
5 Configuring the Network DDNS STEP 4 Click Submit to save your settings. DDNS Service Settings Field Description DDNS Service Choose the provider for your DDNS service from the drop-down list. You can choose from DynDNS.org or TZO.com. DDNS service is disabled by default. NOTE You must sign up for an account with either one of these providers before you can use this service. DynDNS.org Settings User Name Enter the user name from DynDNS.org. Password Enter the password from DynDNS.org.
5 Configuring the Network DMZ Update To manually trigger an update, click this button TZO.org Settings E-mail Address Enter the email address for your TZO account. TZO Key Enter the key for your TZO account. Domain Name Enter your host name. For example: name.dyndns.org. Internet IP Address Displays your current IP address. Status Displays your DDNS status. Update To manually trigger an update, click this button.
5 Configuring the Network IGMP STEP 4 Click Submit to save your settings. Field Description Status To use this feature, select Enabled. To disable DMZ hosting, select Disabled. Source IP Address If you want any IP address to be the source, select Any IP Address. If you want to specify an IP address or range of IP addresses as the designated source, click the second radio button, and enter the IP address(es) in the fields provided.
5 Configuring the Network UPnP STEP 1 .Click Network Setup > IGMP. The IGMP window opens. STEP 2 To allow multicast traffic through the SRP for your multimedia application devices, use the default setting, Enabled. STEP 3 Select the version you want to support, IGMP v1 or IGMP v2. If you are not sure which version to select, use the default setting, IGMP v2. STEP 4 Click Submit to save your settings. Field Description Support IGMP Version Select the version you want to use from the drop-down list.
5 Configuring the Network CDP Setting UPnP Settings Field Description UPnP To allow UPnP, keep the default setting, Enabled. Otherwise, select Disabled. Allow Users to Configure When enabled (default), local clients can use UPnP to change the SRP configuration and behavior. If you only want to allow clients to discover the SRP using UPnP, select Disabled. Keep UPnP Configurations After System Reboot When enabled, the SRP saves the configuration changes made by clients over a system reboot.
5 Configuring the Network CDP Setting CDP Settings Field Description CDP Control whether CDP will run on some, all or none of the SRP Ethernet interfaces. CDP per port is the default setting (recommended). CDP Timer Specify the interval at which successive CDP packets can be sent. You can enter a value between 5 to 900 seconds. The default is 60 seconds. CDP Hold Timer Control whether CDP will run on some, all or none of the SRP Ethernet interfaces. Enter a value between 10 to 255 seconds.
6 Configuring Voice This chapter describes how to configure voice settings and voice services for the Services Ready Platforms. It includes the following sections: • Configuring Voice Services • Configuring Voice Settings Configuring Voice Services This section describes how to configure your SRP to meet the customer’s requirements for voice services.
6 Configuring Voice Configuring Voice Services VV Ethernet Services Ready Platform V PSTN IP SIP proxy Phone 236741 Telephone/fax Internet Service Provider VoIP Infrastructure Voice gateway The SRP maintains the state of each call made through the FXS interface and makes the proper reaction to user input events (such as on/off hook or hook flash). Because the SRP uses the Session Initiation Protocol (SIP), it is compatible with most Internet Telephony Service Provider offerings.
6 Configuring Voice Configuring Voice Services G.726-32 Low complexity codec that supports compressed 32 kbps digitized voice transmission at one through ten 10 ms voice frames per packet. This codec provides high voice quality. G.729a ITU G.729 voice coding algorithm used to compress digitized speech. G.729a is a reduced complexity version of G.729 requiring about half the processing power of G.729. The G.729 and G.729a bit streams are compatible and interoperable, but not identical.
6 Configuring Voice Configuring Voice Services Other SRP Voice Features The following table summarizes other voice features provided by the SRP. Feature Description Silence Suppression Voice Activity Detection (VAD) with Silence Suppression is a means of increasing the number of calls supported by the network by reducing the average bandwidth required for a single call. VAD uses a sophisticated algorithm to distinguish between speech and non-speech signals.
6 Configuring Voice Configuring Voice Services Feature Description Modem and Fax PassThrough • Modem pass-through mode can be triggered only by predialing the number set in the Modem Line Toggle Code. See Regional Page, page 136. • FAX pass-through mode is triggered by the detection of a CED/CNG tone or an NSE event. • Echo canceller is automatically disabled for Modem passthrough mode.
6 Configuring Voice Configuring Voice Services Feature Description Adjustable Audio Frames Per Packet This feature allows the user to set the number of audio frames contained in one RTP packet. Packets can be adjusted to contain from 1–10 audio frames. Increasing the number of packets decreases the bandwidth utilized, but it also increases delay and may affect voice quality. RTP packets are configured in the SIP page. See SIP Page, page 120.
6 Configuring Voice Configuring Voice Services Feature Description Signaling Hook Flash Event The SRP can signal hook flash events to the proxy during a connected call. This feature can be used to provide advanced mid-call services with thirdparty-call control.
6 Configuring Voice Configuring Voice Services Feature Description Polarity Control The SRP allows the polarity to be set when a call is connected and when a call is disconnected. This feature is required to support some pay phone system and answering machines. Polarity Control is configured in the Line pages. See Line Pages (1–2), page 156.
6 Configuring Voice Configuring Voice Services Feature Description SIP Over TLS The SRP allows the use of SIP over Transport Layer Security (TLS). SIP over TLS is designed to eliminate the possibility of malicious activity by encrypting the SIP messages between the service provider and the end user. SIP over TLS relies on the widely-deployed and standardized TLS protocol. SIP Over TLS encrypts only the signaling messages and not the media.
6 Configuring Voice Configuring Voice Services NOTE These are the minimum settings for most ITSP connections. Enter the account information as required by your ITSP. STEP 5 Click Submit to save your settings. The voice service will restart. STEP 6 To verify your progress, perform the following tasks: a. From the Voice navigation pane, click Info. Scroll down to the Line section of the page for the line you configured. Verify that the line is registered. b.
6 Configuring Voice Managing Caller ID Services Managing Caller ID Services The choice of Caller ID (CID) method is dependent on your area/region. This option is located on the Voice > Regional page under the Miscellaneous area. To configure CID, use the following parameters. Caller ID Method Bellcore (N.Amer,China)—CID, CIDCW, and VMWI. FSK sent after first ring (same as ETSI FSK sent after first ring) (no polarity reversal or DTAS). This is the default setting. DTMF (Finland, Sweden)—CID only.
6 Configuring Voice Managing Caller ID Services There are three types of Caller IDs: • On Hook Caller ID Associated with Ringing—Type of Caller ID is used for incoming calls when the attached phone is on hook. See the following figure (a) – (c). All CID methods can be applied for this type of CID. • On Hook Caller ID Not Associated with Ringing—Used to send VMWI signal to the phone to turn the message waiting light on and off (see Figure 1 (d) and (e).
6 Configuring Voice Managing Caller ID Services Optimizing Fax Completion Rates Issues can occur with fax transmissions over IP networks, even with the T.38 standard, which is supported by the SRP. You can adjust several settings on your SRP to optimize your fax completion rates. STEP 1 Ensure that you have enough bandwidth for the uplink and the downlink. • For G.711 fallback, it is recommend to have approximately 100 kbps. • For T.38, allocate at least 50 kbps. STEP 2 To optimize G.
