Avaya G250 Administration
Media gateway
Hide thumbs
Also See for G250:
- Administration manual (840 pages) ,
- Reference (812 pages) ,
- Administration (720 pages)
Subscribe to Our Youtube Channel
Related Manuals for Avaya G250
Summary of Contents for Avaya G250
- Page 1 Administration for the Avaya G250 and Avaya G350 Media Gateways 03-300436 Issue 1.1 June 2005...
- Page 2 • System administration documents Warranty • Security documents Avaya Inc. provides a limited warranty on this product. Refer to your • Hardware-/software-based security tools sales agreement to establish the terms of the limited warranty. In • Shared information between you and your peers addition, Avaya’s standard warranty language as well as information...
- Page 3 04DU9-DN 6.0Y RJ48C • A reorder tone is received. Avaya attests that this registered equipment is capable of providing users 04DU9-IKN 6.0Y RJ48C access to interstate providers of operator services through the use of access codes. Modification of this equipment by call aggregators to block 04DU9-ISN 6.0Y...
- Page 4 Contact the state public utility commission, public service E-mail: totalware@gwsmail.com commission or corporation commission for information. For the most current versions of documentation, go to the Avaya support This equipment, if it uses a telephone receiver, is hearing aid compatible. Web site: http://www.avaya.com/support.
-
Page 5: Table Of Contents
Accessing the CLI via a modem connection to the S8300 ..Accessing Avaya IW ........ - Page 6 Configuring DNS Resolver ......DNS Resolver configuration example ....6 Administration for the Avaya G250 and Avaya G350 Media Gateways...
- Page 7 Chapter 6: Configuring Ethernet ports ....Ethernet ports on the G250 ......
- Page 8 Configuring RSVP parameters ......Configuring Weighted Fair VoIP Queuing (WFVQ) ....8 Administration for the Avaya G250 and Avaya G350 Media Gateways...
- Page 9 E1/T1 default settings ......Configuring the Avaya MM342 USP WAN media module ... .
- Page 10 PoE overview........Introduction to PoE on the G250 and G350 ....
- Page 11 Multi VLAN binding ....... . G250/G350 VLAN table ......
- Page 12 Creating a capture list ......12 Administration for the Avaya G250 and Avaya G350 Media Gateways...
- Page 13 Chapter 17: Configuring the router..... Overview of the G250 and G350 router......
- Page 14 RIP commands ........14 Administration for the Avaya G250 and Avaya G350 Media Gateways...
- Page 15 Introduction to IPSec VPN ......G250/G350 R2.2 VPN capabilities......
- Page 16 Editing and creating rules......16 Administration for the Avaya G250 and Avaya G350 Media Gateways...
- Page 17 Contents Rule criteria ........IP protocol ........Source and destination IP address .
- Page 18 Appendix A: Traps and MIBs ......533 G250/G350 traps ........
-
Page 19: About This Book
You can download the latest version of the Administration for the Avaya G250 and Avaya G350 Media Gateways from the Avaya Web site. You must have access to the Internet, and a copy of Acrobat Reader must be installed on your personal computer. -
Page 20: Related Resources
- PDF Format to download the book in regular PDF format - ZIP Format to download the book as a zipped PDF file Related resources For more information on the Avaya G250 and G350 Media Gateways and related features, see the following books: Title... -
Page 21: Technical Assistance
Toll fraud, call Avaya Toll Fraud Intervention at 1-800-643-2353 ● International For all international resources, contact your local Avaya authorized dealer for additional help. Trademarks All trademarks identified by the ® or TM are registered trademarks or trademarks, respectively, of Avaya Inc. All other trademarks are the property of their respective owners. -
Page 22: Sending Us Comments
E-mail, send your comments to: ● document@avaya.com Fax, send your comments to: ● 1-303-538-1741 Mention the name and number of this book, Administration for the Avaya G250 and Avaya G350 Media Gateways, 03-300436. 22 Administration for the Avaya G250 and Avaya G350 Media Gateways... -
Page 23: Chapter 1: Introduction
— telephone exchange and data networking. The G250 and G350 each feature a VoIP engine, WAN router, and Power over Ethernet LAN switch. The G350 provides full support for legacy DCP and analog telephones. - Page 24 ● This guide explains how to configure the Avaya G250 and G350 Media Gateways. Instructions in this guide are valid for both the Avaya G250 and G350 Media Gateways except where otherwise noted. This guide contains the following chapters: Chapter 2: Configuration overview —...
- Page 25 Chapter 18: Configuring IPSec VPN — how to configure IPSec VPN on the G250/G350 ● Chapter 19: Configuring policy — how to configure access control and QoS policy lists on ● the G250/G350 Chapter 20: Configuring policy-based routing — how to configure policy-based routing lists ●...
- Page 26 Introduction 26 Administration for the Avaya G250 and Avaya G350 Media Gateways...
-
Page 27: Chapter 2: Configuration Overview
USB interface. A new G250 is managed using the console interface. The first thing you should do when configuring a new G250/G350 is to assign an IP address to the console interface. It is not necessary to include a subnet mask. - Page 28 Configuring the Primary Management Interface (PMI) on page 58. Once you have defined a PMI, you must register the G250/G350 with an MGC. The MGC is a media server (call controller) that controls telephone services on the G250/G350. The MGC can be internal or external.
-
Page 29: Configuration Using Cli
Configuration using CLI Configuration using CLI You can use the Avaya G250/G350 Media Gateway CLI to manage the G250/G350. The CLI is a command prompt interface that enables you to type commands and view responses. For instructions on how to access the G250/G350 CLI, see Accessing the CLI on page 33. -
Page 30: Saving Configuration Changes
Configuration overview You can also use the Avaya G350 Manager to configure most features of the G350. The Avaya G350 Manager is a GUI application. You can access the Avaya G350 Manager from Avaya Integrated Management software or from a web browser. Most of the commands that are available through the G350 CLI are also available through the Avaya G350 Manager. -
Page 31: Firmware Version Control
Firmware version control Firmware version control Firmware is the software that runs the Avaya G250/G350 Media Gateway. The Avaya G250/ G350 Media Gateway has two firmware banks: Bank A ● Bank B ● Each firmware bank contains a version of the G250/G350 firmware. These may be different versions. - Page 32 Configuration overview 32 Administration for the Avaya G250 and Avaya G350 Media Gateways...
-
Page 33: Chapter 3: Accessing The Avaya G250/G350 Media Gateway
Chapter 3: Accessing the Avaya G250/G350 Media Gateway This chapter provides information about the various ways of accessing the Avaya G250/G350 Media Gateway and contains the following sections: Accessing the CLI — instructions on how to access the CLI ●... -
Page 34: Cli Overview
Accessing the Avaya G250/G350 Media Gateway CLI Overview The CLI is a textual command prompt interface that you can use to configure the Avaya G250/ G350 Media Gateway and media modules. You can access the CLI with any of the following: Telnet through the network ●... -
Page 35: Accessing The Cli Locally
● Accessing CLI via local network You can access the CLI from a computer on the same local network as the Avaya G250/G350 Media Gateway by using any standard telnet program. For the host address, you can use the IP address of any G250/G350 interface. -
Page 36: Accessing The Cli Via Modem
USB modem connected to the USB port on the front panel of the G350 or a serial modem connected to the console port on the front panel of the G350. With the G250, you can connect to a serial modem connected to the console port on the front panel of the G250. Use only an approved Avaya serial cable. -
Page 37: Accessing The Cli Via A Serial Modem
To access the CLI with telnet through dialup from a remote location using a serial modem: 1. Connect a modem to the console port (CONSOLE) on the front panel of the Avaya G250/ G350 Media Gateway. Use an RJ-45 serial cable to connect the modem. It is recommended to use a Multitech MultiModem ZBA, MT5634ZBA-V92. -
Page 38: Accessing Avaya Iw
To access the G250/G350 CLI via telnet through a dialup connection from a remote location via the S8300: 1. Connect a USB modem to either of the two USB ports on the Avaya S8300 Media Server. It is recommended to use a Multitech MultiModem USB, MT5634ZBA-USB-V92. - Page 39 Change your password ● When performing initial configuration of the G250/G350, you can access and run the Avaya IW using a laptop computer. To access the Avaya IW: 1. Connect a laptop computer to the Services port of the S8300, using a crossover cable.
-
Page 40: Accessing Giw
G250/G350 that does not include an S8300 Media Server. You can use the GIW to perform initial configuration of the G250/G350 and to upgrade software and firmware. Specifically, you can perform the following tasks with the GIW: Configure PMI information —... -
Page 41: Accessing Pim
Accessing PIM Figure 2: GIW Overview screen For step-by-step instructions on how to configure the G250/G350 using the GIW, see Installation and Upgrades for the Avaya G250 Media Gateway, 03-300434 or Installation and Upgrades for the Avaya G350 Media Gateway, 03-300394. -
Page 42: Accessing Avaya Communication Manager
Use Avaya Communication Manager software to control telephone services that the Avaya G250/G350 Media Gateway provides. Avaya Communication Manager software runs on a media server. There might be several media servers on your network that can control the Avaya G250/G350 Media Gateway. You can access Avaya Communication Manager on any media server that is a Media Gateway Controller (MGC) for the Avaya G250/G350 Media Gateway. -
Page 43: Security Overview
46. Privilege level When you start to use Avaya G350 Manager or the CLI, you must enter a username. The username that you enter sets your privilege level. The commands that are available to you during the session depend on your privilege level. If you use RADIUS authentication, the RADIUS server sets your privilege level. -
Page 44: Configuring Usernames
RSA authentication ● Password authentication ● Use the show ip ssh command to determine which of these ways is used on your G250/ G350. See SSH Configuration on page 45. 44 Administration for the Avaya G250 and Avaya G350 Media Gateways... -
Page 45: Ssh Configuration
The G250/G350 sends the public key (the fingerprint) to the client computer. This public ● key is used by the client to encrypt the data it sends to the G250/G350. The G250/G350 decrypts the data using the private key. Both sides negotiate and must agree on the same chipper type. The G250/G350 only ●... -
Page 46: Radius Authentication
44, except that the roles of the G250/G350 and the client computer are reversed. To perform file transfers secured by SCP, the G250/G350 launches a local SSH client via the CLI. This establishes a secured channel to the secured file server. The G250/G350 authenticates itself to the server by providing a user name and password. -
Page 47: 802.1X Protocol
LAN port and of preventing access to that port in cases where the authentication process fails. On the G350, you can enable 802.1x on the MM314 media module’s 10/100 Ethernet ports. On the G250, you can enable 802.1x on the eight Ethernet LAN PoE ports located on the G250’s front panel. -
Page 48: How Port Based Authentication Works
By default, all ports are in auto mode. In other words, all ports are configured to use 802.1x authentication if it is enabled on the G250/G350. If a port is not in auto mode, you can use the following command to return the port to auto mode:... - Page 49 For example: G350-001(super)# set dot1x system-auth-control enable To disable 802.1x authentication on the G250/G350, use the command set dot1x system-auth-control disable. Once the authentication process is enabled, the process proceeds as follows: - The Supplicant is asked to supply a user name and password.
-
Page 50: Manual Re-Authentication
Optional 802.1x commands You can use the following commands to modify 802.1x parameters: Use the clear dot1x config command to disable 802.1x on the G250/G350 and ● return to default parameters. Use the set port dot1x initialize command, followed by the module and port ●... -
Page 51: Displaying 802.1X Parameters
● to 65535), to set the authenticator-to-supplicant retransmission timeout period (the time for the G250/G350 to wait for a reply from the Authenticated Station) for all ports on which 802.1x is enabled. Use the set port dot1x supp-timeout command, followed by the module and port ●... - Page 52 Disabled — The port connection is not ● re-authenticated. The reAuthPeriod is ignored. Quiet Period The amount of time, in seconds, between sending authentication requests. 1 of 2 52 Administration for the Avaya G250 and Avaya G350 Media Gateways...
-
Page 53: Special Security Features
Enabling and disabling recovery password — instructions on how to enable and disable ● the recovery password, which provides emergency access to the G250/G350 via a direct connection to the console port Enabling and disabling telnet access — instructions on how to enable and disable telnet ●... -
Page 54: Enabling And Disabling Recovery Password
The G250/G350 includes a special recovery password. The purpose of the recovery password is to enable the system administrator to access the G250/G350 in the event that the regular password is forgotten. You can only use the recovery password when accessing the G250/ G350 via a direct connection to the console port. -
Page 55: Overview Of Syn Cookies
Special security features Overview of SYN cookies The G250/G350 provides various TCP/IP services and is therefore exposed to a myriad of TCP/ IP based DoS attacks. DoS (Denial of Service) attacks refers to a wide range of malicious attacks that can cause a denial of one or more services provided by a targeted host. -
Page 56: Configuring Syn Cookies
SYN cookies are now enabled on the device. SYN attack notification When the SYN cookies feature is enabled, the G250/G350 alerts the administrator to a suspected SYN attack as it occurs by sending the following syslog message: SYN attack suspected! Number of unanswered SYN requests is greater than 20 in last 10 seconds. -
Page 57: Chapter 4: Basic Device Configuration
● configuration, and other files on the G250/G350 Defining an interface All interfaces on the G250 and G350 must be defined by the administrator, after installation of the G250/G350. To define an interface: 1. Use the interface command to enter the interface context. Some types of interfaces require an identifier as a parameter. -
Page 58: Configuring The Primary Management Interface (Pmi)
G250/G350 automatically becomes the PMI. You can subsequently assign any IP interface to be the PMI. The PMI is used as the IP address of the G250/G350 for the following management functions: Registration of the G250/G350 to an MGC ●... -
Page 59: Defining The Default Gateway
● Defining the default gateway The G250/G350 uses a default gateway to connect to outside networks that are not listed on the G250/G350’s routing table. To define a default gateway, use the ip default-gateway command, followed by either the IP address or name (type and number) of the interface you want to define as the default gateway. -
Page 60: The Media Gateway Controller (Mgc)
MGC. The G250/G350 supports both External Call Controllers (ECC) and Internal Call Controllers (ICC). An ICC is an Avaya S8300 Media Server that you install in the G250/G350 as a media module. An ECC is an external media server that communicates with the G250/G350 over the network. -
Page 61: Survivability And Migration Options
Several options exist to minimize network disruption in the event that connectivity between the G250/G350 and the MGC is lost. MGC list. You must register the G250/G350 with at least one, and up to four, MGCs. The ● first MGC on the list is the primary MGC. If the G250/G350 cannot connect with, or loses its connection with, the primary MGC, it attempts to connect with the other MGCs on the list. -
Page 62: Configuring The Mgc List
Done! If the MGC with the IP address 132.236.73.2 is available, that MGC becomes the G250/G350’s MGC. If that server is not available, the G250/G350 searches for the next MGC on the list, and so on. To determine the result of the set mgc list command, use the show mgc command. This command has the following output: Registered —... -
Page 63: Setting Reset Times
Configuring the Media Gateway Controller (MGC) To show the current MGC list, use the show mgc list command. This command shows the IP addresses of the MGCs on the MGC list. On a G250, it also shows whether or not SLS is enabled. -
Page 64: Accessing The Registered Mgc
When a local MGC controls telephone services on the Avaya G250/G350 Media Gateway in ICC or LSP mode, the G250/G350 monitors the connection with the MGC. If the connection with the MGC is lost, the G250/G350 starts a recovery process. Use the following commands to... -
Page 65: Dns Resolver
DNS Resolver DNS Resolver This section provides information about configuring DNS Resolver in the G250/G350, and contains the following topics: DNS Resolver overview ● Typical DNS resolver application – VPN failover ● Configuring DNS Resolver ● Maintaining DNS Resolver ●... -
Page 66: Typical Dns Resolver Application - Vpn Failover
Basic device configuration The most common application of this configuration is for connecting the G250/G350 to the Internet and getting the DNS server information from the ISP. Therefore, interfaces configured to automatically learn the DNS servers in the system are usually the Fast Ethernet with PPPoE interface and the Dialer interface. -
Page 67: Configuring Dns Resolver
DNS Resolver Configuring DNS Resolver To configure DNS Resolver on the G250/G350: 1. Use the ip domain name-server-list command, followed by the number 1, to create the DNS servers list. G350-001(config)# ip domain name-server-list 1 G350-001(config-name-server-list:1)# 2. Use the description command to specify a description for the list. - Page 68 G350-001(config)# ip domain lookup Done! Important: If either DHCP Client or PPP are configured in the G250/G350, you need not Important: configure DNS Resolver at all, because: - DNS Resolver is enabled by default, and - DHCP Client and PPP discover DNS servers automatically, so the list of DNS servers will include the automatically-learned DNS servers.
