Specifications
Appendix B: Network IP Topology
Private Network With Near-End NAT Traversal
Page B-32 Mitel
®
5000 Installation Manual – Issue 3.0, October 2008
In this example, the connection is to the Internet with a T1. Set up the IP address and apply the
access policy (defined further below). In this example, assume that the ISP is configured with
this address as a gateway for the (public) NATed addresses.
interface t1 1/1
clock source line
tdm-group 1 timeslots 1-24 speed 64
ip address 208.13.17.33 255.255.255.0
access-policy Public
no shutdown
• The commands below define access lists for the different traffic types. These defined lists
do not have any effect until they are applied to interfaces.
o The following commands define an access list so that we can communicate with the
internal trusted network.
ip access-list extended self
remark Traffic to NetVanta
permit ip any any log
!
o
The following commands define the set of communications coming from any internal
hosts
except the Mitel CS-5200/5400/5600.
ip access-list standard PrivateHosts
deny host 192.168.1.2
permit any log
o
The following commands define the set of communications coming from the Mitel CS-
5200/5400/5600.
ip access-list standard OutIT5KMain
permit host 192.168.1.2 log
!
o
The following commands defines the communications that we want to allow to the
Mitel CS-5200/5400/5600. In this example, this is limited to the communications
required for ITP endpoints.
ip access-list extended InIT5KMain
permit tcp any host 208.13.17.2 eq 5566 log
permit udp any host 208.13.17.2 eq 5567 log
permit udp any host 208.13.17.2 range 6004 6247
log