6 Configuring Voice Managing Caller ID Services Make sure the Cisco gateway is correctly configured for T.38 with the SPA dialpeer. For example: fax protocol T38 fax rate voice fax-relay ecm disable fax nsf 000000 no vad Fax Troubleshooting If you have problems sending or receiving faxes, complete the following steps: STEP 1 Verify that your fax machine is set to a speed between 7200 and 14400. STEP 2 Send a test fax in a controlled environment between two ATAs. STEP 3 Determine the success rate.
Configuring Voice Silence Suppression and Comfort Noise Generation 6 STEP 8 Contact technical support: • If you are an end user of VoIP products, contact the reseller or Internet telephony service provider (ITSP) that supplied the equipment. • If you are an authorized Cisco partner, contact Cisco technical support at: www.cisco.com/support.
6 Configuring Voice Configuring Dial Plans Configuring Dial Plans Dial plans determine how dialed digits are interpreted and transmitted. They also determine whether the dialed number is accepted or rejected. You can use a dial plan to facilitate dialing or to block certain types of calls such as long distance or international. This section includes information that you need to understand dial plans, as well as procedures for configuring your own dial plans.
6 Configuring Voice Configuring Dial Plans Digit Sequence Function 0 1 2 3 4 5 6 7 8 9 0 * # Enter any of these characters to represent a key that the user must press on the phone keypad. x Enter x to represent any character on the phone keypad. [sequence] Enter characters within square brackets to create a list of accepted key presses. The user can press any one of the keys in the list. .
6 Configuring Voice Configuring Dial Plans Digit Sequence Function , Enter a comma between digits to play an “outside line” dial tone after a user-entered sequence. (comma) EXAMPLE: 9, 1xxxxxxxxxx An “outside line” dial tone is sounded after the user presses 9, and the tone continues until the user presses 1. ! (exclamation point) Enter an exclamation point to prohibit a dial sequence pattern. EXAMPLE: 1900xxxxxxx! The system rejects any 11-digit sequence that begins with 1900.
6 Configuring Voice Configuring Dial Plans Local dialing with seven-digit number EXAMPLE: ( [1-8]xx | 9, xxxxxxx | 9, <:1>[2-9]xxxxxxxxx | 8, <:1212>xxxxxxx | 9, 1 [2-9] xxxxxxxxx | 9, 1 900 xxxxxxx ! | 9, 011xxxxxx. | 0 | [49]111) 9, xxxxxxx After a user presses 9, an external dial tone sounds. The user can then dial any seven-digit number, as in a local call.
6 Configuring Voice Configuring Dial Plans 9, 1 900 xxxxxxx ! This digit sequence is useful if you want to prevent users from dialing numbers that are associated with high tolls or inappropriate content, such as 1-900 numbers in the U.S. After the user press 9, an external dial tone sounds. If the user enters an 11-digit number that starts with the digits 1900, the call is rejected. U.S.
6 Configuring Voice Configuring Dial Plans Terminating Event Processing The dialed digits exactly match one sequence in the dial plan. • If the sequence is allowed by the dial plan, the number is accepted and is transmitted according to the dial plan. • If the sequence is blocked by the dial plan, the number is rejected. A timeout occurs. The user presses the # key.
6 Configuring Voice Configuring Dial Plans substitution, <:n>, then the user hears a reorder (fast busy) tone after the specified number of seconds. Examples for the Dial Plan Timer • Allow more time for users to start dialing after taking a phone off hook. EXAMPLE:(P9 | (9,8<:1408>[2-9]xxxxxx | 9,8,1[2 9]xxxxxxxxx | 9,8,011xx. | 9,8,xx.|[1-8]xx) P9 After taking a phone off hook, a user has 9 seconds to begin dialing. If no digits are pressed within 9 seconds, the user hears a reorder (fast busy) tone.
6 Configuring Voice Configuring Dial Plans Syntax for the Interdigit Long Timer SYNTAX: L:s, ( dial plan ) s: The number of seconds; if no number is entered after L:, the default timer of 5 seconds applies. The timer sequence appears to the left of the initial parenthesis for the dial plan. Example for the Interdigit Long Timer EXAMPLE: L:15, (9,8<:1408>[2-9]xxxxxx | 9,8,1[2-9]xxxxxxxxx | 9,8,011xx. | 9,8,xx.
6 Configuring Voice Configuring Dial Plans EXAMPLE: (9,8<:1408>[2-9]xxxxxx | 9,8,1[2-9]xxxxxxxxxS0 | 9,8,011xx. | 9,8,xx.|[1-8]xx) 9,8,1[2-9]xxxxxxxxxS0 With the timer set to 0, the call is transmitted automatically when the user dials the final digit in the sequence. Editing Dial Plans You can edit dial plans and can modify the control timers. Entering the Line Interface Dial Plan This dial plan is used to strip steering digits from a dialed number before it is transmitted out to the carrier.
6 Configuring Voice Configuring Dial Plans STEP 3 Scroll down to the Control Timer Values section. STEP 4 Enter the desired values in the Interdigit Long Timer field and the Interdigit Short Timer field. Refer to the definitions at the beginning of this section. Secure Call Implementation This section describes secure call implementation with the SRP.
6 Configuring Voice Configuring Dial Plans The signing agent is implicit and must be the same for all devices that communicate securely with each other. The public key of the signing agent is preconfigured into the SRP by the administrator and is used by the SRP to verify the Mini-Certificate of its peer. The Mini-Certificate is valid if it has not expired, and it has a valid signature. The SRP can be configured so that, by default, all outbound calls are either secure or not secure.
6 Configuring Voice Configuring Dial Plans • Encrypted Master Salt (16B or 128b) Using a Mini-Certificate The Master Key and Master Salt are encrypted with the public key from the called party mini-certificate. The Master Key and Master Salt are used by both ends for deriving session keys to encrypt subsequent RTP packets. The called party then responds with a Callee Final message (which is an empty message).
6 Configuring Voice Configuring Dial Plans Generating a Mini Certificate Cisco provides a Mini Certificate Generator for the generation of mini certificates and private keys. Contact your Cisco representative to access this tool.
6 Configuring Voice Configuring Voice Settings Configuring Voice Settings Use the Voice pages to view and configure the voice settings for your SRP. These pages are described in the following sections: • Info Page • System Page • SIP Page • Provisioning Page • Regional Page • Line Pages (1–2) • User Pages (1–2) NOTE To access the voice settings pages, click Voice on the tab and then click the page you want to access in the navigation pane.
6 Configuring Voice Configuring Voice Settings Client Certificate Status of the client certificate, which can indicate if the SRP was authorized by your ITSP. Serial Number Product serial number. Hardware Version Hardware version number. MAC Address MAC Address. For example: 8843E1657936. Customization Feature not used. System Status Voice > Info > System Status 116 Current Time Current date and time of the system; for example, 10/3/2003 16:43:00.
6 Configuring Voice Configuring Voice Settings Line Status Voice > Info > Line 1 Status (similar information also provided for Line 2) Hook State Hook state of the FXO port. Lines are either On or Off. Last Registration At Last date and time the line was registered. Message Waiting States are either Yes or No. The value automatically is set to Yes when a message is received. You also can clear or set the flag manually from the user menu. Last Called Number The last number called from the FXO Line.
6 Configuring Voice Configuring Voice Settings Call 1 and 2 Type 118 Direction of the call.
6 Configuring Voice Configuring Voice Settings Call 1 and 2 Packet Error Number of invalid packets received. Call 1 and 2 Mapped RTP Port The port mapped for Real Time Protocol traffic for Call 1/2. Call 1 and 2 Media Loopback Media loopback is used to quantitatively and qualitatively measure the voice quality experienced by the end user. System Page Use the System page to configure settings for your system and network.