-
Page 69: Dns Resolver Configuration Example
G350-001(config-name-server-list:1)# name-server 1 1.1.1.1 Done! G350-001(config-name-server-list:1)# name-server 2 2.2.2.2 Done! G350-001(config-name-server-list:1)# name-server 3 3.3.3.3 Done! G350-001(config-name-server-list:1)# exit G350-001(config)# ip domain list 1 support.avaya.com Done! G350-001(config)# ip domain list 2 global.avaya.com Done! G350-001(config)# ip domain list 3 avaya.com Done! G350-001(config)# ip domain retry 4... -
Page 70: Maintaining Dns Resolver
You can also enable logging messages to a log file or a Syslog server. For a full Note: description of logging on the G250/G350, see Chapter 7: Configuring logging page 103. 70 Administration for the Avaya G250 and Avaya G350 Media Gateways... -
Page 71: Viewing The Status Of The Device
Viewing the status of the device Viewing the status of the device To view the status of the Avaya G250/G350 Media Gateway, use the following commands. For more information about these commands, see Avaya G250 and Avaya G350 CLI Reference, 03-300437. -
Page 72: Version Management
G250/G350 files and their version numbers File transfer The Avaya G250/G350 Media Gateway can be a client for the FTP and TFTP protocols. Use the FTP or TFTP protocols to transfer files between the Avaya G250/G350 Media Gateway and other devices. -
Page 73: Software And Firmware Upgrades
G250/G350 using the other version. This is particularly important when uploading new versions. By default, when you turn on or reset the G250/G350, the G250/G350 loads firmware from Bank B. To change the default bank from which firmware is loaded during startup, type the set boot bank command. -
Page 74: Upgrading Software And Firmware
Basic device configuration You can use the ASB button on the G250/G350 front panel to load firmware from the bank other than the default bank during startup: 1. Press and hold the reset button. 2. Press and hold the ASB button. - Page 75 Use the copy tftp SW_imageB command to upgrade the G250/G350 firmware into ● Bank B from a TFTP server. Use the copy ftp EW_archive command to upgrade the Java applet for Avaya G350 ● Manager software from an FTP server.
-
Page 76: Managing Configuration Files
Listing the files on the Avaya G250/G350 Media Gateway Use the dir command to list all G250/G350 files. When you list the files, you can see the version numbers of the software components. The dir command also shows the booter file, which cannot be changed. -
Page 77: Chapter 5: Configuring Standard Local Survivability (Sls) On The G250
Instead, SLS is a cost-effective survivability alternative offering limited call processing in survivable mode and no special station features. Although the G250 has an option to host an S8300 Media Server in ICC or LSP mode, SLS offers both local survivability and call control. -
Page 78: Call Processing In Sls Mode
Configuring Standard Local Survivability (SLS) on the G250 Call processing in SLS mode In survivable mode, SLS provides only a limited subset of Avaya Communication Manager call processing functionality: Limited call routing through a Survivable ARS Analysis Table (in PIM or through the CLI) ●... -
Page 79: Provisioning Data
RAM (NVRAM) on the G250. After the initial data collection, PIM retains a copy of the data set for each G250. This set is compared with subsequent data sets to determine if anything has changed: If the data set changes, then the newer data set is pushed down to the media gateway. -
Page 80: Unregistered
Configuring Standard Local Survivability (SLS) on the G250 Unregistered This is the normal state in which SLS waits for an H.248 registration request from the G250. When SLS receives the request, it registers the G250 and transitions to the Setup state. -
Page 81: Emergency Transfer Relay (Etr) In Sls Mode
ETR state is changed through a CLI command or SNMP. There can only be one ETR call, so upon registering with an MGC, the G250 ports are polled to determine an ETR call is active. If there are none, ETR disengages, and the ports are returned to normal service. Otherwise, the gateway remains in ETR mode until the V304 and/or V305 ports are idle. -
Page 82: Sls Logging Activities
There is no means to disable the ETR feature when the G250 is powered-down. Therefore, on the G250, certain ports should not be used as DID ports to avoid having the ETR “loop-start” trunk connected directly to the tip and ring circuit of the DID trunk and having two battery feed circuits driving one another. -
Page 83: Configuring Sls
Provisioning data from the PIM tool must be gathered from Avaya Communication ● Manager and delivered to the G250 using PIM. If PIM is not available, the G250 can be manually configured for SLS and Auto Fallback via the CLI. See... -
Page 84: Gathering Provisioning Data From Pim
Configuring Standard Local Survivability (SLS) on the G250 Gathering provisioning data from PIM Before enabling SLS, you must gather provisioning data from PIM and deliver it to the G250. Run PIM’s Device Profile Wizard to perform this task. The Device Profile Wizard gathers a subset of the Communication Manager translations (dial plan analysis and destination routing instructions) and delivers them to the G250. - Page 85 (Figure 7) to permit or deny dial strings for various call types. Figure 7: Survivability form (PIM) Enable the survivability feature on this device if selected, enables SLS on the G250 ● Media Gateway; cleared means that SLS is disabled.
- Page 86 In conjunction with the Add ARS Dial String button you can create/edit/delete up to 15 ARS Entries. 3. Use the Survivability Schedule page (Figure 8) to administer up to 6 SLS updates per day. Figure 8: Survivability Schedule page (PIM) 86 Administration for the Avaya G250 and Avaya G350 Media Gateways...
-
Page 87: Enabling And Disabling Sls On The G250
Figure 9: Backup/Restore page (PIM) Enabling and disabling SLS on the G250 To enable SLS on the G250, type the set survivable-call-engine enable command. The G250 responds with “Survivable Call Engine is enabled.” To disable SLS on the G250, type the set survivable-call-engine disable command. -
Page 88: Manually Configuring The Sls Data Through The Cli
It is recommended to use PIM to configure the SLS data. However, if PIM is unavailable, you can also configure the SLS data from the G250 itself using the G250 CLI. To create the SLS data set on the G250 using the CLI: 1. - Page 89 8. To change the maximum allowable IP registrations from the default (8), use the set max-ip-registrations n command, where n is between 1-10. Important: Since the VOIP resources on the G250 are limited, adjusting the maximum IP Important: registrations above the default value (8) can result in system performance problems.
- Page 90 Configuring Standard Local Survivability (SLS) on the G250 90 Administration for the Avaya G250 and Avaya G350 Media Gateways...
-
Page 91: Chapter 6: Configuring Ethernet Ports
Use a crossover network cable when you connect a computer or other endpoint device to the fixed router port. For the other Ethernet ports on the G250, you can use either a standard network cable or a crossover network cable to connect any device. -
Page 92: Ethernet Ports On The G350
The switch on the Avaya G350 Media Gateway has the following Ethernet ports: The 10/100 mbps fixed switch port on the front panel (port 10/3) ● The 10/100 mbps ports on the Avaya MM314 media module (ports 6/1 through 6/24) ● The Gigabit port on the Avaya MM314 media module (port 6/51) ●... -
Page 93: Switch Ethernet Port Commands
Configuring switch Ethernet ports Switch Ethernet port commands Use the following commands for basic configuration of switch Ethernet ports. For more information about these commands, see Avaya G250 and Avaya G350 CLI Reference, 03-300437. Use the set port auto-negotiation-flowcontrol-advertisement command ●... -
Page 94: Configuring The Wan Ethernet Port
Note: kilobytes. To disable traffic shaping, use the no form of the traffic-shape rate command. For information on traffic shaping in general, see Configuring QoS parameters on page 122. 94 Administration for the Avaya G250 and Avaya G350 Media Gateways... -
Page 95: Backup Interfaces
Use the no form of this command to restore the administrative status of the interface to up. Use the speed command to set the port speed. ● Configuring DHCP client This section provides information about configuring DHCP client in the G250/G350, and contains the following topics: DHCP client overview ● DHCP client applications ●... -
Page 96: Dhcp Client Overview
The client periodically sends requests to the server to renew or extend the lease. In addition to receiving an IP address, a G250/G350 DHCP client can optionally request to receive a domain name, a list of default routers, and a list of available DNS servers. -
Page 97: Dhcp Client Configuration
Use the ip dhcp client client-id command to set the client-identifier for the ● DHCP client. By default, the client-identifier is usually the MAC address of the G250/ G350 Fast Ethernet interface. Use the ip dhcp client hostname command to set the host name for the DHCP ●... - Page 98 (D:H:M:S) : 0:0:8:45 Lease Renew (D:H:M:S) : 0:0:5:0 Lease Requested (D:H:M:S) : 1:3:4:0 Host Name : G350-A Client Identifier : 01:00:04:0D:29:DC:68 Requested Options subnet-mask (1) routers (3) domain-name (15) domain-name-servers (6) 98 Administration for the Avaya G250 and Avaya G350 Media Gateways...
-
Page 99: Releasing And Renewing A Dhcp Lease
Configuring DHCP client Releasing and renewing a DHCP lease To release or renew a DHCP lease for an interface: Use the release dhcp command to release a DHCP lease for an interface. This ● effectively releases the client IP address, and no IP address is allocated to the specified interface. -
Page 100: Configuring Dhcp Client Logging Messages
TLV. The IEEE recommends a TTL value of 120 seconds, but you can change it if necessary. This ensures that only valid LLDP information is stored in the network devices and is available to network management systems. 100 Administration for the Avaya G250 and Avaya G350 Media Gateways... -
Page 101: Supported Tlvs
LLDP configuration To configure LLDP: 1. Enable the LLDP agent globally using the set lldp system-control command. G250-001(super)# set lldp system-control enable Done! The device’s global topology information, including all mandatory TLVs, is now available to neighboring devices supporting LLDP. -
Page 102: Supported Ports For Lldp
Supported ports for LLDP Only designated ports can be configured to support LLDP. For the G250, module 10, ports 3-10. This includes all Ethernet ports on the G250 other ● than the Ethernet WAN port connecting directly to the chassis. -
Page 103: Chapter 7: Configuring Logging
Logging overview The Avaya G250/G350 Media Gateway includes a logging package that collects system messages in several output types. Each of these types is called a sink. When the system generates a logging message, the message can be sent to each sink that you have enabled. -
Page 104: Configuring A Syslog Server
IP address of the Syslog server. When you define a new Syslog server, it is defined as disabled, so you must use this command in order to enable the server. G350-001(super)# set logging server enable 147.2.3.66 Done! 104 Administration for the Avaya G250 and Avaya G350 Media Gateways... - Page 105 Configuring a Syslog server 3. Optionally, define an output facility for the Syslog server by typing the set logging server facility command, followed by the name of the output facility and the IP address of the Syslog server. If you do not define an output facility, the default local7 facility is used.
-
Page 106: Syslog Message Format
IP address of the Syslog server. If you do not specify an IP address, the command displays the status of all Syslog servers defined for the G250/G350. As shown, the command displays whether the server is enabled or disabled, and lists all filters defined on the server. -
Page 107: Configuring A Log File
Configuring a log file Configuring a log file A log file is a file of data concerning a system event, saved in the flash memory. The log files serve as the system logging database, keeping an internal record of system events. To enable the logging of system messages to a log file in the flash memory: 1. -
Page 108: Configuring A Session Log
Configuring logging filters on page 109). To discontinue the display of system messages to the terminal screen, type the set logging session disable command. G350-001(super)# set logging session disable Done! 108 Administration for the Avaya G250 and Avaya G350 Media Gateways... -
Page 109: Configuring Logging Filters
Configuring logging filters To display how session logging is configured, type the show logging session condition command. This command displays whether session logging is enabled or disabled, and lists all filters defined for session logging. G350-001(super)# show logging session condition ****************************************************** *** Message logging configuration of SESSION sink *** Sink Is Enabled... -
Page 110: Setting The Logging Filters
QoS application with a severity level of critical or higher, type show logging file content critical qos 50. show logging file content critical qos 5 G350-001(super)# 110 Administration for the Avaya G250 and Avaya G350 Media Gateways... -
Page 111: Severity Levels
Configuring logging filters Severity levels There are eight levels of severity, as listed in Table Severity levels. Table 4: Severity levels Severity level Code Description emergency System is unusable alert Immediate action required critical Critical condition error Error condition warning Warning condition notification Normal but significant condition... -
Page 112: Applications To Be Filtered
Table 5: Logging applications Application Description boot System startup failures cascade Stack CASCADE mechanism Call Detail Recording (G250 only). Registers the active calls of a G250 working in SLS mode. cna-tp Chatter config Configuration changes console Serial modem messages dhcpc... - Page 113 Configuring logging filters Table 5: Logging applications (continued) Application Description router Core routing system failures rtp-stat RTP MIB statistics RTR-probes messages security Secure logging (authentication failure) snmp SNMP agent Spanning tree package (G350 only) supply Power supply system switchfabric Switch fabric failures system Operating system failures tftp...
