Specifications
Appendix B: Network IP Topology
ITP Endpoints and Private Networking
Page B-30 Mitel
®
5000 Installation Manual – Issue 3.0, October 2008
• Each VLAN functions as a port on the router with its own IP address. Also, apply access
policies to each interface. The access policies are defined further below.
interface vlan 1
ip address 192.168.1.1 255.255.255.0
access-policy Private
no shutdown
interface vlan 2
ip address 208.132.23.64 255.255.255.192
no shutdown
!
In this example, there is a connection to the Internet using a T1 interface. Set up the IP address
and apply the access policy (which is defined further below).
interface t1 1/1
clock source line
tdm-group 1 timeslots 1-24 speed 64
ip address 208.13.17.33 255.255.255.252
access-policy Public
no shutdown
• The following commands define access lists for different kinds of traffic. Defining the lists
do not have any effect until they are applied to the interfaces.
ip access-list extended web
permit ip any any
ip access-list extended Voice
permit udp any host 208.132.23.66 range 6004 6243 log
ip access-list extended ITP
permit tcp any host 208.132.23.66 eq 5566 log
permit udp any host 208.132.23.66 eq 5567 log
ip access-list extended InterTelNetworking
permit tcp any host 208.132.23.66 eq 5570 log
• The following commands define the policies for the different interfaces. Each policy can
specify more than one access list. In the Public policy-class, voice ports, the ITP
(endpoint) ports, and the Networking ports are allowed.
ip policy-class DMZ
allow list web
!
ip policy-class Private
allow list self self
allow list wizard-ics
!
ip policy-class Public
allow list Voice
allow list ITP
allow list InterTelNetworking