6 Configuring Voice Configuring Voice Settings Debug Level Determines the level of debug information that will be generated. Select 0, 1, 2, 3 or 3+Router from the drop-down list. The higher the debug level, the more debug information will be generated. The default is 0, which indicates that no debug information will be generated. Levels 1, 2 & 3 generate messages related to the voice ports only. 3+Router generates debug content for both voice and router components.
6 Configuring Voice Configuring Voice Settings SIP User Agent Name User-Agent header used in outbound requests. If empty, the header is not included. Macro expansion of $A to $D corresponding to GPP_A to GPP_D allowed. The default is $VERSION. SIP Server Name Server header used in responses to inbound responses. The default is $VERSION. SIP Reg User Agent Name User-Agent name to be used in a REGISTER request.
6 Configuring Voice Configuring Voice Settings Use Compact Header Lets you use compact SIP headers in outbound SIP messages. Select yes or no from the dropdown list. If set to yes, the SRP uses compact SIP headers in outbound SIP messages. If set to no, the SRP uses normal SIP headers. If inbound SIP requests contain compact headers, the SRP reuses the same compact headers when generating the response regardless the settings of the Use Compact Header parameter.
6 Configuring Voice Configuring Voice Settings SIP TCP Port Min Specifies the lowest TCP port number that can be used for SIP sessions. The default value is 5060. SIP TCP Port Max Specifies the highest TCP port number that can be used for SIP sessions. The default value is 5080. SIP Timer Values Voice > SIP > SIP Timer Values SIP T1 RFC 3261 T1 value (RTT estimate), which can range from 0 to 64 seconds. The default is 0.5.
6 Configuring Voice Configuring Voice Settings SIP Timer D ACK hang-around time, which can range from 0 to 64 seconds. The default is 32. SIP Timer J Non-INVITE response hang-around time, which can range from 0 to 64 seconds. The default is 32. INVITE Expires INVITE request Expires header value. If you enter 0, the Expires header is not included in the request. The default is 240. Range: 0–(231–1). ReINVITE Expires ReINVITE request Expires header value.
6 Configuring Voice Configuring Voice Settings Response Status Code Handling Voice > SIP > Response Status Code Handling SIT1 RSC SIP response status code for the appropriate Special Information Tone (SIT). For example, if you set the SIT1 RSC to 404, when the user makes a call and a failure code of 404 is returned, the SIT1 tone is played. Reorder or Busy tone is played by default for all unsuccessful response status code for SIT 1 RSC through SIT 4 RSC.
6 Configuring Voice Configuring Voice Settings RTP Packet Size Packet size in seconds, which can range from 0.01 to 0.16. Valid values must be a multiple of 0.01 seconds. The default is 0.030. Max RTP ICMP Err Number of successive ICMP errors allowed when transmitting RTP packets to the peer before the SRP terminates the call. If value is set to 0, the SRP ignores the limit on ICMP errors. The default is 0. RTCP Tx Interval Interval for sending out RTCP sender reports on an active connection.
6 Configuring Voice Configuring Voice Settings Stats In BYE Determines whether the SRP includes the P-RTPStat header or response in a BYE message. The header contains the RTP statistics of the current call. Select yes or no from the drop-down list. The format of the P-RTP-Stat header is: P-RTP-State: PS=,OS=,PR=,OR=,PL=,JI=,LA=,DU=,EN=,DE=. The default is yes.
6 Configuring Voice Configuring Voice Settings RTP-Start-Loopback Codec RTP-Start-Loopback Codec. Select one of the following: G711u, G711a, G726-32, G729a. The default is G711u. NSE Codec Name NSE codec name used in SDP. The default is NSE. AVT Codec Name AVT codec name used in SDP. The default is telephone-event. G711u Codec Name G.711u codec name used in SDP. The default is PCMU. G711a Codec Name G.711a codec name used in SDP. The default is PCMA. G726r32 Codec Name G.
6 Configuring Voice Configuring Voice Settings Handle VIA rport If you select yes, the SRP processes the rport parameter in the VIA header (this value is inserted by the server in a response to anyone of its requests). If you select no, the parameter is ignored. Select yes or no from the drop-down menu. The default is no. Insert VIA received Inserts the received parameter into the VIA header of SIP responses if the received-from IP and VIA sent-by IP values differ.
6 Configuring Voice Configuring Voice Settings STUN Server IP address or fully-qualified domain name of the STUN server to contact for NAT mapping discovery. EXT IP External IP address to substitute for the actual IP address of the SRP in all outgoing SIP messages. If 0.0.0.0 is specified, no IP address substitution is performed. If this parameter is specified, the SRP assumes this IP address when generating SIP messages and SDP (if NAT Mapping is enabled for that line).
6 Configuring Voice Configuring Voice Settings Provisioning Page Use the Provisioning page to configure various profiles and parameters. This page includes the following sections: • Configuration Profile • Firmware Upgrade • General Purpose Parameters Configuration Profile Voice > Provisioning > Configuration Profile Provision Enable Controls all resync actions independently of firmware upgrade actions. Set to Yes to enable remote provisioning. The default is Yes.
6 Configuring Voice Configuring Voice Settings Resync Periodic The time interval between periodic resyncs with the provisioning server. The associated resync timer is active only after the first successful sync with the server. Set this parameter to zero to disable periodic resyncing. The default is 3600 seconds. Resync Error Retry Delay Resync retry interval (in seconds) applied in case of resync failure.
6 Configuring Voice Configuring Voice Settings Resync Trigger 1 Resync Trigger 2 Configurable resync trigger conditions. A resync is triggered when the logic equation in these parameters evaluates to TRUE. The default is (empty). Resync Fails On FNF Determines whether a file-not-found response from the provisioning server constitutes a successful or a failed resync. A failed resync activates the error resync timer. The default is Yes.
6 Configuring Voice Configuring Voice Settings Log Resync Success Msg Syslog message issued upon successful completion of a resync attempt. The default is $PN $MAC – Successful resync $SCHEME://$SERVIP:$PORT$PATH -- $ERR. Log Resync Failure Msg Syslog message issued after a failed resync attempt. Report Rule The target URL to which configuration reports are sent. This parameter has the same syntax as the Profile_Rule parameter, and resolves to a TCP/IP command with an associated URL.
6 Configuring Voice Configuring Voice Settings Downgrade Rev Limit Enforces a lower limit on the acceptable version number during a firmware upgrade or downgrade. The device does not complete a firmware upgrade operation unless the firmware version is greater than or equal to this parameter. The default is (empty). Upgrade Rule This parameter is a firmware upgrade script with the same syntax as Profile_Rule. Defines upgrade conditions and associated firmware URLs. The default is (empty).
6 Configuring Voice Configuring Voice Settings Regional Page Use the Regional page to localize your system with the appropriate regional settings. The following sections appear on the Regional page.
6 Configuring Voice Configuring Voice Settings Segment 1: On=2s, Off=4s Total Ring Length = 60s Example 2—Distinctive ring (short,short,short,long): 60(.2/.2,.2/.2,.2/.2,1/4) Number of Cadence Sections = 1 Cadence Section 1: Section Length = 60s Number of Segments = 4 Segment 1: On=0.2s, Off=0.2s Segment 2: On=0.2s, Off=0.2s Segment 3: On=0.2s, Off=0.2s Segment 4: On=1.0s, Off=4.