-
Page 114: Logging Configuration Examples
G350-001(super)# set logging file enable Done! G350-001(super)# set logging file condition boot informational Done! G350-001(super)# set logging file condition cascade alert Done! 114 Administration for the Avaya G250 and Avaya G350 Media Gateways... -
Page 115: Session Log Example
Logging configuration examples Session log example The following example enables a session log for a user wishing to debug the ISAKMP application, while only receiving messages of severity error or stronger for all other applications. The user therefore sets the default severity for all applications to error, and then sets the severity of the ISAKMP application to informational. - Page 116 Configuring logging 116 Administration for the Avaya G250 and Avaya G350 Media Gateways...
-
Page 117: Chapter 8: Configuring Voip Qos
Configuring RTP and RTCP on page 118. You can use many types of telephones and trunks that do not directly support VoIP. The Avaya G250/G350 Media Gateway translates voice and signalling data between VoIP and the system used by the telephones and trunks. -
Page 118: Configuring Rtp And Rtcp
1 or 2 bytes CID (context-id) plus unpredictable deltas from the last packet. The G250/G350 offers both RTP header compression for reducing the amount of bandwidth needed for voice traffic, and TCP and UDP header compression for reducing the amount of bandwidth needed for non-voice traffic. -
Page 119: Configuring Rtp, Tcp, And Udp Header Compression
Configuring header compression The G250/G350 can decompress any type of compressed packet. Decompression is enabled whenever compression is enabled. However, when enabling header compression on a Frame Relay interface, you must first make sure that the remote host is also employing header compression. - Page 120 Note: parameter goes into effect immediately. To disable IPHC-type RTP, TCP, and UDP header compression on an interface, use the no ip rtp header-compression command in the interface context. 120 Administration for the Avaya G250 and Avaya G350 Media Gateways...
-
Page 121: Configuring Tcp Header Compression
Displaying and clearing header compression statistics You can use the following commands to display and clear header compression statistics. For a full description of the commands and their output fields, see Avaya G250 and Avaya G350 CLI Reference, 03-300437. Use the show ip rtp header-compression command to display the RTP header ●... -
Page 122: Configuring Qos Parameters
Use the set qos control command to define the source for QoS control parameters. ● The source can be either local where the user configures the values locally on the G250/ G350, or remote in which case the values are obtained from the G250/G350’s registered MGC. -
Page 123: Configuring Rtcp Qos Parameters
Configuring RTCP QoS parameters Use the voip-queue-delay command to set the maximum queue delay for which to ● estimate the high priority queue size necessary to meet the queuing delay for a specific VoIP codec. To determine the queue size you currently have, use the show queueing command. -
Page 124: Configuring Weighted Fair Voip Queuing (Wfvq)
The upper and lower limits of this command depend on the amount of bandwidth configured for the interface. Note: This command should generally be used only for troubleshooting. Note: 124 Administration for the Avaya G250 and Avaya G350 Media Gateways... -
Page 125: Chapter 9: Configuring The G250 And G350 For Modem Use
Both the USB port and the console port require configuration for modem use. You can configure the ports for modem use via the Avaya IW or the GIW. For details on using a modem with the G250 or G350, see Installation and Upgrades for the Avaya G250 Media Gateway, 03-300434 or Installation and Upgrades for the Avaya G350 Media Gateway, 03-300394. - Page 126 Use the show interface usb-modem command to display the USB interface ● parameters, the current status of the USB port, and the identity of any USB modem connected to the USB port. 126 Administration for the Avaya G250 and Avaya G350 Media Gateways...
-
Page 127: Configuring The Console Port For Modem Use
Use the async mode interactive command to set the console port to use modem mode every time an Avaya proprietary modem cable is plugged into the console port. If you do not want the console port to automatically detect when a modem is connected to it, use the async mode terminal command to disable interactive mode. - Page 128 — 9600 ● data bits — 8 ● parity — none ● stop bits — 1 ● flow control — hardware ● 128 Administration for the Avaya G250 and Avaya G350 Media Gateways...
-
Page 129: Chapter 10: Configuring Wan Interfaces
You can use an MM340 E1/T1 media module or an MM342 USP media module as an endpoint for a WAN line on both the G250 and the G350. You can also use the Fast Ethernet port on the G250/G350 chassis as the endpoint for a WAN line by configuring the Fast Ethernet interface for PPP over Ethernet (PPPoE). - Page 130 ● Dynamic CAC on page 169. Quality of Service (QoS) — the G250/G350 uses Weighted Fair VoIP Queuing (WFVQ) as ● the default queuing mode for WAN interfaces. WFVQ combines weighted fair queuing (WFQ) for data streams and priority VoIP queuing to provide the real-time response time that is required for VoIP.
-
Page 131: Serial Interface Overview
WAN media module. Serial interfaces support PPP and frame relay encapsulation protocols. The G350 supports multiple channel groups on the same E1/T1 interface. In contrast, the G250 only supports a single channel group. If a G250 user attempts to create more than one channel group, an error message appears. -
Page 132: Frame Relay Multipoint Topology Support
The Avaya G250/G350 Media Gateway supports point-to-point frame relay connections. To enable you to use the G250/G350 as an endpoint in a Point to Multi-Point (PTMP) topology, the G250/G350 supports inverse ARP replies. The G250/G350 responds to inverse ARP queries received on frame relay sub-interfaces with the proper inverse ARP replies. -
Page 133: Initial Wan Configuration
1. Use the show-ds command to check if the G250/G350 is configured for E1 or T1 operation. 2. Use the ds-mode command to set the mode of the G250/G350 to E1 or T1. Changing the line type requires resetting the module. The default value is T1. - Page 134 1, 3-5, and 7 to be mapped in channel-group number 1, and sets the DS0 speed to 64 kbps. The default DS0 speed for E1 mode is 64. Note: The G250 only supports a single channel group. Note: 134 Administration for the Avaya G250 and Avaya G350 Media Gateways...
- Page 135 IP interface number. Note: The WAN media module in a G250 must always be in slot number 2. The G250 Note: only supports a single channel group.
-
Page 136: E1/T1 Default Settings
Default setting DS mode E1 framing CRC4 T1 framing E1 linecode HDB3 T1 linecode Clock source Line T1 cable length Long, Gain 26.0 db Speed E1: 64kbps T1: 56kbps 136 Administration for the Avaya G250 and Avaya G350 Media Gateways... -
Page 137: Configuring The Avaya Mm342 Usp Wan Media Module
The transmitter-delay command is usually used when the DCE equipment Note: that is connected directly to the G250/G350, or the router on the WAN have a receive buffer that is not large enough to hold the traffic sent by the G250/G350. -
Page 138: Usp Default Settings
145. 7. Use the copy running-config startup-config command to save the configuration. USP default settings Table 7 shows the default settings for USP WAN lines on the G250/G350: Table 7: USP default settings Function Default setting Encoding... -
Page 139: Configuring Ppp
- Use the ppp timeout ncp command to set the maximum time to wait for the network layer to negotiate. If this time is exceeded, the G250/G350 restarts the PPP session. - Use the ppp timeout retry command to set the maximum time to wait for a response during PPP negotiation. -
Page 140: Pppoe Overview
A PPPoE client can establish a tunnel that carries PPP frames between a dialing host (the G250/G350) and an access concentrator. This enables the use of PPP authentication protocols (CHAP and PAP). Unlike other tunneling protocols such as L2TP and PPTP, PPPoE works directly over Ethernet rather than IP. - Page 141 Initial WAN configuration Note: You cannot use PPPoE if: Note: - An IP address is configured on the interface - Dynamic CAC is enabled on the interface. See Dynamic CAC on page 169. - The interface is part of a primary-backup interface pair. See Backup interfaces page 146.
- Page 142 The object tracker continues monitoring the interface, and when its track state changes to up, the interface state changes to up. 142 Administration for the Avaya G250 and Avaya G350 Media Gateways...
-
Page 143: Configuring Frame Relay
Initial WAN configuration 6. If the G250/G350 is connected to the Internet via the Fast Ethernet interface configured for PPPoE, and you define a VPN tunnel which specifies remote hosts by name, it is recommended to use the ppp ipcp dns request command. This command requests the list of available DNS servers from the remote peer during the PPP/IPCP session. - Page 144 2 on the USP media module in slot number 5, on port number 1, with IP interface number 1 Note: The WAN media module in a G250 must always be in slot number 2. The G250 Note: only supports a single channel group.
-
Page 145: Verifying The Wan Configuration And Testing Connectivity
Use the show startup-config command to display the configuration loaded at startup. ● Use the ping command to send ICMP echo request packets from the G250/G350 to the ● interface serial peer IP address and verify that it responds. Use the ping command to send ICMP echo request packets to another node on the ●... -
Page 146: Backup Interfaces
The following rules govern the interface backup relations: Each interface can have only one backup interface. ● A backup interface can serve as a backup for only one other interface. ● 146 Administration for the Avaya G250 and Avaya G350 Media Gateways... -
Page 147: Backup Commands
For example, the following command causes the G250/G350 to switch immediately to the backup interface in the event of primary interface failure, and to delay 60 seconds before reverting back to the primary interface once the... -
Page 148: Modem Dial Backup Overview
Media Gateway Controller (MGC) at the headquarters or a regional branch office. Even if the gateway has Standard Local Survivability (SLS - G250 only), or Enhanced Local Survivability (ELS) using a local S8300 in LSP mode, it is always preferable to continue working with the primary MGC, since features are lost when the system is fragmented. - Page 149 Modem dial backup uses a modem connected directly to the G250/G350’s USB or console port. The modem can also be used to access the G250/G350 CLI from a remote location. The modem cannot do both at the same time. For information about remote access to the G250/...
-
Page 150: Typical Installations
G250/G350s. A reasonable assumption is that not all branch office would need modem dial backup at the same time. Therefore, the ratio of modem channels at the RAS to G250/G350s at branch offices can be less than 1:1. There are several practical ways to configure the RAS server for use with modem dial backup Dialer interfaces: The RAS can assign an IP address to the calling G250/G350. -
Page 151: Configuring Modem Dial Backup
1. From the main context, use the show interfaces Console or show interfaces usb-modem command to verify that the modem is connected. If required, enable the modem as described in Chapter 9: Configuring the G250 and G350 for modem use page 125. Issue 1.1 June 2005... - Page 152 5. Use the dialer persistent initial delay command, with the value 30 seconds, to prevent dialup after boot, before the WAN link is fully functional. G350-001(if:dialer 1)# dialer persistant initial delay 30 Done! 152 Administration for the Avaya G250 and Avaya G350 Media Gateways...
- Page 153 Modem dial backup 6. Use the dialer persistent max-attempts command to set the maximum number of Dialer attempts. G350-001(if:dialer 1)# dialer persistent max-attempts 10 Done! The Dialer interface dials each number associated with a dialer string, in order, until either a connection is made, or the number configured in the dialer persistent max-attempts command is reached.
- Page 154 The following example configures a simple low priority via static route. G350-001(super)# ip default-gateway dialer 1 1 low Done! Note: It is recommended that you define multiple routes to ensure that traffic reaches Note: the dialer interface. 154 Administration for the Avaya G250 and Avaya G350 Media Gateways...
-
Page 155: Modem Dial Backup Interactions With Other Features
Backup interfaces on page 146. The G250/G350’s console port is an RJ-45 asynchronous port that can be used to support ● the modem for dial backup. Thus the dialer can utilize the same serial modem that is used for remote access to the device. -
Page 156: Configuration Example
The branch office is connected to the corporate network using a G250. IP phone users in the branch office connect to an MGC located in the headquarters data center, and there is an RAS located in the headquarters data center, with multiple phone lines available for dial access. - Page 157 Modem dial backup Figure 16: Modem dial backup configuration example Issue 1.1 June 2005...
- Page 158 G250-001(super-if:Dialer 1)# dialer string 2 7325213412 Done! G250-001(super-if:Dialer 1)# dialer modem-interface console Done! G250-001(super-if:Dialer 1)# ip unnumbered 1 Loopback 1 Done! G250-001(super-if:Dialer 1)# ip access-group 305 out Done! G250-001(super-if:Dialer 1)# exit G250-001(super)# 158 Administration for the Avaya G250 and Avaya G350 Media Gateways...
- Page 159 Done! G250-001(if:serial 2/1:1)# exit G250-001(super)# Step 13 G250-001(super)# router ospf G250-001(super router:ospf)# network 149.49.4.4 0.0.0.3 area 0.0.0.5 Done G250-001(super router:ospf)# exit G250-001(super)# An explanation of the steps taken is as follows: 1. Assign an IP address to the Loopback interface for use with modem dial backup using the interface loopback command.
- Page 160 The Dialer interface must be configured to use a physical interface on the device, to which the modem is connected. For the G250, modem dial backup is supported only from the console port. For the G350, modem dial backup is supported on both the console port and the USB port.
-
Page 161: Modem Dial Backup Maintenance
Modem dial backup Modem dial backup maintenance The G250/G350 generates specific log messages for Dialer interface activity when configured to do so. Certain dialer-related log messages are generated to aid you in troubleshooting problems with modem dial backup. In addition, messages generated by the modem and the PPP session are available to help with troubleshooting modem dial backup issues. - Page 162 1 of 6 162 Administration for the Avaya G250 and Avaya G350 Media Gateways...
- Page 163 Modem dial backup Table 8: Modem dial backup logging messages (continued) Log Message Severity Possible cause Action Dialer 1 string Informational The value of <string_ID> is None required. <string_ID> equal to the ID of the string <dialer_string> configured using the dialer string command.
- Page 164 When the modem is discovered None required. by the device and the initialization string is successful, a message is generated indicating that the device is ready to dial. 3 of 6 164 Administration for the Avaya G250 and Avaya G350 Media Gateways...
- Page 165 Modem dial backup Table 8: Modem dial backup logging messages (continued) Log Message Severity Possible cause Action Init string error Warning This message is generated Troubleshooting steps: when the USB modem attempts Check modem ● to dial and has an incorrect configuration for initialization string.
- Page 166 PAP authentication request. CHAP passed/ Debug This message is sent when the None required. failed authenticating station responds to the CHAP authentication request. 5 of 6 166 Administration for the Avaya G250 and Avaya G350 Media Gateways...
-
Page 167: Icmp Keepalive
ICMP keepalive Table 8: Modem dial backup logging messages (continued) Log Message Severity Possible cause Action IPCP Up/Down Debug PPP uses IPCP to define the IP None required. characteristics of the session. IP packets cannot be exchanged until IPCP is in the Up state. IPCP IP reject Warning This message is generated... - Page 168 Headquarters Small Branch For example, your branch office may have a G250 or G350 that connects to the Headquarters over a T1 line and via an xDSL connection to the Internet. The T1 line is used for voice traffic, while data packets are sent over the xDSL line. Normal keepalive cannot report on the status of the entire WAN path.
-
Page 169: Dynamic Cac
Dynamic Call Admission Control (CAC) provides enhanced control over WAN bandwidth. When Dynamic CAC is enabled on an interface, the G250/G350 informs the MGC of the actual bandwidth of the interface and tells the MGC to block calls when the bandwidth is exhausted. - Page 170 (optional) — If dynamic CAC is activated on more than one ● active interface, the G250/G350 reports the bearer bandwidth limit of the interface with the highest activation priority. You can set the activation priority to any number between 1 and 255.
-
Page 171: Object Tracking
Object tracking Note: Dynamic CAC also requires configuration of the Avaya Communication Manager. Note: For details, see Administrator’s Guide for Avaya Communication Manager, 555-233-506. Object tracking This section describes the object tracking feature, which enables you to track the state (up/ down) of various objects in the system using keepalive probes, and notify registered applications when the state changes. -
Page 172: Object Tracking Configuration
Object tracking configuration The process of configuring object tracking on the G250/G350 consists of the following main steps: 1. Configure RTRs to monitor remote devices and learn their state (up or down). Each RTR has a state: inactive (not running), up (the remote device is considered up), or down (the remote device is considered down). -
Page 173: Configuring Rtr
The next-hop command is disabled by default. Use the next-hop command when the G250/G350 is connected to a remote device via more than one interface, and you wish to monitor the state of one specific interface. When you specify the next-hop as the interface you wish to monitor, you ensure that the RTR will probe that interface. -
Page 174: Configuring Object Tracking
By default, the source-address command is disabled, and RTR probes use the output interface’s address. Use the source-address command when you are probing a device located on the Internet, and specify as the source-address the G250/G350 public IP address. G350-001(config-rtr icmp 5)# source-address 135.64.102.5 Done! 7. - Page 175 G250-001(config)# track 1 rtr 5 G250-001(config-track rtr 1)# 2. Use the description command to enter a description for the object tracker. G250-001(config-track rtr 1)# description "track rtr-5" Done! To configure a track list: 1. Use the track id list command to enter track list configuration mode, to specify the unique ID of the track list (between 1-50), and to specify how to calculate the state of the track list.
- Page 176 Figure 18: Object tracking configuration workflow type frequency dscp next-hop source-address wait-interval fail-retries success-retries rtr-schedule track id rtr description track id list description object 1 object n threshold count 176 Administration for the Avaya G250 and Avaya G350 Media Gateways...
-
Page 177: Object Tracking Maintenance
Object tracking Object tracking maintenance The following sections describe the commands you can use to display RTR and object tracking configuration, and enable RTR and object tracking logging to a CLI terminal. Showing RTR and object tracking configuration You can use the following show commands to display RTR and Object Tracking configuration. Use the show rtr configuration command to display RTR configuration values, ●... -
Page 178: Rtr And Object Tracking Configuration Examples
2. The second step is to configure an object tracker which tracks the state of RTR 5: G250-001(config)# track 1 rtr 5 G250-001(config-track rtr 1)# description "track rtr-5" Done! G250-001(config-track rtr 1)# exit 178 Administration for the Avaya G250 and Avaya G350 Media Gateways... -
Page 179: Example - Tracking A Group Of Devices
Example — tracking a group of devices The following example illustrates tracking the overall state of a group of devices. Figure 20: Tracking multiple remote devices IP Address: 10.0.0.1 Avaya GW IP Address: 20.0.0.1 G350 To track multiple remote devices: 1. -
Page 180: Typical Object Tracking Applications
Typical application – backup for the ● WAN Fast Ethernet interface on page 181, and Typical application – interface backup via policy-based routing on page 184. The following sections describe these typical applications. 180 Administration for the Avaya G250 and Avaya G350 Media Gateways... -
Page 181: Typical Application - Vpn Failover Using Object Tracking
Typical application – VPN failover using object tracking In this application, the G250/G350 is connected to a remote site through an IPSec VPN tunnel. The remote site can be reached through two or more VPN gateways that can backup each other, such as a main gateway and a backup gateway. - Page 182 FastEthernet 10/2 exit rtr-schedule 3 start-time now life forever rtr 4 type echo protocol ipIcmpEcho 6.0.0.203 next-hop interface FastEthernet 10/2 exit rtr-schedule 4 start-time now life forever 182 Administration for the Avaya G250 and Avaya G350 Media Gateways...
- Page 183 Object tracking ! Define four object trackers to track the four RTRs. track 1 rtr 1 exit track 2 rtr 2 exit track 3 rtr 3 exit track 4 rtr 4 exit ! Define a track list consisting of the four object trackers. ! Define a threshold calculation such that if all four object trackers ! are up, the list is up, and if 2 or less are up, the list is down.
-
Page 184: Typical Application - Interface Backup Via Policy-Based Routing
149.49.42.1 destination-ip host 149.49.43.1 exit exit ! Assign PBR list 801 to interface Vlan 1. interface Vlan 1 icc-vlan ip pbr-group 801 ip address 149.49.42.254 255.255.255.0 exit 184 Administration for the Avaya G250 and Avaya G350 Media Gateways... -
Page 185: Frame Relay Encapsulation
The G250/G350 supports class-based traffic assignment (priority DLCI). Priority DLCI is a means for implementing QoS on frame relay circuits. The G250/G350 separates traffic with different QoS levels to up to four different VCs on the same frame relay sub-interface. This feature enables you to assign unique Permanent VCs (PVC) for VoIP and non-VoIP traffic. -
Page 186: Traffic Shaping And Marking
DLCI is set as the High Priority DLCI in the Priority DLCI group. On the Avaya G250/G350 Media Gateway, OSPF is mapped by default to the High Priority DLCI. For better network reliability, it is recommended to verify that the same configuration exists on the other side of the frame relay connection. -
Page 187: Priority Queuing
When using VoIP, the G250/G350 enables a distinction within the high-priority queue between priorities 6 and 7. The G250/G350 uses priority 6 for the voice-bearer traffic, and priority 7 for the voice-controller traffic. These two priorities are served on a round-robin basis. Within the high-priority queue, the priority 6 capacity is a maximum of 25% the size of the priority 7 capacity to reduce the delay of voice flow. -
Page 188: Ppp Voip Configuration
The default RTP UDP port range is 2048 to 3028. ● Network IPs (24 bit subnet masks): ● - IP phones - 149.49.54.0 (VLAN 1) - Data - 11.11.11.0 (VLAN 2) 188 Administration for the Avaya G250 and Avaya G350 Media Gateways... -
Page 189: Configuration Example For Site A
WAN configuration example - Serial - 2.2.2.1 - S8300 - 149.49.54.81 - G350 PMI - 149.49.54.82 Site B contains four IP phones and a G350 with S8300 and one MM340 media module. The MM340 media module connects the G350 to the WAN via a two-timeslot (128Kbps) T1 interface. - Page 190 (5) At this stage you are matching the RTP port range to that of the G350. (6) At this stage the default queue size is 6, and since RTP is enabled you can double the VoIP queue size. 190 Administration for the Avaya G250 and Avaya G350 Media Gateways...
-
Page 191: Configuration Example For Site B
WAN configuration example Configuration Example for Site B The following is the procedure for configuring PPP VoIP on the G350 at Site B. Loopback and PMI interfaces configuration: ● G350-001# interface Loopback 1 G350-001(if:Loopback1)# ip address 4.4.4.11 32 Done! G350-001(if:Loopback 1)# pmi The Primary management interface has changed. - Page 192 Configuring WAN interfaces 192 Administration for the Avaya G250 and Avaya G350 Media Gateways...
-
Page 193: Chapter 11: Configuring Poe
● Introduction to PoE on the G250 and G350 The Avaya G350 MM314 PoE media module provides Inline DC power over the signal pairs, in addition to switched Ethernet, on the existing LAN infrastructure for devices such as IP telephones and Wireless LAN access points. This allows you to deploy devices in the network that require power without installing standard power cables. -
Page 194: Load Detection
PD still connected? The MM314 PoE media module and the G250 apply a low voltage to the power feed pairs and measure the current. A resistance of 19kΩ to 26.5kΩ is considered valid. If a valid signature is detected, and the device has not exceeded its PoE allocated power, then power is supplied to the port. -
Page 195: Plug And Play Operation
The G250 has 92 W of power available for PDs. Each port can supply up to 18.8 W by default. If a powered device tries to draw more than the maximum allowed power per port, power is denied. -
Page 196: Poe Configuration Cli Commands
Configuring PoE PoE configuration CLI commands Use the following commands to configure PoE on the G250, or the G350’s MM314 PoE media module: Use the set port powerinline command to enable or disable load detection on a ● port. Use the set port powerinline type command to configure the connected PD type. - Page 197 G350-001(super)# set port powerinline 6/12 disable Load detection process on port 6/12 is disabled. The following example configures PoE priority on a G250 port: G250-001(super)# set port powerinline priority 10/3 high Powering priority on port 10/3 was set to High.
- Page 198 ------ ------------------ --------- -------- 10/3 Searching telephone 10/4 Searching telephone 10/5 Searching telephone 10/6 Searching telephone 10/7 Delivering Power telephone 10/8 Searching telephone 10/9 Searching telephone 10/10 Searching telephone 198 Administration for the Avaya G250 and Avaya G350 Media Gateways...
-
Page 199: Chapter 12: Configuring Emergency Transfer Relay (Etr)
Avaya G250/G350 Media Gateway connects the fixed analog trunk port (3/1 in the G250, 7/1 in the G350) to the first fixed analog line port (3/2 in the G250, 7/2 in the G350). An outside telephone exchange can be connected to the trunk port and an analog telephone can be connected to the line port. -
Page 200: Setting Etr State
(3/1 in the G250, 7/1 in the G350) and the first analog line port (3/2 in the G250, 7/2 in the G350). The other analog line port (3/3 in the G250, 7/3 in the G350) will also be disabled. -
Page 201: Viewing Etr State
Viewing ETR state Viewing ETR state You can use the show etr command to display ETR information. This information includes the following: ETR setting (auto, manual-off, or manual-on) ● Module status (in service, out of service, or out of service waiting for off-hook) ●... - Page 202 Configuring Emergency Transfer Relay (ETR) 202 Administration for the Avaya G250 and Avaya G350 Media Gateways...
-
Page 203: Chapter 13: Configuring Snmp
G350 devices Configuring dynamic trap manager — instructions on how to configure dynamic trap ● manager, a feature that ensures that traps are always sent to the G250/G350’s active SNMP configuration examples — examples of SNMP configuration ● SNMP configuration overview SNMP uses software entities called managers and agents to manage network devices. - Page 204 SNMP management station, to perform the action needed when a trap is detected. Note: For a list of traps and MIBS, see Traps and MIBs on page 533. Note: 204 Administration for the Avaya G250 and Avaya G350 Media Gateways...
-
Page 205: Snmp Versions
SNMPv3 on the G350 is backwards compatible. An agent that supports SNMPv3 will also support SNMPv1 and SNMPv2c. The Avaya G250 Media Gateway supports users for all three of these versions, but only supports the SNMPv3 mechanism for sending traps. Thus, the set snmp trap command is not supported in the G250, although the set snmp trap enable auth|frame-relay command is supported. -
Page 206: Snmpv3
Username — A string of up to 32 characters representing the name of the user. ● Groupname — A string of up to 32 characters representing the name of the group with ● which the user is associated. 206 Administration for the Avaya G250 and Avaya G350 Media Gateways... -
Page 207: Groups
The group maps its users to views based on the security mode and level with which the user is communicating with the G250/G350. Within a group, the following combinations of security mode and level can be mapped to views: SNMPv1 —... -
Page 208: Views
OIDs to the list or exclude OIDs from a list of all of the OIDs in the G250/G350’s MIB tree. You can use wildcards to include or exclude an entire branch of OIDs in the MIB tree, using an asterisk instead of the specific node. For a list of MIBs... -
Page 209: Configuring Snmp Traps
You can add and remove addresses from the trap receivers table. In addition, you can limit the traps sent to specified receivers. You can also enable and disable link up/down traps on specified G250/G350 interfaces. Use the following commands to configure the trap receivers table: Note: You need an Admin privilege level to use the SNMP commands. - Page 210 You must use this command from an interface context. Use the no snmp trap link-status command to disable Link Up and Link Down ● traps on an interface. You must use this command from an interface context. 210 Administration for the Avaya G250 and Avaya G350 Media Gateways...
-
Page 211: Configuring Snmp Access
You need an Admin privilege level to use the SNMP commands. Note: Use the ip snmp enable command to enable SNMP access to the G250/G350. Use the ● no form of this command to disable SNMP access to the G250/G350. -
Page 212: Configuring Dynamic Trap Manager
Configuring SNMP Configuring dynamic trap manager Dynamic trap manager is a special feature that ensures that the G250/G350 sends traps directly to the currently active MGC. If the MGC fails, dynamic trap manager ensures that traps are sent to the backup MGC. - Page 213 SNMP configuration examples The following example adds an SNMPv1 trap receiver (G350 only): G350-001(super)# set snmp trap 192.36.44.18 SNMP trap receiver added. The following example disables all traps for an SNMPv1 trap receiver (G350 only): G350-001(super)# set snmp trap 192.36.44.18 disable all SNMP all traps disabled.
- Page 214 The following example sets the SNMPv1 trap community: G350-001(super)# set snmp community trap trap SNMP trap community string set The following example enables link up/down trap on a LAN port on the G250: G250-001(super)# set port trap 10/3 enable Port 10/3 up/down trap enabled...
-
Page 215: Chapter 14: Configuring Contact Closure
It is recommended that you use an Avaya Partner Contact Closure Adjunct™ for contact closure. For more information, see Overview for the Avaya G250 and Avaya G350 Media Gateways, 03-300435. An Avaya Partner Contact Closure Adjunct contains two relays, one for each electrical device. -
Page 216: Contact Closure Hardware Configuration
1. Connect an Avaya Partner Contact Closure Adjunct to the Contact Closure port on the Avaya G250/G350 Media Gateway front panel. The Contact Closure port is labeled CCA on both the G250 and the G350 front panels. Use a telephone cable with standard RJ-11 connectors. -
Page 217: Showing Contact Closure Status
Showing contact closure status Use the show contact-closure command to display the status of one or more contact closure relays. The following example displays the contact closure status of relay 1 of the Avaya Partner Contact Closure Adjunct box. G350-101(super)# show contact-closure... - Page 218 Configuring contact closure 218 Administration for the Avaya G250 and Avaya G350 Media Gateways...