6 Configuring Voice Configuring Voice Settings Example 1—Dial tone: 350@-19,440@-19;10(*/0/1+2) Number of Frequencies = 2 Frequency 1 = 350 Hz at –19 dBm Frequency 2 = 440 Hz at –19 dBm Number of Cadence Sections = 1 Cadence Section 1: Section Length = 10 s Number of Segments = 1 Segment 1: On=forever, with Frequencies 1 and 2 Total Tone Length = 10s Example 2—Stutter tone: 350@-19,440@-19;2(.1/.
6 Configuring Voice Configuring Voice Settings Prompt Tone Prompts the user to enter a call forwarding phone number. The default is 520@-19,620@-19;10(*/0/1+2). Busy Tone Played when a 486 RSC is received for an outbound call. The default is 480@-19,620@-19;10(.5/.5/1+2). Reorder Tone Played when an outbound call has failed, or after the far end hangs up during an established call. Reorder Tone is played automatically when Dial Tone or any of its alternatives times out.
6 Configuring Voice Configuring Voice Settings SIT2 Tone Alternative to the Reorder Tone played when an error occurs as a caller makes an outbound call. The RSC to trigger this tone is configurable on the SIP screen. The default is 914@-16,1371@-16,1777@ 16;20(.274/0/ 1,.274/0/2,.380/0/3,0/4/0). SIT3 Tone Alternative to the Reorder Tone played when an error occurs as a caller makes an outbound call. The RSC to trigger this tone is configurable on the SIP screen.
6 Configuring Voice Configuring Voice Settings Feature Invocation Tone Played when a feature is implemented. The default is 350@-16;*(.1/.1/1). Distinctive Ring Patterns Voice > Regional > Distinctive Ring Patterns Ring1 Cadence Cadence script for distinctive ring 1. The default is 60(2/4). Ring2 Cadence Cadence script for distinctive ring 2. The default is 60(.8/.4,.8/4). Ring3 Cadence Cadence script for distinctive ring 3. The default is 60(.4/.2,.4/.2,.8/4).
6 Configuring Voice Configuring Voice Settings CWT2 Cadence Cadence script for distinctive CWT 2. The default is 30(.1/.1, .1/9.7). CWT3 Cadence Cadence script for distinctive CWT 3. The default is 30(.1/.1, .1/.1, .1/9.7). CWT4 Cadence Cadence script for distinctive CWT 4. The default is 30(.1/.1, .3/.1, .1/9.3). CWT5 Cadence Cadence script for distinctive CWT 5. The default is 1(.5/.5). CWT6 Cadence Cadence script for distinctive CWT 6. The default is 30(.3/.1,.3/.1,.1/9.1).
6 Configuring Voice Configuring Voice Settings Ring4 Name Name in an INVITE’s Alert-Info Header to pick distinctive ring/CWT 4 for the inbound call. The default is Bellcore-r4. Ring5 Name Name in an INVITE’s Alert-Info Header to pick distinctive ring/CWT 5 for the inbound call. The default is Bellcore-r5. Ring6 Name Name in an INVITE’s Alert-Info Header to pick distinctive ring/CWT 6 for the inbound call. The default is Bellcore-r6.
6 Configuring Voice Configuring Voice Settings Ring and Call Waiting Tone Spec IMPORTANT: Ring and Call Waiting tones do not work the same way on all phones. When setting ring tones, consider the following recommendations: • Begin with the default Ring Waveform, Ring Frequency, and Ring Voltage.
6 Configuring Voice Configuring Voice Settings Hook Flash Timer Max Maximum on-hook time before off-hook qualifies as hookflash. More than this the on-hook event is treated as onhook (no hook-flash event). Range: 0.4–1.6 seconds. The default is 0.9. Callee On Hook Delay Phone must be on-hook for at this time in sec. before the SRP will tear down the current inbound call. It does not apply to outbound calls. Range: 0–255 seconds. The default is 0.
6 Configuring Voice Configuring Voice Settings Interdigit Short Timer Short timeout between entering digits when dialing. The Interdigit_Short_Timer is used after any one digit, if at least one matching sequence is complete as dialed, but more dialed digits would match other as yet incomplete sequences. Range: 0–64 seconds. The default is 3. CPC Delay Delay in seconds after caller hangs up when the SRP starts removing the tip-and-ring voltage to the attached equipment of the called party.
6 Configuring Voice Configuring Voice Settings Vertical Service Activation Codes Vertical Service Activation Codes are automatically appended to the dial-plan. There is no need to include them in dial-plan, although no harm is done if they are included. Voice > Regional > Vertical Service Activation Codes Call Return Code Call Return Code This code calls the last caller. The default is *69. Call Redial Code Redials the last number called. The default is *07.
6 Configuring Voice Configuring Voice Settings Cfwd No Ans Act Code Forwards no-answer calls to the extension specified after the activation code. The default is *92. Cfwd No Ans Deact Code Cancels call forwarding of no-answer calls. Cfwd Last Act Code Forwards the last inbound or outbound calls to the extension specified after the activation code. The default is *93. The default is *63. Cfwd Last Deact Code Cancels call forwarding of the last inbound or outbound calls. The default is *83.
6 Configuring Voice Configuring Voice Settings CW Per Call Deact Code Disables call waiting for the next call. Block CID Act Code Blocks caller ID on all outbound calls. The default is *70. The default is *67. Block CID Deact Code Removes caller ID blocking on all outbound calls. Block CID Per Call Act Code Blocks caller ID on the next outbound call. Block CID Per Call Deact Code Removes caller ID blocking on the next inbound call. Block ANC Act Code Blocks all anonymous calls.
6 Configuring Voice Configuring Voice Settings CWCID Deact Code Disables call waiting, caller ID generation. The default is *45. Dist Ring Act Code Enables the distinctive ringing feature. The default is *26. Dist Ring Deact Code Disables the distinctive ringing feature. Speed Dial Act Code Assigns a speed dial number. The default is *46. The default is *74. Paging Code Used for paging other clients in the group. The default is *96. Secure All Call Act Code Makes all outbound calls secure.
6 Configuring Voice Configuring Voice Settings FAX Line Toggle Code Toggles the line to a fax machine. Media Loopback Code Use for media loopback. Referral Services Codes These codes tell the SRP what to do when the user places the current call on hold and is listening to the second dial tone. The default is #99. The default is *03. One or more *code can be configured into this parameter, such as *98, or *97|*98|*123, etc. Max total length is 79 chars.
6 Configuring Voice Configuring Voice Settings Feature Dial Services Codes These codes tell the SRP what to do when the user is listening to the first or second dial tone. One or more *code can be configured into this parameter, such as *72, or *72|*74|*67|*82, etc. Max total length is 79 chars. This parameter applies when the user has a dial tone (first or second dial tone).
6 Configuring Voice Configuring Voice Settings Vertical Service Announcement Codes Voice > Regional > Vertical Service Announcement Codes Service Annc Base Number Base number for service announcements. Service Annc Extension Codes Extension codes for service announcements. The default is blank. The default is blank. Outbound Call Codec Selection Codes Voice > Regional > Outbound Call Codec Selection Codes Prefer G711u Code Dial prefix to make G.711u the preferred codec for the call.
6 Configuring Voice Configuring Voice Settings Prefer G729a Code Dial prefix to make G.729a the preferred codec for the call. The default is *01729. Force G729a Code Dial prefix to make G.729a the only codec that can be used for the call. The default is *02729. Miscellaneous Voice > Regional > Miscellaneous Set Local Date (mm/dd) Sets the local date (mm stands for months and dd stands for days). The year is optional and uses two or four digits.