-
Page 219: Chapter 15: Configuring Advanced Switching
This chapter provides information about configuring advanced switching on the switch ports of the Avaya G250 and G350 Media Gateways. In the G250, the switch ports are the ETH LAN PoE ports located on the front panel. In the G350, the switch ports are located on the Avaya MM314 media module. -
Page 220: Vlan Overview
When traffic flows from a PC on the Sales VLAN, for example, that traffic is only forwarded out the other ports assigned to that VLAN. Thus, the Engineering and Marketing VLANs are not burdened with processing that traffic. 220 Administration for the Avaya G250 and Avaya G350 Media Gateways... -
Page 221: Vlan Tagging
Configuring VLANs Figure 25: VLAN Example. Sales Marketing Engineering Sales Marketing Engineering VLAN tagging VLAN Tagging is a method of controlling the distribution of information on the network. The ports on devices supporting VLAN Tagging are configured with the following parameters: Port VLAN ID ●... -
Page 222: Multi Vlan Binding
VLAN for privacy. The whole building has a shared high-speed connection to the ISP. In order to accomplish this, the G250/G350 enables multiple VLANs per port. The available Port Multi-VLAN binding modes are: Bound to Configured - the port supports all the VLANs configured in the switch ●... -
Page 223: Ingress Vlan Security
Unassigned packets receive the PVID of the port and are therefore allowed to enter. ICC-VLAN When the G250/G350 includes an ICC, the ICC connects to the G250/G350 via an internal switch. By default, the ICC is connected on Vlan 1. The VLAN to which the ICC connects is called the ICC-VLAN. -
Page 224: Vlan Configuration Examples
All ports on VLAN-id assigned to default VLAN. VLAN 34 was deleted successfully. The following example sets the current VLAN as the ICC-VLAN: G350-001(super)# interface Vlan 66 G350-001(super-if:Vlan 66)# icc-vlan Done! 224 Administration for the Avaya G250 and Avaya G350 Media Gateways... - Page 225 Configuring VLANs The following example enters configuration mode for a VLAN interface: G350-001(super)# interface Vlan 66 G350-001(super-if:Vlan 66)# The following example deletes a VLAN interface: G350-001(super)# no interface vlan 66 Done! The following example statically binds a VLAN to a port: G350-001(super)# no interface vlan 66 Done! The following example sets a port’s VLAN ID:...
- Page 226 VLANs 54 The following example displays the VLANs configured on the device: G50-001(super)# show vlan VLAN ID VLAN-name ------- -------------------------------- Marketing 2121 Training Total number of VLANs: 4 226 Administration for the Avaya G250 and Avaya G350 Media Gateways...
-
Page 227: Configuring Port Redundancy (G350 Only)
Port redundancy configuration examples — examples of port redundancy configurations ● Note: Port redundancy is not supported on the G250. Note: Port redundancy overview Redundancy involves the duplication of devices, services, or connections, so, in the event of a failure, the redundant duplicate can take over for the one that failed. -
Page 228: Switchback
Port redundancy CLI commands The following commands are used to configure port redundancy. For more information about these commands, see Avaya G250 and Avaya G350 CLI Reference, 03-300437. Use the set port redundancy enable/disable command to globally enable or ●... -
Page 229: Port Redundancy Configuration Examples
Configuring port redundancy (G350 only) Port redundancy configuration examples This section provides port redundancy configuration examples. The following example creates a port redundancy pair: G350-003(super)# set port redundancy 6/3 6/5 on 1 Monitor: Port 6/5 is redundant to port 6/3. Port redundancy is active - entry is effective immediately The following example deletes a port redundancy pair: G350-003(super)# set port redundancy 6/3 6/5 off... -
Page 230: Configuring Port Mirroring
You can define one source port and one destination port on each G250/G350 for received (Rx), transmitted (Tx), or transmitted and received (both) traffic. -
Page 231: Port Mirroring Configuration Examples
G350-001(super)# set port mirror source-port 6/2 mirror-port 6/10 sampling always direction rx Mirroring rx packets from port 6/2 to port 6/10 is enabled The following example creates a port mirroring pair in the G250: G250-001(super)# set port mirror source-port 10/3 mirror-port 10/10 sampling always direction rx... -
Page 232: Configuring Spanning Tree (G350 Only)
A network-unique identifier for each bridge on the extended network. ● A unique identifier for each bridge/LAN interface (a port). ● 232 Administration for the Avaya G250 and Avaya G350 Media Gateways... -
Page 233: Spanning Tree Per Port
Configuring spanning tree (G350 only) The relative priority of each port. ● The cost of each port. ● After these values are assigned, bridges multicast and process the formatted frames (called Bridge Protocol Data Units, or BPDUs) to derive a single, loop-free topology throughout the extended network. - Page 234 - force-true — treats the port as if it is connected point-to-point - force-false — treats the port as if it is connected to shared media - auto — tries to automatically detect the port’s connection type 234 Administration for the Avaya G250 and Avaya G350 Media Gateways...
-
Page 235: Spanning Tree Cli Commands
Spanning tree CLI commands Use the following commands to configure spanning tree. For more information about these commands, see Avaya G250 and Avaya G350 CLI Reference, 03-300437. Use the set port spantree command to enable or disable the spanning tree mode for ●... -
Page 236: Spanning Tree Configuration Examples
The following example sets the value in packets used by spanning tree in order to limit the maximum number of BPDUs transmitted during a hello-time period: G350-003(super)# set spantree tx-hold-count 4 tx hold count is set to 4. 236 Administration for the Avaya G250 and Avaya G350 Media Gateways... - Page 237 Configuring spanning tree (G350 only) The following example configures the version of spanning tree to use on the device: G350-003(super)# set spantree version rapid-spanning-tree Spanning tree version is set to rapid spanning tree. The following example displays spanning tree information: G350-003(super)# show spantree Spanning tree state is enabled Designated Root:...
-
Page 238: Port Classification
Port classification overview With the G250/G350, you can classify any port as either regular or valuable. Classifying a port as valuable means that a link fault trap is sent in the event of a link failure. The trap is sent even when the port is disabled. - Page 239 Port classification The following example displays the port classification of all ports on the G250: G250-003(super)# show port classification Port Port Classification -------- ------------------------- 10/3 regular 10/4 valuable 10/5 regular 10/6 valuable 10/7 regular 10/8 regular 10/9 regular 10/10 regular...
- Page 240 Configuring advanced switching 240 Administration for the Avaya G250 and Avaya G350 Media Gateways...
-
Page 241: Chapter 16: Configuring Monitoring Applications
Chapter 16: Configuring monitoring applications The Avaya G250 and G350 Media Gateways provide several software tools for monitoring and diagnosing your network. Use these tools to monitor the status of your network operations, and to analyze the flow of information. -
Page 242: Rmon Cli Commands
RMON agent on the management station. You can configure RMON for switching on the Avaya G350 Media Gateway. The G250/G350 uses RMON I, which analyzes the MAC layer (Layer 2 in the OSI seven-layer model). You can also configure a port to raise an SNMP trap whenever the port fails. - Page 243 Configuring RMON The following example creates an RMON event entry: G350-003(super)# rmon event 32 log description “Change of device” owner root event 32 was created successfully The following example creates an RMON history entry with an index of 80 on port 24 of the module in slot 6, recording activity over 60 intervals (buckets) of 20 seconds each.
-
Page 244: Configuring And Analyzing Rtp Statistics
256-511:137, 512-1023:156, 1024-1518:0, Configuring and analyzing RTP statistics This section describes how to configure and use the RTP statistics application as a QoS troubleshooting tool for the Avaya G250/G350 Media Gateway. This section includes the following topics: Overview — describes the functionality and usage of the RTP statistics application ●... - Page 245 An alternative tool available from Avaya for debugging QoS problems is VMON. Note: VMON is an RTCP QoS reports collector. VMON support, available in all Avaya devices, is the capability of a VoIP device to send a copy of an RTCP message to the IP address of a VMON server.
-
Page 246: Configuring The Rtp Statistics Application
The RTP statistics application samples the VoIP engine every RTCP interval, which is configured in Avaya Communication Manager, where it is called “RTCP Report Period”. For information about configuring the RTCP interval (RTCP report period), see Administrator’s Guide for Avaya Communication Manager, 555-233-506. - Page 247 Configuring and analyzing RTP statistics Note: All CLI commands described in this section are available in the general context of Note: the CLI. To view the configured thresholds: 1. Use the show rtp-stat thresholds CLI command. For example: G350-001(super)# show rtp-stat thresholds Item Threshold Event Threshold...
-
Page 248: Configuring Rtp Statistics Thresholds
For example, the codec-rtt metric indicates the overall delay experienced by the user. If you configure a meaningful threshold on the codec-rtt metric, metrics such as local-jitter, remote-jitter, and rtt metrics may help you identify causes when codec-rtt exceeds its threshold. 248 Administration for the Avaya G250 and Avaya G350 Media Gateways... -
Page 249: Enabling And Resetting The Rtp Statistics Application
Configuring and analyzing RTP statistics To configure RTP statistics thresholds: 1. Use the rtp-stat threshold command to set thresholds on QoS indicators. For example: rtp-stat threshold echo-return-loss 5 G350-001(super)# Done! With this example configuration, if echo-return-loss is sampled higher than 5 dB during an RTP session, the echo-return-loss event counter increments. -
Page 250: Viewing Application Configuration
QoS fault and clear traps. Fault The QoS fault trap boundary. That is, the minimum number of active sessions with QoS faults that triggers a QoS fault trap. 1 of 2 250 Administration for the Avaya G250 and Avaya G350 Media Gateways... -
Page 251: Configuring Qos Traps
Configuring and analyzing RTP statistics Table 11: RTP statistics application configuration (continued) Name Description Clear The QoS clear trap boundary. That is, the reduced number of active sessions with QoS faults that triggers a QoS clear trap to be sent after a QoS fault trap was sent. - Page 252 4. Use the rtp-stat qos-trap command to enable the traps, if not enabled already. For example: G350-001# rtp-stat qos-trap The RTP statistics QoS trap is enabled QoS traps are now enabled. 252 Administration for the Avaya G250 and Avaya G350 Media Gateways...
-
Page 253: Configuring Qos Fault And Clear Traps
Note: indicating to the user that there are QoS problems in a specific network device. See the Avaya Network Management Console User Guide, 14-300169. To enable and configure QoS fault and clear traps: 1. Use the rtp-stat fault command. For example:... -
Page 254: Analyzing Rtp Statistics Output
The number of QoS traps dropped by the rate limiter since the RTP statistics application was enabled or since the last use of the rtp-stat clear command. 1 of 2 254 Administration for the Avaya G250 and Avaya G350 Media Gateways... -
Page 255: Viewing Rtp Session Statistics
See Configuring QoS fault and clear traps on page 253. Engine ID The ID of the VoIP engine. Since the G250/G350 has one VoIP engine, one line appears in the table. Description Description of the VoIP engine. Uptime The uptime of the RTP statistics application. - Page 256 , L2Pri 6 , RTCP 62 Remote-Statistics: Loss 0.0% , Avg-Loss 0.0% , Jitter 0mS , Avg-Jitter 0mS Echo-Cancellation: Loss 45dB , Len 32mS RSVP: Status Disabled , Failures 0 256 Administration for the Avaya G250 and Avaya G350 Media Gateways...
- Page 257 ● in the session. Faulted. There are QoS ● problems in the session. EngineId The ID of the VoIP engine. The G250/ EngineId: 0 G350 has one VoIP engine. Start-Time The date of the RTP session. 2004-10-20 The start time of the RTP session.
- Page 258 VoIP engine (RTP sec) receiver) statistics. The sampling interval. Samples: 54 (5 sec) Codec: The codec used for the session. G723 The RTP packet size, in bytes. 2 of 6 258 Administration for the Avaya G250 and Avaya G350 Media Gateways...
- Page 259 Configuring and analyzing RTP statistics Table 13: Detailed CLI output per RTP session (continued) Field Label Description From the CLI example The RTP packet interval, in ms. 30mS The encryption method. Silence The received silence suppression Silence-suppression suppression (Tx/ method. (Tx/Rx) Disabled Not-Supported The transmitted silence suppression...
- Page 260 TTL(last/min/max) of TTL, and maximum value of TTL 63/63/63 sampled during the session. TTL changes during a session may indicate route flaps in the IP network. 4 of 6 260 Administration for the Avaya G250 and Avaya G350 Media Gateways...
- Page 261 Configuring and analyzing RTP statistics Table 13: Detailed CLI output per RTP session (continued) Field Label Description From the CLI example Duplicates This counter increments each time two Duplicates 0 consecutive RTP packets with the sample RTP sequence number are received.
-
Page 262: Viewing Qos Traps, Qos Fault Traps And Qos Clear Traps
The syslog messages are stored in the messages file on the MGC hard disk. You can view the syslog messages through Avaya Communication Manager maintenance web pages to debug the QoS problems. 262 Administration for the Avaya G250 and Avaya G350 Media Gateways... -
Page 263: Analyzing Qos Trap Output
Configuring and analyzing RTP statistics To view syslog messages: 1. In the Avaya Communication Manager Maintenance web pages, enter the Setup log viewing screen. 2. In the Select Log Types list, check Linux syslog. 3. Under Select Event Range, select the date range over which you want to view traps. - Page 264 An arbitrary index number for the session in the avRtpSessionDebugStr.0 = session table. STRING: Id{35} The total number of sent traps since the application Traps{24 was enabled. 1 of 3 264 Administration for the Avaya G250 and Avaya G350 Media Gateways...
- Page 265 Configuring and analyzing RTP statistics Table 14: Trap output fields (continued) Label Description From the trap example The number of traps that were dropped by the trap Traps{24/0 rate limiter since the application was enabled. This item can be used, when analyzing received traps logs, to identify missing traps (due to network conditions or the rate limiter).
-
Page 266: Analyzing Qos Fault And Clear Trap Output
Oct 20 11:13:40 LZ-SIT-SR1 snmptrapd[9407]: 135.8.118.252 [135.8.118.252]: TrapsysUpTime.0 = Timeticks: (43147723) 4 days, 23:51:17.23 , snmpTrapOID.0 = OID: avRtpQoSClear , avRtpQoSFaultTh.0 = INTEGER: 1 , avRtpQoSClearTh.0 = INTEGER: 0 266 Administration for the Avaya G250 and Avaya G350 Media Gateways... -
Page 267: Rtp Statistics Examples
Configuring and analyzing RTP statistics Table 15 describes the fields in the QoS fault and clear traps according to the numbered labels on the example above. Table 15: QoS fault and clear trap output fields Label Description From the QoS fault trap From the QoS clear trap example example... -
Page 268: Configuring The Rtp Statistics Application For A Sample Network
//to enable the RTP statistics application: G350-001(super)# rtp-stat-service //to view the configuration of the application: G350-001(super)# show rtp-stat config RTP Statistic: Enabled QoS Trap: Disabled QoS Fault Trap: Disabled Fault: 0 Clear: 0 268 Administration for the Avaya G250 and Avaya G350 Media Gateways... - Page 269 Configuring and analyzing RTP statistics QoS Trap Rate Limiter: Token Interval: 10.00 seconds Bucket Size: 5 Session Table: Size: 128 Reserved: 64 Min Stat Win: 1 //to view the thresholds: G350-001(super)# show rtp-stat thresholds Item Threshold Event Threshold -------------------- ------------- ----------------- Codec Loss 0.0%...