6 Configuring Voice Configuring Voice Settings DTMF Playback Length Local DTMF playback duration in milliseconds. Detect ABCD To enable local detection of DTMF ABCD, select yes. Otherwise, select no. The default is .1. The default is yes. This setting has no effect if DTMF Tx Method is INFO; ABCD is always sent OOB regardless in this setting. Playback ABCD To enable local playback of OOB DTMF ABCD, select yes. Otherwise, select no. The default is yes.
6 Configuring Voice Configuring Voice Settings Caller ID FSK Standard The SRP supports bell 202 and v.23 standards for caller ID generation. The default is bell 202. Feature Invocation Method Select the method you want to use, Default or Sweden default. The default is Default. Line Pages (1–2) Use the Line pages (Line 1–2) to configure the lines for voice services.
6 Configuring Voice Configuring Voice Settings Line Enable Voice > Line 1–2 > Line Enable Line Enable To enable this line for service, select yes. Otherwise, select no. The default is yes. Streaming Audio Server (SAS) Voice > Line 1–2 > Streaming Audio Server (SAS) SAS Enable To enable the use of the line as a streaming audio source, select yes. Otherwise, select no. If enabled, the line cannot be used for outgoing calls.
6 Configuring Voice Configuring Voice Settings SAS Inbound RTP Sink This setting works around devices that do not play inbound RTP if the streaming audio server line declares itself as a send-only device and tells the client not to stream out audio. Enter a Fully Qualified Domain Name (FQDN) or IP address of an RTP sink; this value is used by the streaming audio server line in the SDP of its 200 response to an inbound INVITE message from a client.
6 Configuring Voice Configuring Voice Settings NAT Keep Alive Msg Enter the keep alive message that should be sent periodically to maintain the current NAT mapping. If the value is $NOTIFY, a NOTIFY message is sent. If the value is $REGISTER, a REGISTER message without contact is sent. The default is $NOTIFY. NAT Keep Alive Dest Destination that should receive NAT keep alive messages. If the value is $PROXY, the messages are sent to the current proxy server or outbound proxy server.
6 Configuring Voice Configuring Voice Settings Network Jitter Level Determines how jitter buffer size is adjusted by the SRP. Jitter buffer size is adjusted dynamically. The minimum jitter buffer size is 30 milliseconds or (10 milliseconds + current RTP frame size), whichever is larger, for all jitter level settings. However, the starting jitter buffer size value is larger for higher jitter levels. This setting controls the rate at which the jitter buffer size is adjusted to reach the minimum.
6 Configuring Voice Configuring Voice Settings SIP 100REL Enable To enable the support of 100REL SIP extension for reliable transmission of provisional responses (18x) and use of PRACK requests, select yes. Otherwise, select no. The default is no. EXT SIP Port The external SIP port number. Auth Resync-Reboot If this feature is enabled, the SRP authenticates the sender when it receives the NOTIFY resync reboot (RFC 2617) message. To use this feature, select yes. Otherwise, select no.
6 Configuring Voice Configuring Voice Settings SIP Debug Option SIP messages are received at or sent from the proxy listen port. This feature controls which SIP messages to log. Choices are as follows: • none—No logging. • 1-line—Logs the start-line only for all messages. • 1-line excl. OPT—Logs the start-line only for all messages except OPTIONS requests/ responses. • 1-line excl. NTFY—Logs the start-line only for all messages except NOTIFY requests/ responses. • 1-line excl.
6 Configuring Voice Configuring Voice Settings Restrict Source IP If Lines 1 and 2 use the same SIP Port value and the Restrict Source IP feature is enabled, the proxy IP address for Lines 1 and 2 is treated as an acceptable IP address for both lines. To enable the Restrict Source IP feature, select yes. Otherwise, select no. If configured, the SRP will drop all packets sent to its SIP Ports originated from an untrusted IP address.
6 Configuring Voice Configuring Voice Settings Use Anonymous With RPID When set to yes, use "anonymous" in the SIP message. The default is yes. Use Local Addr In From Use the local SRP IP address in the SIP FROM message. The default is no. Auth INVITE When enabled, authorization is required for initial incoming INVITE requests from the SIP proxy. Reply 182 On Call Waiting When enabled, the SRP replies with a SIP182 response to the caller if it is already in a call and the line is off-hook.
6 Configuring Voice Configuring Voice Settings Conference Bridge URL This feature supports external conference bridging for n-way conference calls (n>2), instead of mixing audio locally. To use this feature, set this parameter to that of the server's name. For example: conf@mysefver.com:12345 or conf (which uses the Proxy value as the domain). Conference Bridge Ports Select the maximum number of conference call participants. The range is 3 to 10. The default is 3.
6 Configuring Voice Configuring Voice Settings Proxy and Registration Voice > Line 1–2 > Proxy and Registration Proxy SIP proxy server for all outbound requests. Outbound Proxy SIP SIP Outbound Proxy Server where all outbound requests are sent as the first hop. Use Outbound Proxy Enables the use of an Outbound Proxy. If set to no, the Outbound Proxy and Use OB Proxy in Dialog parameters are ignored. The default is no.
6 Configuring Voice Configuring Voice Settings Use DNS SRV Whether to use DNS SRV lookup for Proxy and Outbound Proxy. The default is no. DNS SRV Auto Prefix If enabled, the SRP will automatically prepend the Proxy or Outbound Proxy name with _sip._udp when performing a DNS SRV lookup on that name. The default is no.
6 Configuring Voice Configuring Voice Settings Subscriber Information Voice > Line 1–2 > Subscriber Information Display Name Display name for caller ID. User ID User ID for this line. Password Password for this line. Use Auth ID To use the authentication ID and password for SIP authentication, select yes. Otherwise, select no to use the user ID and password. The default is no. Auth ID Authentication ID for SIP authentication. Directory Number Enter the number for this line.
6 Configuring Voice Configuring Voice Settings Supplementary Service Subscription The SRP provides native support of a large set of enhanced or supplementary services. All of these services are optional. The parameters listed in the following table are used to enable or disable a specific supplementary service. A supplementary service should be disabled if a) the user has not subscribed for it, or b) the Service Provider intends to support similar service using other means than relying on the SRP.
6 Configuring Voice Configuring Voice Settings Accept Last Serv Enable Accept Last Call Service The default is yes. DND Serv Enable Do Not Disturb Service The default is yes. CID–Serv Enable Caller ID Service The default is yes. CWCID Serv Enable Call Waiting Caller ID Service The default is yes. Call Return Serv Enable Call Return Service The default is yes. Call Redial Serv Enable Call Redial Service. Call Back Serv Enable Call Back Service.
6 Configuring Voice Configuring Voice Settings VMWI Serv Enable VMWI Service (FSK). The default is yes. Speed Dial Serv Enable Speed Dial Service. The default is yes. Secure Call Serv Enable Secure Call Service. The default is yes. Referral Serv Enable Referral Service. See the Referral Services Codes parameter for more details. The default is yes. Feature Dial Serv Enable Feature Dial Service. See the Feature Dial Services Codes parameter for more details. The default is yes.
6 Configuring Voice Configuring Voice Settings Third Preferred Codec Third preferred codec for all calls. (The actual codec used in a call still depends on the outcome of the codec negotiation protocol.) Select one of the following:.Unspecified, G711u, G711a, G726-16, G726-24, G726-32, G726-40, G729a, or G723. The default is Unspecified. Use Pref Codec Only To use only the preferred codec for all calls, select yes. (The call fails if the far end does not support this codec.) Otherwise, select no.
6 Configuring Voice Configuring Voice Settings G726-32 Enable To enable the use of the G.726 codec at 32 kbps, select yes. Otherwise, select no. The default is yes. FAX CNG Detect Enable To enable detection of the fax Calling Tone (CNG), select yes. Otherwise, select no. The default is yes. FAX Passthru Codec Select the codec for fax passthrough, G711u or G711a. The default is G711u. DTMF Process INFO To use the DTMF process info feature, select yes. Otherwise, select no. The default is yes.
6 Configuring Voice Configuring Voice Settings DTMF Tx Mode DTMF Detection Tx Mode is available for SIP information and AVT. Options are: Strict or Normal. The default is Strict for which the following are true: • A DTMF digit requires an extra hold time after detection. • The DTMF level threshold is raised to -20 dBm.
6 Configuring Voice Configuring Voice Settings FAX T38 Redundancy Select the appropriate number to indicate the number of previous packet payloads to repeat with each packet. Choose 0 for no payload redundancy. The higher the number, the larger the packet size and the more bandwidth consumed. The default is 1. FAX T38 ECM Enable Select yes to enable T.38 Error Correction Mode. Otherwise select no.
6 Configuring Voice Configuring Voice Settings Dial Plan The default dial plan script for each line is as follows: (*xx|[3469]11|0|00|[29]xxxxxx|1xxx[2-9]xxxxxx|x xxxxxxxxxxx.). The syntax for a dial plan expression is described in the table below.
6 Configuring Voice Configuring Voice Settings Enable IP Dialing Enable or disable IP dialing. If IP dialing is enabled, one can dial [userid@]a.b.c.d[:port], where ‘@’, ‘.’, and ‘:’ are dialed by entering *, user-id must be numeric (like a phone number) and a, b, c, d must be between 0 and 255, and port must be larger than 255. If port is not given, 5060 is used. Port and User-Id are optional.
6 Configuring Voice Configuring Voice Settings User Pages (1–2) Use these pages to configure the user settings. These pages include the following sections: • Call Forward Settings • Selective Call Forward Settings • Speed Dial Settings • Supplementary Service Settings • Distinctive RIng Settings • Ring Settings When a call is made from Line 1 or Line 2, the SRP uses the user and line settings for that line; there is no user login support.
6 Configuring Voice Configuring Voice Settings Selective Call Forward Settings Voice > User 1–2 > Selective Call Forward Settings Cfwd Sel1- 8 Caller Caller number pattern to trigger Call Forward Selective 1, 2, 3, 4, 5, 6, 7, or 8. The default is blank. Cfwd Sel1 - 8 Dest Forward number for Call Forward Selective 1, 2, 3, 4, 5, 6, 7, or 8. The default is blank.
6 Configuring Voice Configuring Voice Settings Supplementary Service Settings The SRP provides native support of a large set of enhanced or supplementary services. All of these services are optional. The parameters listed in the following table are used to enable or disable a specific supplementary service. A supplementary service should be disabled if a) the user has not subscribed for it, or b) the Service Provider intends to support similar service using other means than relying on the SRP.
6 Configuring Voice Configuring Voice Settings Message Waiting The user can also manually modify it to clear or set the flag. Setting this value to yes can activate stutter tone and VMWI signal. This parameter is stored in long term memory and will survive after reboot or power cycle. The default is no. Accept Media Loopback Request Controls how to handle incoming requests for loopback operation.
6 Configuring Voice Configuring Voice Settings Distinctive RIng Settings Caller number patterns are matched from Ring 1 to Ring 8. The first match (not the closest match) will be used for alerting the subscriber. Voice > User 1–2 > Distinctive Ring Settings Ring1 - 8 Caller Caller number pattern to play Distinctive Ring/CWT 1, 2, 3, 4, 5, 6, 7, or 8. The default is blank. Ring Settings Voice > User 1–2 > Ring Settings Default Ring Default ringing pattern, 1–8, for all callers. The default is 1.
7 Configuring VPN This chapter describes how to configure VPN policies and settings for the SRP. It includes the following sections: • IKE Policy • IPSec Policy • GRE Tunnel • VPN Passthrough • Cisco VPN Server To access these pages click VPN from the Configuration Utility menu bar. IKE Policy Use the IKE Policy page to configure a VPN IKE policy. Each IKE policy contains the parameters for setting IKE authentication rules.
7 Configuring VPN IKE Policy STEP 5 Set the IKE SA parameters as needed as defined in the IKE Policy Settings table. STEP 6 If connected to a XAUTH server, enter a username and password. When enabled, the SRP can authenticate users from an external authentication server such as a RADIUS server. STEP 7 Click Submit to save your settings. IKE Policy Settings Field Description General Policy Name Enter a unique name for the VPN policy.
7 Configuring VPN IPSec Policy IKE Policy Settings Field Description Enable Dead Peer (DPD) Detection To enable DPD, select Enable. The default is disabled. NOTE DPD is not required for an IKE rule, but if enabled, helps to keep the connection alive during times when there is no traffic. DPD Interval Enter an interval for DPD. This packet is sent periodically in interval seconds during no data traffic. DPD Timeout Enter a timeout (in seconds) for Dead Peer Detection (DPD).
7 Configuring VPN IPSec Policy STEP 6 Choose a policy type from the drop-down list. You can select from Auto or Manual. STEP 7 Enter the IPSec Policy settings as defined in the IPSec Policy Settings table. STEP 8 Click Submit to save your settings. The VPN policy appears in the List of IKE policies on the IKE Policy Add Entry page. IPSec Policy Settings General Settings Policy Name Enter a unique name for the VPN Policy. Policy Type Choose the policy type. Select from Auto Policy or Manual Policy.
7 Configuring VPN IPSec Policy IPSec Policy Settings Auto Policy Parameters (options only appear if Auto Policy is selected) PFS Select Enable to enable Perfect Forward Secrecy (PFS). The default is disabled. This feature requires a new Diffie-Hellman exchange for each phase-2 negotiation. While this process is slower, it ensures that no keys are dependent on any other previously used keys. SA Lifetime Enter the IPSec SA life time in seconds. The default is 7800 (130 minutes).
7 Configuring VPN GRE Tunnel GRE Tunnel Use the GRE Tunnel page to configure Generic Routing Encapsulation (GRE). GRE is a tunneling protocol developed by Cisco that can encapsulate a wide variety of network layer protocol packet types inside IP tunnels, creating a virtual point-topoint link to the SRP at remote points over an IP internetwork. STEP 1 Click VPN > GRE Tunnel in the navigation pane. The GRE Tunnel window opens.
7 Configuring VPN GRE Tunnel GRE Tunnel Settings Field Description Enable Check the box to enable the tunnel, or uncheck the box to disable it. Checksum Choose Input, Output, Both, or None. The default is None. Input requires that all inbound packets have the correct checksum. Output requires the checksums for outbound packets. Both requires the checksum for all inbound and outbound packets. Sequence Choose None, Both, Input, or Output. The default is None.
7 Configuring VPN VPN Passthrough VPN Passthrough Use the VPN Passthrough page to configure VPN passthrough for IPSec, PPTP, and L2TP protocols. Use this feature if there are devices behind the SRP that need IPSec tunnels to be set up independently, such as connecting to another router on the WAN. STEP 1 Click VPN > Site to Site IPSec VPN > VPN Passthrough. The VPN Passthrough window opens. STEP 2 IPSec, PPTP, and L2TP passthrough are enabled by default.
7 Configuring VPN Cisco VPN Server Cisco VPN Server This section describes how to configure the server polices, settings, and users for the Cisco VPN Server. The Cisco VPN Server allows remote users to access private servers at a central site from anywhere on the Internet. Data is passed through an encrypted IPSec VPN tunnel by using the Cisco VPN Client See: www.cisco.com/go/vpnclient NOTE Only the VPN Server, or site-to-site VPN can be used at a time on the SRP.