- Page 270 UDP port: 162 //to enable the sending of QoS traps: G350-001(super)# rtp-stat qos-trap //to enable and configure the sending of fault and clear traps: G350-001(super)# rtp-stat fault 2 0 270 Administration for the Avaya G250 and Avaya G350 Media Gateways...
-
Page 271: A Call Over The Wan From An Analog Phone To An Ip Phone
Configuring and analyzing RTP statistics //to view RTP statistics configuration again: G350-001(super)# show rtp-stat config RTP Statistic: Enabled QoS Trap: Enabled QoS Fault Trap: Enabled Fault: 2 Clear: 0 QoS Trap Rate Limiter: Token Interval: 10.00 seconds Bucket Size: 5 Session Table: Size: 128 Reserved: 64... - Page 272 VLAN 1, DSCP 46, L2Pri 6, RTCP 17 Remote-Statistics: Loss 11.6% #14 , Avg-Loss 8.9%, Jitter 33mS #0, Avg-Jitter 26mS Echo-Cancellation: Loss 49dB #0, Len 32mS RSVP: Status Disabled, Failures 0 272 Administration for the Avaya G250 and Avaya G350 Media Gateways...
-
Page 273: A Local Call Between An Ip And An Analog Phone
Configuring and analyzing RTP statistics A few points to note: The asterisk in the show rtp sessions output indicates that session 1 has QoS faults ● [1]. The QoS is described as Faulted because there were QoS faults [2]. ● QoS faults that can be seen in the output are: ●... - Page 274 All average metric values are below the average thresholds [4] [5] [6] [8] [10] [12] [14] [16]. ● All event counters are zero [3] [5] [7] [9] [11] [13] [15] [17]. ● 274 Administration for the Avaya G250 and Avaya G350 Media Gateways...
-
Page 275: A Remote Call Over The Wan From An Ip Phone To An Ip Phone
2004-12-07,01:02:50 01:05:15 G711U 30.30.30.2 Sessions 13 and 14 both belong to the call, since two VoIP channels are used by an unshuffled call between two IP phones: one channel between each telephone and the G250/G350 VoIP engine. Issue 1.1 June 2005... - Page 276 VLAN 1, DSCP 46, L2Pri 6, RTCP 27 Remote-Statistics: Loss 0.4% #17 , Avg-Loss 6.5%, Jitter 3mS #0, Avg-Jitter 22mS Echo-Cancellation: Loss 49dB #0, Len 32mS RSVP: Status Disabled, Failures 0 276 Administration for the Avaya G250 and Avaya G350 Media Gateways...
- Page 277 Configuring and analyzing RTP statistics Session 14 is free of QoS problems: //to display details of session 14: G350-001(super)# show rtp-stat detailed 14 Session-ID: 14 Status: Terminated, QOS: Ok, EngineId: 0 Start-Time: 2004-12-07,01:02:50, End-Time: 2004-12-07,01:05:15 Duration: 00:02:25 CName: gwp@30.30.30.1 Phone: 202:2002 Local-Address: 30.30.30.1:2165 SSRC 247950253 Remote-Address: 30.30.30.2:2165 SSRC 120077 (0) Samples: 29 (5 sec)
-
Page 278: A Conference Call
//to display the RTP sessions: G350-008(super)# show rtp sessions QoS Start date and time End Time Type Destination ----- --- ------------------- -------- --------------- --------------- 00001 2004-12-23,09:55:17 G729 16.16.16.101 00002 2004-12-23,09:55:20 G711U 149.49.41.50 278 Administration for the Avaya G250 and Avaya G350 Media Gateways... - Page 279 Configuring and analyzing RTP statistics //to display details of session 1: G350-008(super)# show rtp detailed 1 Session-ID: 1 Status: Active, QOS: Ok, EngineId: 0 Start-Time: 2004-12-23,09:55:17, End-Time: - Duration: 00:00:48 CName: gwp@33.33.33.33 Phone: 140 :80900:1003 Local-Address: 33.33.33.33:61999 SSRC 3585271811 Remote-Address: 16.16.16.101:61999 SSRC 1369159108 (0) Samples: 9 (5 sec) Codec: G729 40B 0mS Off, Silence-suppression(Tx/Rx) No-RTP/No-RTP, Play-Time 4.760sec,...
-
Page 280: Rtp Statistics Cli Commands
QoS trap upon the termination of an RTP stream in which one or more QoS event counters exceeded their configured threshold Sets thresholds for the RTP statistics applications rtp-stat threshold 1 of 2 280 Administration for the Avaya G250 and Avaya G350 Media Gateways... -
Page 281: Configuring And Analyzing Packet Sniffing
The G250/G350 packet sniffing service allows you to analyze packets that pass through the G250/G350’s interfaces. Packets are captured to a buffer based on criteria that you specify. The buffer is then uploaded via FTP to a file that can be analyzed using the Ethereal analysis tool. -
Page 282: What Can Be Captured
PPP. Non-Ethernet packets are wrapped in a dummy Ethernet header to allow them to be viewed in a libpcap format. Thus, the G250/G350 allows you to analyze packets on all the interfaces of the device. -
Page 283: Configuring Packet Sniffing
Enabling packet sniffing Since the packet sniffing service presents a potential security breach, the administrator must first enable the service on the G250/G350 before a user can start capturing packets. Use the capture-service command to enable the packet sniffing service. -
Page 284: Creating A Capture List
A capture list contains an ordered list of rules and actions. A rule specifies criteria against which packets are tested. The action tells the G250/G350 whether to capture or not capture packets matching the rule criteria. Only packets that match the specified criteria and have an action of capture are captured to the capture file. - Page 285 Configuring and analyzing packet sniffing For example, the following commands create a rule (rule 10 in capture list 510) that provides that TCP packets are not captured: G350-001(super)# ip capture-list 510 G350-001(super-Capture 510)# ip-rule 10 G350-001(super-Capture 510/ip rule 10)# composite-operation no-capture Done! G350-001(super-Capture 510/ip rule 10)# ip-protocol tcp Done!
- Page 286 Use the source-ip command to apply the rule to packets from the specified IP address or range of addresses. Use the destination-ip command to apply the rule to packets going to the specified IP address or range of addresses. 286 Administration for the Avaya G250 and Avaya G350 Media Gateways...
- Page 287 Configuring and analyzing packet sniffing The IP range criteria can be any of the following: Range. Type two IP addresses to set a range of IP addresses to which the rule applies. ● You can use wildcards in setting the range. For example: G350-001(super-Capture 520/ip rule 20)# source-ip 135.64.102.0 0.0.255.255 Done! G350-001(super-Capture 520/ip rule 20)#...
- Page 288 To apply the rule to all protocols except the specified protocol, use the not form of the applicable command. For example: G350-001(super-Capture 520/ip rule 20)# not udp source-port lt 10 Done! G350-001(super-Capture 520/ip rule 20)# 288 Administration for the Avaya G250 and Avaya G350 Media Gateways...
- Page 289 Configuring and analyzing packet sniffing ICMP type and code To apply the rule to a specific type of ICMP packet, use the icmp command. This command specifies an ICMP type and code to which the rule applies. You can specify the ICMP type and code by integer or text string.
- Page 290 G350-001(super-Capture 511/ip rule 30)# destination-ip host 135.122.50.171 Done! G350-001(super-Capture 511/ip rule 30)# exit G350-001(super-Capture 511)# ip-rule default G350-001(super-Capture 511/ip rule default)# composite-operation no-capture Done! G350-001(super-Capture 511/ip rule default)# exit G350-001(super-Capture 511)# exit G350-001(super)# 290 Administration for the Avaya G250 and Avaya G350 Media Gateways...
-
Page 291: Viewing The Capture List
Applying a capture list To apply a capture list, use the capture filter-group command from the general context. For example, to set the G250/G350 to use capture list 511 on interfaces in which packet sniffing is enabled, specify the following command:... -
Page 292: Configuring Packet Sniffing Settings
This command will clear the capture buffer - do you want to continue (Y/N)? y Done! G350-001(super)# Note: When you change the maximum frame size, the G250/G350 clears the capture Note: buffer. 292 Administration for the Avaya G250 and Avaya G350 Media Gateways... -
Page 293: Starting The Packet Sniffing Service
Configuring and analyzing packet sniffing Use the clear capture-buffer command to clear the capture buffer. For example: ● G350-001(super)# clear capture-buffer Done! G350-001(super)# Tip: To reduce the size of the capture file, use any combination of the following Tip: methods: - Use the capture interface command to capture only from a specific interface. -
Page 294: Analyzing Captured Packets
Size of capture file: 266 KB (26.6 %) Note: The number of captured frames can be larger than the number of the frames in Note: the buffer because the capture file may be in cyclic mode. 294 Administration for the Avaya G250 and Avaya G350 Media Gateways... -
Page 295: Uploading The Capture File
Configuring and analyzing packet sniffing You can use the show capture-buffer hex command to view a hex dump of the captured packets. However, for a proper analysis of the captured packets you should upload the capture file and analyze it using a sniffer application, as described in the following sections. Following is an example of show capture-buffer hex usage: G350-001>... - Page 296 Maintenance Web Interface, see Installation and Upgrades for the Avaya G250 Media Gateway, 03-300434 or Installation and Upgrades for the Avaya G350 Media Gateway, 03-300394. 3. In the Avaya Maintenance Web Interface, select FTP under Security in the main menu. 4. Click Start Server. 5. Log into the G250/G350.
-
Page 297: Analyzing The Capture File
Configuring and analyzing packet sniffing 9. Optionally use the show upload status 10 command to view upload status. For example: G350-001(super)# show upload status 10 Module #10 =========== Module : 10 Source file : sniffer Destination file : pub/capfile.cap Host : 149.49.43.96 Running state : Executing... - Page 298 Figure 33: Sample Ethereal screen Identifying the interface The G250/G350’s packet sniffing service can capture also non-Ethernet packets, such as frame-relay and PPP, into the capture file. This is achieved by wrapping non-Ethernet packets in a dummy Ethernet header to allow the packets to be stored in a libpcap format. This allows you to analyze packets on all the device interfaces.
-
Page 299: Simulating Packets
Configuring and analyzing packet sniffing Note: Ethernet packets received on a VLAN interface are identified by their VLAN tag. Note: However, decrypted IPSec packets received on a VLAN interface are stored with a dummy header. G350-001> show capture-dummy-headers Description ----------------- ---------------------------------------------------- 00:00:01:00:00:00 Src/dst address of Packet to/from frame-relay or PPP... -
Page 300: General Context
<frame-number> Enter the capture list configuration ip capture-list context capture-list-id Delete a capture list no ip capture-list capture-list-id Show capture list(s) Show ip capture-list [capture-list-id|all [detailed]] 1 of 2 300 Administration for the Avaya G250 and Avaya G350 Media Gateways... -
Page 301: Ip Capture-List Context
Configuring and analyzing packet sniffing Table 17: Packet sniffing CLI commands in general context (continued) Command Description User Level Upload the capture file to an FTP, copy capture-file TFTP, or SCP server ftp|tftp|scp filename ip Specify a capture interface (by Capture interface default the service captures from all {if-type... -
Page 302: Ip-Rule Context
Define an equation on the destination-ip {host destination IP ip-address | any | ip-address wildcard} not destination-ip {host ip-address}|{ip-address wildcard} 1 of 2 302 Administration for the Avaya G250 and Avaya G350 Media Gateways... -
Page 303: Ip-Rule Default Context
Configuring and analyzing packet sniffing Table 19: Packet sniffing CLI commands in ip-rule context (continued) Command Description User Level Set 'ip-protocol' to UDP and an udp source-port any equation on the source port |{eq|lt|gt (eq=Equal, lt=Lesser, port-name|port-number|{range gt=Greater). The 'not' operator start-port end-port}} only affects the port section. -
Page 304: Reporting On Interface Status
Shutdown FastEthernet 10/2 is Down Down AdminDown administratively down, line protocol is down For detailed specifications of CLI commands, refer to Avaya G250 and Avaya G350 CLI Reference, 03-300437. 304 Administration for the Avaya G250 and Avaya G350 Media Gateways... -
Page 305: Configuring And Monitoring Cna Test Plugs
Configuring and monitoring CNA test plugs Configuring and monitoring CNA test plugs This section describes how to configure and monitor the activity of the CNA test plug service available in G250/G350 Media Gateways and includes the following topics: CNA test plug overview ●... -
Page 306: Configuring The G250/G350 Test Plug For Registration
Configuring the G250/G350 test plug for registration From the G250/G350 CLI, you can configure the G250/G350 test plug to register with a CNA scheduler. 306 Administration for the Avaya G250 and Avaya G350 Media Gateways... -
Page 307: Cna Test Plug Configuration Example
Configuring and monitoring CNA test plugs To configure the test plug to register: 1. Use the cna-testplug command to enter the test plug context. For example: G350-003# cna-testplug 1 G350-003(cna-testplug 1)# 2. Use the scheduler command to configure one or more CNA scheduler IP addresses. You can configure up to five scheduler addresses. - Page 308 ---------- ------ ------ --------- traceroute ping tcpconnect merge //to reenter the test plug context: G350-001(super)# cna testplug 1 //to delete scheduler 1: G350-001(super-cna testplug 1)# no scheduler 1 Done! 308 Administration for the Avaya G250 and Avaya G350 Media Gateways...
- Page 309 Configuring and monitoring CNA test plugs //to exit the test plug context: G350-001(super-cna testplug 1)# exit //to show that scheduler 1 is no longer configured: G350-001(super)# show cna testplug CNA testplug 1 is administratively down, test-plug status is unregistered Address 149.49.75.178, bind to PMI, ID 00:04:0d:6d:30:48 Scheduler list: 3: 135.64.102.76:50002 Ports: Control 8889,...
- Page 310 Configuring monitoring applications 310 Administration for the Avaya G250 and Avaya G350 Media Gateways...
-
Page 311: Chapter 17: Configuring The Router
Chapter 17: Configuring the router This chapter provides information about configuring the G250/G350 router and contains the following sections: Overview of the G250 and G350 router — a list of features supported on the G250/G350 ● router, along with instructions for enabling and disabling the router Configuring interfaces —... -
Page 312: Overview Of The G250 And G350 Router
Configuring the router Overview of the G250 and G350 router The Avaya G250 and G350 Media Gateways each have an internal router. You can configure the following routing features on the router: Interfaces ● Unnumbered IP interfaces ● Routing table ●... -
Page 313: Router Interface Concepts
VLAN (Vlan 1). When you configure the G250 or G350 without an external VPN or firewall, Vlan 1 is used to connect the internal G250/G350 router to the internal G250/G350 switch. If an external firewall or VPN is connected to the Fast Ethernet port, it is important to disable Vlan 1 to prevent a direct flow of packets from the WAN to the LAN. -
Page 314: Layer 2 Logical Interfaces
VLAN (on the Switching Interface) — The G250/G350 switch can have multiple VLANs ● defined within its switching fabric. Both the G250 and the G350 router support up to eight VLANs that can be configured over their internal switching interface connections. -
Page 315: Configuring Unnumbered Ip Interfaces
Configuring unnumbered IP interfaces Use the following commands to create VLAN 2 on the Switching Interface and configure it with IP address 10.30.50.70 and subnet mask 255.255.0.0: G350-001# interface Vlan 2 G350-001(if:Vlan 2)# ip address 10.30.50.70 255.255.0.0 Done! Configuring unnumbered IP interfaces This section describes how to configured an unnumbered IP interface, and includes the following sections: Unnumbered IP overview... -
Page 316: Unnumbered Ip Examples
//to configure IP unnumbered on the Dialer interface, borrowing the IP address from vlan interface 1, configured above: G250-001(super-if:Dialer 1)# ip unnumbered 1 Vlan 1 G250-001(super-if:Dialer 1)# exit G250-001(super)# ! 316 Administration for the Avaya G250 and Avaya G350 Media Gateways... -
Page 317: Configuring The Routing Table
Configuring the routing table The following sample routing table shows how routes discovered on unnumbered interfaces by routing protocols are listed as via routes in the Next-Hop column: Network Mask Interface Next-Hop Cost Source ----------- ----- ------------- --------------- -------- ----- --------- 0.0.0.0 FastEth10/2... -
Page 318: Overview Of The Routing Table
Next-hop IP address — specifies the IP address of a router as a next-hop. The next-hop ● router must belong to one of the directly attached networks for which the Avaya G250/ G350 Media Gateway has an IP interface. Two kinds of static routes can be configured: High Preference static routes —... -
Page 319: Via-Interface Static Route
Metrics are used to choose between routes of the same protocol. Preferences Note: are used to choose between routes of different protocols. The Avaya G250/G350 Media Gateway supports the following Static Route configurations: Via-interface static route ● Permanent static route ●... -
Page 320: Permanent Static Route
95. Permanent static route The Avaya G250/G350 Media Gateway enables you to configure a static route as a permanent route. Configuring this option prevents the static route from becoming inactive when the underlying Layer 2 interface is down. This prevents routing table updates from being sent each time an interface goes up or down when there is a fluctuating Layer 2 interface on the static route. -
Page 321: Configuring Gre Tunneling
Use the traceroute command, followed by an IP address, to trace the route an IP ● packet would follow to the specified IP address. The G250/G350 traces the route by launching UDP probe packets with a small time to live (TTL), then listening for an ICMP time exceeded reply from a gateway. -
Page 322: Routing Packets To A Gre Tunnel
The packet is routed to the tunnel interface dynamically by a routing protocol (RIP or ● OSPF). The packet is routed to the tunnel interface via policy-based routing. See Configuring ● policy-based routing on page 465. 322 Administration for the Avaya G250 and Avaya G350 Media Gateways... -
Page 323: Preventing Nested Tunneling In Gre Tunnels
In addition to checking for nested tunneling, the G250/G350 prevents loops in connection with GRE tunnels by preventing the same packet from being encapsulated more than once in the G250/G350. - Page 324 G350-001(super)# ip distribution access-default-action 1 default-action-permit Done! G350-001(super)# ip distribution access-list 1 10 "deny" 192.68.1.0 0.0.0.255 Done! G350-001(super)# router rip G350-001(super router:rip)# distribution-list 1 out FastEthernet 10/2 Done! G350-001(super router:rip)# exit G350-001(super)# 324 Administration for the Avaya G250 and Avaya G350 Media Gateways...
-
Page 325: Optional Gre Tunnel Features
Configuring GRE tunneling Accept policy. ● Configure a policy rule on the source tunnel endpoint (router 1) that will cause the source endpoint to not accept routing updates that include the source network (192.68.1.0). This solution is for nested tunneling caused by RIP. For example, using the network shown in Figure 34 as an illustration, you would configure the following policy rule on router 1 and activate it on the router RIP with the matching interface:... -
Page 326: Dynamic Mtu Discovery
The tunnel path-mtu-discovery command includes the following parameters: age-timer — how long, until the local tunnel endpoint returns the tunnel MTU to its ● default. The default value of this parameter is 10 minutes. 326 Administration for the Avaya G250 and Avaya G350 Media Gateways... -
Page 327: Setting Up A Gre Tunnel
The Avaya G250/G350 Media Gateway does not check whether the configured Note: tunnel source IP address is an existing IP address registered with the G250/ G350 router. 4. In most cases, it is recommended to configure keepalive in the tunnel so that the tunnel’s source interface can determine and inform the host if the tunnel is down. -
Page 328: Additional Gre Tunnel Parameters
Additional GRE tunnel parameters Use the following commands to configure additional GRE tunnel parameters. For more information about these commands, see Avaya G250 and Avaya G350 CLI Reference, 03-300437. Use the tunnel checksum command in the context of the GRE tunnel interface to add a ●... -
Page 329: Gre Tunnel Application Example
Configuring GRE tunneling Use the tunnel TTL command in the context of the GRE tunnel interface to assign a TTL ● value to packets traveling through the tunnel. The TTL value is placed in the packet’s Carrier IP header. You can assign a TTL value between 1 and 255. The default tunnel TTL value is 255. -
Page 330: Configuring The Router
G350-001(super-if:Tunnel 1)# ip address 1.1.1.2 255.255.255.0 G350-001(super-if:Tunnel 1)# exit G350-001(super)# ip route 11.0.0.0 255.255.255.0 12.0.0.1 1 high G350-001(super)# router ospf G350-001(super router:ospf)# network 1.1.1.0 0.0.0.255 area 0.0.0.0 Done! G350-001(super router:ospf)# exit G350-001(super)# 330 Administration for the Avaya G250 and Avaya G350 Media Gateways... -
Page 331: Configuring Dhcp And Bootp Relay
DHCP and BOOTP packets. The router also relays replies from the server back to the client. The G250/G350 can alternatively function as a DHCP server, providing DHCP service to local devices. For information about configuring DHCP server on the G250/G350, see... -
Page 332: Dhcp/Bootp Relay
Note: protocols. When there is more than one IP interface on a VLAN, the G250/G350 chooses the lowest IP address on this VLAN when relaying DHCP/BOOTP requests. The DHCP/BOOTP server then uses this address to decide the network from which to allocate the address. When there are multiple networks configured, the G250/G350 performs a round-robin selection process. -
Page 333: Configuring Dhcp Server
Syslog/traps for special events ● The Avaya G250/G350 Media Gateway can function as a DHCP server or as a DHCP relay or both simultaneously, with each interface configured in either DHCP server mode or DHCP relay mode. For example, you can configure the G250/G350 to provide DHCP service to voice devices while DHCP requests by data devices are routed to a central remote DHCP server using DHCP relay. -
Page 334: Typical Dhcp Server Application
Create a minimum of two dynamic pools: at least one pool for data devices (PCs) and at least one pool for voice devices (IP phones). The G250/G350 also supports reservation pools, which map hardware addresses/client identifiers to specific IP addresses. -
Page 335: Dhcp Server Cli Configuration
Configuring DHCP server DHCP server CLI configuration To configure DHCP server on the G250/G350: 1. Use the ip dhcp pool command, followed by a number from 1 to 32, to create a DHCP pool. 2. Use the name command to configure the pool’s name. -
Page 336: Configuring Options
IP addresses. Configuring Options DHCP options are various types of network configuration information that the DHCP client can receive from the DHCP server. The G250/G350 supports all DHCP options. The most common options used for IP phones are listed in Table 22. -
Page 337: Configuring Vendor-Specific Options
Done! G350-001(super-DHCP 1)# subnet-mask 255.255.255.0 Done! G350-001(super-DHCP 1)# default-router 135.64.20.1 Done! G350-001(super-DHCP 1)# option 176 G350-001(super-DHCP 1/option 176)# name "Avaya IP phone option" Done! G350-001(super-DHCP 1/option 176)# value ascii "MCIPADD=10.10.2.140, MCPORT=1719, TFTPSRVR=10.10.5.188" Done! 350-001(super-DHCP 1/option 176)# exit G350-001(super-DHCP 1)# exit... - Page 338 The following example configures a vendor-specific option for DHCP pool 5: G350-001(super-DHCP 5)# vendor-specific-option 1 G350-001(super-DHCP 5/vendor specific 1)# class-identifier "ccp.avaya.com" Done! G350-001(super-DHCP 5/vendor specific 1)# value raw ascii "gfdgfd" Done! G350-001(super-DHCP 5/vendor specific 1)# exit G350-001(super-DHCP 5)# 338 Administration for the Avaya G250 and Avaya G350 Media Gateways...
-
Page 339: Configuring Broadcast Relay
Configuring broadcast relay The following example defines a reservation pool for data devices: G350-001(super)# ip dhcp pool 3 G350-001(super-DHCP 3)# name "Data 1 Server" Done! G350-001(super-DHCP 3)# start-ip-addr 135.64.20.61 Done! G350-001(super-DHCP 3)# end-ip-addr 135.64.20.61 Done! G350-001(super-DHCP 3)# subnet-mask 27 Done! G350-001(super-DHCP 3)# client-identifier 01:11:22:33:44:55:66 Done! G350-001(super-DHCP 3)# default-router 135.64.20.33... -
Page 340: Directed Broadcast Forwarding
Network Basic Input Output System (NetBIOS) is a protocol for sharing resources among desktop computers on a LAN. You can configure the Avaya G250/G350 Media Gateway to relay NetBIOS UDP broadcast packets. This feature is used for applications such as WINS that use broadcast but might need to communicate with stations on other subnetworks or VLANs. -
Page 341: Configuring The Arp Table
Configuring the ARP table Configuring the ARP table When you configure the ARP table, you can: View information about the ARP table ● Add entries to the ARP table ● Delete entries from the ARP table ● Configure the ARP timeout ●... - Page 342 You can remove static and dynamic entries from the ARP table. Use the no arp command. For example, to remove the ARP table entry for the station 192.168.13.76: G350-001# no arp 192.168.13.76 342 Administration for the Avaya G250 and Avaya G350 Media Gateways...
-
Page 343: Arp Table Commands
MAC address. Enabling proxy ARP The G250/G350 supports proxy ARP. Proxy ARP is a technique by which a router provides a false identity when answering ARP requests intended for another device. By falsifying its identify, the router accepts responsibility for routing packets to their true destination. -
Page 344: Configuring Icmp Errors
— instructions on how to configure RIP distribution access ● lists RIP limitations — a description of the limitations on the use of RIP on the G250/G350 ● RIP commands — a list and description of CLI commands used to configure RIP ●... -
Page 345: Ripv1
Configuring RIP The very simplicity of RIP has a disadvantage however. This protocol does not take into account network bandwidth, physical cost, and data priority. The Avaya G250/G350 Media Gateway supports two versions of RIP: RIPv1 ● RIPv2 ● RIPv1 RIPv1 is the original version of the RIP protocol. -
Page 346: Rip Distribution Access Lists
You can assign the rules per interface and per direction. Up to 99 RIP distribution access lists can be configured on the Avaya G250/G350 Media Gateway. For example: To configure RIP distribution access list number 10 permitting distribution and learning of network 10.10.0.0:... -
Page 347: Rip Limitations
That is, RIPv1 and RIPv2 routers should not be configured on the same subnetwork. However, you can configure different IP interfaces of the G250/G350 with different RIP versions. This configuration is valid as long as all routers on the subnet are configured with the same version. -
Page 348: Configuring Ospf
● manually configure the cost of an OSPF interface OSPF limitations — a description of the limitations on the use of OSPF on the G250/G350 ● OSPF commands — a list and descriptions of CLI commands used to configure OSPF on ●... -
Page 349: Ospf Dynamic Cost
The G250/G350 can be installed in the OSPF backbone area (area 0.0.0.0) or in any OSPF area that is part of a multiple areas network. However, the G250/G350 cannot be configured to be an OSPF area border router itself. -
Page 350: Ospf Commands
Use the router ospf command to enable OSPF protocol on the system and to enter the ● router configuration context. Use the no form of this command to restore the default value, disable OSPF globally. 350 Administration for the Avaya G250 and Avaya G350 Media Gateways... -
Page 351: Route Redistribution
Static routes are, by default, redistributed to RIP and OSPF. The G250/G350 allows the user to globally disable redistribution of static routes to RIP, and separately to globally disable redistribution of static routes to OSPF. In addition you can configure, on a per static route basis, whether the route is to be redistributed to RIP and OSPF, and what metric to use (in the range of 1-15). -
Page 352: Export Default Metric
OSPF. Export default metric The Avaya G250/G350 Media Gateway enables you to configure the metric to be used in updates that are redistributed from one routing protocol to another. In RIP, the default is 1 and the maximum value is 16. In OSPF, the default is 20. -
Page 353: Vrrp Configuration Example
There is one main router on IP subnet 20.20.20.0, such as a G350, P333R, C460, or any router that supports VRRP, and a backup router. You can configure more backup routers. The G250/G350 itself must have an interface on the IP subnetwork, for example, ●... -
Page 354: Vrrp Commands
Use the ip vrrp timer command to set the virtual router advertisement timer value for ● the virtual router ID. Use the no form of this command to restore the default value. 354 Administration for the Avaya G250 and Avaya G350 Media Gateways... -
Page 355: Configuring Fragmentation
Use the show ip vrrp command to display VRRP information. ● Configuring fragmentation This section provides information about configuring fragmentation on the G250/G350 router and contains the following topics: Overview of fragmentation — an overview of fragmentation and reassembly on the G250/ ●... -
Page 356: Reassembly Parameters
Fragmentation commands Use the following commands to configure fragmentation and reassembly. For more information about these commands, see Avaya G250 and Avaya G350 CLI Reference, 03-300437. Use the clear fragment command to clear the fragment database and restore its ●... -
Page 357: Chapter 18: Configuring Ipsec Vpn
IPSec SAs secure the actual traffic between the protected networks behind the peers, while the IKE SA only secures the key exchanges that generate the IPSec SAs between the peers. The G250/G350 IPSec VPN feature is designed to support site-to-site topologies, in which the two peers are gateways. -
Page 358: G250/G350 R2.2 Vpn Capabilities
Dynamic local peer IP address support through IKE aggressive mode and self-identity ● FQDN Note: The G250/G350 can acquire a dynamic IP address through PPPoE or DHCP Note: Enhanced remote peer failover support- ● Specifying a hostname rather then IP address for the remote peer, thus allowing for a ●... -
Page 359: What's New In G250/G350 R3.0 Vpn
IKE connection. Your DNS server should be able to provide an IP address of a living host. The G250/G350 will perform a new DNS query and try to re-establish the VPN connection to the newly provided IP address whenever it senses that the currently active remote peer stopped responding. - Page 360 When the G250/G350 senses that the currently active peer is not responding, the next peer in the list becomes the active peer and the G250/G350 will try to re-establish the VPN connection with that peer. The G250/G350 can sense that a peer is dead when IKE negotiation times-out, through DPD keepalives, and through object tracking.