7 Configuring VPN Cisco VPN Server Cisco VPN Server Settings Group Enable Click Enable to activate the VPN server. The default is Disable. NOTE Enabling the VPN Server deactivates any site-to-site VPN tunnels that were defined. Identity Group Name Enter the Cisco VPN Group Name that will be used as an identifier for the VPN server. This name must match the group name specified in the VPN Client profile. The length can contain up to 32 characters and is case sensitive.
7 Configuring VPN Cisco VPN Server Cisco VPN Server Settings IKE Phase 2P PFS Group Diffie-Hellman group options for Perfect Forward Secrecy (PFS) in phase 2. Choices are: 1 [modp 768], 2 [modp 1024], 5 [modp 1536], 14 [modp 2048], or 15 [modp 3072]. SA Lifetime Defines how long an IPSec SA (security association) will be used. The default is 30 minutes. Mode Configuration IP Pool Starting IP Address: Starting IP address of the range of addresses that are assigned to the remote client.
7 Configuring VPN Cisco VPN Server Configuring Users The Users page contains a list of usernames that can be used to log in to the SRP VPN Server. Up to 15 unique users can be defined. STEP 1 Click VPN > Cisco VPN Server > Users. The Users window opens. From this page you can add, edit, or delete a user account. STEP 2 To add a user, click Add Entry. The User Account page opens. STEP 3 Enter a Username for the new user. STEP 4 Specify a Password and re-enter it in the Confirm Password field.
8 Administration Settings This chapter describes the Administration settings for the Services Ready Platforms. It includes the following sections: • Web Access Management • Remote Management • Time Setup • User List • User Privilege Control • Logging • Factory Defaults • Firmware Upgrade • Backup & Restore • Reboot • Status • Switch Setting To access these pages click Administration from the Configuration Utility menu bar.
8 Administration Settings Web Access Management Web Access Management Use the Web Access management page to configure the web access settings and remote access rules for the SRP. STEP 1 Click Administration > Web Access Management. The Web Access Management window opens. STEP 2 Configure the Remote Access settings as defined in the Web Access Management Settings table. STEP 3 Click Submit to save your settings.
8 Administration Settings Remote Management Web Access Management Settings Field Description Remote Upgrade If enabled, the firmware for the SRP can be upgraded from the Internet. NOTE You can only change this setting when connecting to the web interface from the LAN. Allowed Remote IP Address To access the SRP from any external IP address, select Any IP Address. To specify an external IP address or range of IP addresses, select the second radio button and enter the desired IP address(es).
8 Administration Settings Remote Management Click Submit to save your settings. TR-069 Settings Field Description Status Select Enabled to allow auto-configuration of your router from a central server. The default is Disabled. ACS URL Enter the ACS URL provided by your service provider. The ACS URL uses the following format: Protocol://host:port/path • Protocol can be either http or https. • Host can be a fully qualified domain name, or IP address. • Port is optional.
8 Administration Settings Remote Management TR-069 Settings Field Description Request Download Click Apply if you want to immediately initiate a connection to the ACS. The ACS calls the Download RPC when it receives the request. SNMP SNMP is a network monitoring and management protocol that lets you monitor and manage your network from an SNMP manager. SNMP provides allows you to monitor and control network devices, and manage configurations, statistics collection, performance, and security.
8 Administration Settings Remote Management SNMP Settings Field Description Get Community Enter the password that allows read-only access to the Gateway's SNMP information. Set Community Enter the password that allows read/write access to the Gateway's SNMP information. SNMP Port Descriptions The following tables list the internal Linux interface labels used by SNMP when listing interfaces.
8 Administration Settings Remote Management SRP500 Internal Interfaces eth0.4080 through eth0.4083 Internal bridged connections to ADSL PVC1–4 eth0.4093 Internal Connection to ADSL modem wifi0 Internal Connection to wireless access point ifb0 Not currently used fb1 Not currently used mast0 Not currently used Local TFTP Use the Local TFTP page to enable the SRP to be a TFTP server.
8 Administration Settings Time Setup Local TFTP Settings Field Description File Enter the name of the remote file. Save As Enter the filename for the file you are saving. User Name Enter a user name to access the remote file User Password Enter a password to access the remote file. Timeout Specify the session timeout value (in seconds). This is the maximum time allowed for a connection session. The connection timeout for HTTP and FTP sessions is 3 seconds.
8 Administration Settings Setup Wizard STEP 5 Click Submit to save your settings. Time Setup Settings Field Description User Manual To setup the system clock manually, select User Manual and enter the date and time zones. Enter the date format as "Year/Month/Day" and the time format as: "Hour:Min:Sec." Time Zone Regions Enter your regions time zone form the drop-down list. For example: (GMT-8:00) Pacific Time (USA & Canada).
8 Administration Settings User List User List Use the User List page to manage the users who have access to the Configuration Utility. There are two default accounts, admin and cisco. The admin account has administrator-level access. The cisco account has guest-level access. STEP 1 Click Administration > User List. The User List window opens. STEP 2 Click the Edit (pencil) icon for the account that you want to change. The User Account window opens. STEP 3 Enter a new username.
8 Administration Settings Logging • Read/Write: allows you to view and configure the Web page. • Read Only: allows you to view the Web page. • Hidden: hides the link to the Web page. STEP 3 Click Apply to save your setting. Logging The SRP allows you to record incoming, outgoing, and DHCP lists for various events that occur on your network.The Incoming Log displays a temporary list of the source IP addresses and destination port numbers for the incoming Internet traffic.
8 Administration Settings Factory Defaults Factory Defaults Use the Factory Default page to set the SRP to the settings it was configured with when it was shipped from the factory. STEP 1 Click Administration > Factory Defaults. The Factory Defaults window opens. STEP 2 To restore the SRP to its factory defaults, select Yes. Any custom data (SRP) settings you have saved will be lost when the default settings are restored STEP 3 To restore the voice settings to the factory defaults, select Yes.
8 Administration Settings Backup & Restore Backup & Restore ‘This section describes how to backup and restore the configuration settings for the SRP. It includes the following sections: • Backup Configuration • Restore Configuration To access these pages, click Administration > Backup & Restore from the Configuration Utility. Backup Configuration Use the Backup Configuration page to back up the SRP configuration settings to a file. You can then later restore these same settings to the SRP.
8 Administration Settings Reboot Reboot Use the Reboot page to power cycle the SRP (if necessary) from the Configuration Utility. STEP 1 Click Administration > Reboot. The Reboot window opens. STEP 2 Click the Reboot button to power cycle the SRP. Status Use the Status page to view the CPU and Memory status for the SRP. The status information is displayed in real time. To access this page, click Administration > Status. From this page you can view the following: • CPU–MIPS, Loads and Uptime.
8 Administration Settings Switch Setting Switch Settings Field Description DSL Interface Enable or disable the DSL port. When the DSL port is enabled, Ethernet port 4 operates only as LAN port. When the DSL port is disabled, Ethernet port 4 switches from a LAN port to a WAN port. Jumbo Mode The size of the jumbo packet. Choices are 1522 or 2048 bytes.
9 Using Services Ready Platform Diagnostics This chapter describes how to use diagnostic features of the Services Ready Platforms. • Ping Test • Traceroute Test • Detect Active LAN Clients To access these pages click the Diagnostics Tab from the Configuration Utility menu bar. Ping Test Use the Ping Test page to test connectivity between the SRP and a connected device on the network. STEP 1 Click Diagnostics > Ping Test. The Ping Test window opens.
Using Services Ready Platform Diagnostics Traceroute Test 9 Traceroute Test Use the Traceroute page to view the route between the SRP and a destination. STEP 1 Click Diagnostics > Traceroute Test. The Traceroute Test window opens. STEP 2 Enter the IP or URL address to run the trace route on. STEP 3 Click Start to Traceroute to start the test. The results appear on the page and are refreshed every 5 seconds. STEP 4 Click Close to close the results and display the form.
10 Viewing the Services Ready Platforms Status This chapter describes how to view the status of Services Ready Platforms. • Router Settings • Firewall Status • Interface Information • Wireless Network Status • Wireless Client Information • Mobile Network Status • DHCP Server Information • QoS Status • Routing Table • ARP Table • RIP Status • IGMP Status • VPN Status • CDP Neighbor Information To access these pages click the Status from the Configuration Utility menu bar.
10 Viewing the Services Ready Platforms Status Router Settings Router Settings Use the Router page to view information about the SRP and it’s current settings. Status > Router Field Description Model Product name and features. Hardware Version Hardware version number. Boot Version Boot firmware version number. Firmware Version Current firmware version. Recovery Firmware Version number of the recovery firmware. Setup Wizard Version Version number of the Setup Wizard.
Viewing the Services Ready Platforms Status Firewall Status 10 Firewall Status Use the Firewall Status page to view the SRP firewall information. Status > Firewall Firewall Status Field Description Internet Access Policy No Number of the Internet Access Policy list. Policy Name Numeric identifier of the Internet Access Policy. Status Shows the status of the Internet Access Policy. Click on the link to access the policy configuration. Passed (pkts) Number of packets passed by this rule.
10 Viewing the Services Ready Platforms Status Firewall Status Firewall Status Field Description Name Name associated with firewall packet processing. • INPUT: Traffic destined for the SRP. • OUTPUT: Traffic originating from the SRP. • FORWARD: Traffic passed between the public/external and private/internal networks. Accept PKT The number of packets accepted by this firewall path. Accept Volume (bytes) The volume of traffic, in bytes, processed by this firewall path.
10 Viewing the Services Ready Platforms Status Interface Information Interface Information Use the Interface Information page to view information for the various interfaces. Status > Interface Interface Information Field Description Interface List Interface Lists all currently configured LAN and WAN layer three (IP) interfaces. An Ethernet WAN interface is shown as “WAN” and an ADSL WAN interface is shown as “PVC.
10 Viewing the Services Ready Platforms Status Wireless Network Status Interface Information Field Description Clear TX & RX Click this button to reset to 0 the count of TX and RX packets. Wireless Network Status Use the Wireless Network page to view information about your wireless networks. Status > Wireless Wireless Network Status Field Description Network Mode Operating mode configured for the embedded wireless Access Point. See Setting up the Wireless LAN, page 48 for more information.
10 Viewing the Services Ready Platforms Status Wireless Client Information Wireless Client Information Use the Wireless Client Information page to view information for the wireless clients. Status > Wireless Client Information Wireless Client Information Field Description MAC Address Client MAC address. Tx-Rate Current transmission data rate of the client. Rx-Rate Current receive data rate of the client. RSSI Signal strength of the last received packet.
10 Viewing the Services Ready Platforms Status Mobile Network Status USB UMTS Card Settings Field Description Manufacturer Manufacturer of the connected USB modem. Card Model Model name of the connected USB modem. Card Firmware Firmware revision currently installed on the USB modem. SIM Status SIM card status. (SIM ready or pin code needed). IMSI IMSI number of this USB modem. Service Type USB modem service type. Signal Strength Signal strength.
10 Viewing the Services Ready Platforms Status DHCP Server Information USB CDMA2000 EVDO Card Settings Field Description Phone Number Phone Number associated with the account of this USB modem. Carrier Carrier name associated to the USB modem service. Signal Strength Signal strength. Card Status The status of the card: Connecting, Connected, Disconnecting, Disconnected or Card is not activated. If no card is attached, the status page states that the SRP is “Unable to Detect USB Mobile Modem”.
10 Viewing the Services Ready Platforms Status QoS Status QoS Status Use the QoS Status page to view traffic queuing statistics. The SRP supports 5 queues: One strict queue and four weighted round robin queues. Status > QoS QoS Status Field Description Queue Name Lists the five queues used by the SRP. Config Rate The nominal amount of traffic that each queue can handle under balanced and loaded conditions.
10 Viewing the Services Ready Platforms Status Routing Table Routing Table Use the Routing Table Status page to view routing information. Status > Routing Table Routing Table Status Field Description Destination LAN IP Address of the network or host to which the static route is assigned. Subnet Mask Determines which portion of an IP address is the network portion, and which portion is the host portion.
10 Viewing the Services Ready Platforms Status RIP Status ARP Table Status Field Description Device Device interface type. RIP Status Use the RIP Status page to view information for all (RIP) Routing Information Protocol activity. To access this page, click Status > RIP from the Configuration Utility. This page dump all RIP related messages for the associated RIP daemon. For each route received through RIP, it displays the time the packet was sent and the tag information.
10 Viewing the Services Ready Platforms Status VPN Status VPN Status Use the VPN Status page to view VPN status information. Status > VPN Status VPN Status Field Description Tunnel Name The name of the VPN tunnel. Remote Policy The remote network policy. Local Policy The local network policy. IKE Algorithm The final result of IKE algorithm after ISAKMP. Only applies to the “AUTO” mode. Upset Algorithm The IPSec algorithm this tunnel is currently using.
10 Viewing the Services Ready Platforms Status CDP Neighbor Information CDP Neighbor Information Use the CDP Neighbor Information page to view CDP Neighbor information from the Configuration Utility. NOTE To view additional status information, click an item in the Neighbor information list. The CDP Details table displays information about the selected device. Status > CDP Neighbor Information CDP Neighbor Information Field Description Device ID The device ID of the neighbor.
A Specifications This appendix lists the specifications for the Services Ready Platforms (SRP520 Models). Feature SRP521W WAN Fast Ethernet LAN 4 Fast Ethernet Ports Wireless 802.11b/g/n Operating Temperature 0° C to 40° C Storage Temperature -20° C to 70° C Operating Humidity 10% to 85% Non-Condensing Storage Humidity 5% to 90% Non-Condensing Voltage Range 100-240V 50/60Hz AC Dimensions (W x D x H): 170mm (6.69 inches) x 170mm (6.69 inches) x 42mm (1.
A Specifications Feature SRP526W Storage Temperature -20° C to 70° C Operating Humidity 10% to 85% Non-Condensing Storage Humidity 5% to 90% Non-Condensing Voltage Range 100-240V 50/60Hz AC Dimensions (W x D x H): 170mm (6.69 inches) x 170mm (6.69 inches) x 42mm (1.65 inches) Weight 440g Feature SRP 527W WAN ADSL2+ Annex A LAN 4 Fast Ethernet Ports Wireless 802.
B Where to Go From Here Cisco provides a wide range of resources to help you and your customer obtain the full benefits of the Services Ready Platforms. Product Resources Support Cisco Small Business Support Community www.cisco.com/go/smallbizsupport Online Technical Support and Documentation (Login Required) www.cisco.com/support Cisco Small Business Support and Resources www.cisco.com/go/smallbizhelp Phone Support Contacts www.cisco.
Where to Go From Here Cisco SRP500 Series Services Ready Platforms (SRP520 Models) B 229