-
Page 361: Overview Of Ipsec Vpn Configuration
● encryption. The supported compression is the industry standard LZS compression. IPSEC VPN Transport mode, in which the G250/G350 does not add an additional IP ● header (i.e., a tunnel header), but rather uses the original packet’s header. It is applicable only when the VPN tunnel endpoints are equivalent to the original packet’s source and... -
Page 362: Overview Of Ipsec Vpn Components
Each rule in the crypto-list points to a crypto-map. A crypto-map points to a transform-set, and to a peer or peer-group. The peer or peer-group, in turn, point to an ISAKMP policy. The following diagram illustrates the relationships among the various IPSec VPN components: 362 Administration for the Avaya G250 and Avaya G350 Media Gateways... - Page 363 Introduction to IPSec VPN Figure 39: IPSec VPN Components interface crypto list Rule 1 Rule 2 Rule 3 crypto map 1 crypto map N isakmp peer- group 1 Rule 4 isakmp peer- group N isakmp peer-groups pool crypto map 2 Rule N crypto maps pool isakmp peer 1...
-
Page 364: Summary Of Configuration Steps
● pre-shared-key ● initiate mode aggressive ● self-identity ● keepalive ● keepalive-track ● continuous-channel ● (Optional) ISAKMP peer group – crypto isakmp peer-group ● description ● set peer ● 364 Administration for the Avaya G250 and Avaya G350 Media Gateways... - Page 365 Introduction to IPSec VPN Crypto map – crypto map ● description ● set transform-set ● set peer OR set peer-group ● set dscp ● continuous-channel ● IP crypto-list – ip crypto-list ● local-address ● ip-rule ● description ● source-ip ● destination-ip ●...
-
Page 366: Configuring A Site-To-Site Ipsec Vpn
To enable IPSec VPN you must obtain and install a VPN license. For information on obtaining a VPN license, see Installation and Upgrades for the Avaya G250 Media Gateway, 03-300434 or Installation and Upgrades for the Avaya G350 Media Gateway, 03-300394. -
Page 367: Configuring Ipsec Vpn
Configuring a site-to-site IPSec VPN Configuring IPSec VPN Prerequisites As a prerequisite to configuring IPSec VPN, a valid VPN license must be installed on the G250/ G350. For details, see Installing the VPN license file on page 366. IPSec VPN configuration overview To configure a site-to-site IPSec VPN, two devices (the G250/G350 and a peer Gateway) must be configured symmetrically. -
Page 368: Coordinating With The Vpn Peer
If you will be defining a peer-group which maintains a list of redundant peers, Note: each of the peers in the group must be configured to match the G250/G350. The basic parameters include: The IKE phase 1 parameters (as defined in the ISAKMP policy, see Configuring ISAKMP ●... -
Page 369: Configuring Transform-Sets
Configuring a site-to-site IPSec VPN To configure an ISAKMP policy: 1. Use the crypto isakmp policy command, followed by an index number between 1 and 20, to enter the context of an ISAKMP policy list (and to create the list if it does not exist). G350-001# crypto isakmp policy 1 G350-001(config-isakmp:1)# 2. - Page 370 This is generally the case when using GRE over IPSec. Note that transport mode cannot be used unless the remote VPN peer supports that mode and was configured to use it. 370 Administration for the Avaya G250 and Avaya G350 Media Gateways...
-
Page 371: Configuring Isakmp Peer Information
Note: If you wish to specify the ISAKMP peer by its FQDN name, you must configure Note: the G250/G350 as a DNS client (see DNS Resolver on page 65), and make sure that the peer’s name is listed in a DNS server. - Page 372 GNpi1odGNBrB5z4GJL G350-001(config-peer:149.49.70.1)# pre-shared-key Done! Alternatively, you can obtain a cryptographic-grade random key from the G250/G350 using the suggest-key command, and then enter it using the pre-shared-key command. The suggested key-length can vary from 8-127 alphanumeric characters, or from 8-64 bytes represented in hexadecimal notation.
- Page 373 Using dynamic local peer IP on page 392. G350-001(config-peer:149.49.70.1)# initiate mode aggressive Done! 6. Specify the branch device (G250/G350) by its address or by the FQDN name that identifies the G250/G350 in the remote peer, using the self-identity command. G350-001(config-peer:149.49.70.1)# self-identity address Done! G350-001(config-peer:149.49.70.1)# self-identity fqdn vpn.avaya.com...
-
Page 374: Configuring An Isakmp Peer-Group
G350-001# crypto isakmp peer-group NY-VPN-group G350-001(config-peer-grp:NY-VPN-group)# 2. Use the description command to enter a description for the ISAKMP peer-group. G350-001(config-peer-grp:NY-VPN-group)# description “Avaya peer group” Done! 374 Administration for the Avaya G250 and Avaya G350 Media Gateways... -
Page 375: Configuring Crypto Maps
Configuring a site-to-site IPSec VPN 3. Add a peer to the list of peers in the group, using the set peer command. Specify the peer’s name or address. ● Optionally enter an index number, specifying the relative position of the peer within the ●... - Page 376 IPSec. For more explanations on continuous-channel Enabling continuous channel on page 395. G350-001(config-crypto:1)# continuous-channel Done! 7. Exit crypto map context using the exit command. G350-001(config-crypto:1)# exit G350-001# 376 Administration for the Avaya G250 and Avaya G350 Media Gateways...
-
Page 377: Configuring Crypto-Lists
A crypto-list is an ordered list of ip-rules that control which traffic requires IPSec protection and which does not, based on IP groups (source and destination IP addresses and wildcard). A crypto-list is activated on an interface. The G250/G350 can have multiple crypto-lists activated on different interfaces. - Page 378 G350-001(Crypto 901/ip rule 10)# destination-ip any Done! G350-001(Crypto 901/ip rule 10)# protect crypto map 1 Done! 6. Exit ip-rule context using the exit command. G350-001(Crypto 901/ip rule 10)# exit G350-001(Crypto 901)# 378 Administration for the Avaya G250 and Avaya G350 Media Gateways...
-
Page 379: Deactivating Crypto Lists To Modify Ipsec Vpn Parameters
Configuring a site-to-site IPSec VPN 7. Repeat steps 4, 5 and 6 for every ip-rule you wish to define in the crypto-list. 8. Exit ip-rule context using the exit command. G350-001(Crypto 901/ip rule default)# exit G350-001(Crypto 901)# 9. Exit crypto-list context using the exit command. G350-001(Crypto 901)# exit G350-001# Deactivating crypto lists to modify IPSec VPN parameters... -
Page 380: Configuring And Assigning An Access Control List
NAT device to work seamlessly with VPN. The standard UDP port used is port 4500; to find out the port number, use the show crypto ipsec sa command. 380 Administration for the Avaya G250 and Avaya G350 Media Gateways... -
Page 381: Assigning A Crypto-List To An Interface
NAT translation alive in the NAT device, and not let it age-out due to periods of inactivity. Set the NAT Traversal keepalive interval on the G250/G350 to be less than the NAT translation aging time on the NAT device. - Page 382 The crypto ipsec minimal pmtu command is intended for advanced users only. It ● sets the minimal PMTU value which can be applied to an SA when the G250/G350 participates in Path MTU Discovery (PMTUD) for the tunnel pertaining to that SA.
-
Page 383: Ipsec Vpn Maintenance
Displaying IPSec VPN configuration You can use the following show commands to display IPSec VPN configuration. For a full description of the commands and their output fields see Avaya G250 and Avaya G350 CLI Reference, 03-300437. Use the show crypto ipsec transform-set command to display configuration for a ●... -
Page 384: Ipsec Vpn Intervention
To enable and view IPSec VPN logging messages: 1. Use the set logging session enable command to enable session logging. G350-001# set logging session enable Done! CLI-Notification: write: set logging session enable 384 Administration for the Avaya G250 and Avaya G350 Media Gateways... - Page 385 IPSec VPN maintenance 2. Use the set logging session condition ISAKMP command to view all ISAKMP messages of Info level and above. G350-001# set logging session condition ISAKMP Info Done! CLI-Notification: write: set logging session condition ISAKMP Info 3. Use the set logging session condition IPSEC command to view all IPSec messages of Info level and above.
-
Page 386: Typical Installations
The Broadband Internet connection uses cable or DSL modem, with a static public IP ● address. There is a VPN tunnel from each Spoke to the VPN hub over the Internet. ● Only VPN traffic is allowed via the Internet connection. ● 386 Administration for the Avaya G250 and Avaya G350 Media Gateways... - Page 387 Typical installations Figure 40: Simple VPN topology: VPN hub and spokes Avaya GW Branch G350 DSL or Cable Office 1 modem Internet Access Router + termination DSL or Main Office Cable modem Avaya GW G350 Branch Office 2 Configuring the simple VPN topology This section describes how to configure the simple VPN topology, followed by a detailed configuration example.
- Page 388 The VPN policy portion for the branch is configured as a mirror image of the branch, as ● follows: Traffic from any to branch local subnets -> encrypt, using tunnel mode IPSec. The remote peer is the VPN Spoke (Branch Internet address). 388 Administration for the Avaya G250 and Avaya G350 Media Gateways...
- Page 389 Typical installations Configuration example crypto isakmp policy 1 encryption aes hash sha group 2 exit crypto isakmp peer address <Main Office Public Internet Static IP Address> pre-shared-key <secret key> isakmp-policy 1 exit crypto ipsec transform-set ts1 esp-3des esp-sha-hmac set pfs 2 exit crypto map 1 set peer <Main OfficeMain Office Public Internet Static IP...
- Page 390 11 source-ip any destination-ip any ip-protocol udp destination-port eq Ike-nat-t composite-operation permit exit ip-rule 12 source-ip any destination-ip any ip-protocol udp destination-port eq Ike-nat-t-vsu composite-operation permit exit 390 Administration for the Avaya G250 and Avaya G350 Media Gateways...
- Page 391 Typical installations ip-rule 20 source-ip any destination-ip any ip-protocol esp composite-operation Permit exit ip-rule 30 source-ip any destination-ip any ip-protocol icmp composite-operation Permit exit ip-rule 40 desintation-ip any source-ip host <Branch Subnet1> <Branch Subnet1 Mask> composite-operation Permit exit ip-rule 50 destination-ip any source-ip host <Branch Subnet2>...
-
Page 392: Using Dynamic Local Peer Ip
G250/G350 to learn the IP address dynamically using either PPPoE or DHCP Client. Note: When working with dynamic local peer IP, you must make sure that it is the G250/ Note: G350 that initiates the VPN connection. The VPN peer cannot initiate the connection since it does not know the G250/G350’s IP address. - Page 393 PPP over Ethernet (PPPoE) is a client-server protocol used for carrying Note: PPP-encapsulated data over Ethernet frames. You can configure PPPoE on the G250/G350’s ETH WAN Fast Ethernet port. For more information about PPPoE on the G250/G350, see Configuring PPPoE on page 139.
- Page 394 ! Activate the Ingress and Egress ACLs on the Fast Ethernet interface G350-001(config)# interface FastEthernet 10/2 G350-001(config-if:FastEthernet 10/2)# ip access-group 301 in Done! G350-001(config-if:FastEthernet 10/2)# ip access-group 302 out Done! 394 Administration for the Avaya G250 and Avaya G350 Media Gateways...
-
Page 395: Enabling Continuous Channel
However, there are advantages to keeping the connection continuously alive, such as eliminating the waiting time necessary to construct a new IPSec VPN connection. The G250/G350 IPSec VPN feature supports continuous channel, which maintains a continuous IPSec VPN connection. That means that when you activate the ip crypto-group command on the defined interface, the IPSec VPN tunnel is immediately started, even if no traffic is traversing the interface and the timeouts have expired. -
Page 396: Full Or Partial Mesh
DSL or DSL or Cable Avaya Gw Cable modem Avaya Gw modem G350 DSL or G350 Cable Branch Branch modem Avaya Gw Office 1 Office N G350 Branch Office 2 396 Administration for the Avaya G250 and Avaya G350 Media Gateways... - Page 397 Typical installations Configuring the mesh VPN topology This section describes how to configure the mesh VPN topology, followed by a detailed configuration example. To configure the mesh VPN topology: 1. Configure branch office 1 as follows: The default gateway is the Internet interface. ●...
- Page 398 6. All allowed services from any IP address to any local subnet -> Permit Note: Due to the definition of the VPN Policy, this will be allowed only if traffic comes Note: over ESP. 7. Default -> Deny 398 Administration for the Avaya G250 and Avaya G350 Media Gateways...
- Page 399 Typical installations Egress: 1. IKE from Branch IP to Main Office IP -> Permit 2. ESP from Branch IP to Main Office IP -> Permit 3. IKE from Branch IP to First Branch IP -> Permit 4. ESP from Branch IP to First Branch IP -> Permit 5.
- Page 400 <Second Branch Subnet1> <Second Branch Subnet1 Mask> protect crypto map 2 exit ip-rule 3 source-ip <Branch Subnet1> <Branch Subnet1 Mask> destination-ip <Second Branch Subnet2> <Second Branch Subnet2 Mask> protect crypto map 2 exit 400 Administration for the Avaya G250 and Avaya G350 Media Gateways...
- Page 401 Typical installations ip-rule 4 source-ip <Branch Subnet2> <Branch Subnet2 Mask> destination-ip <Second Branch Subnet2> <Second Branch Subnet2 Mask> protect crypto map 2 exit ip-rule 10 source-ip <Branch Subnet1> <Branch Subnet1 Mask> destination-ip protect crypto map 1 exit ip-rule 20 source-ip <Branch Subnet2> <Branch Subnet2 Mask> destination-ip protect crypto map 1 exit...
- Page 402 Ike-nat-t composite-operation permit exit ip-rule 12 source-ip any destination-ip any ip-protocol udp destination-port eq Ike-nat-t-vsu composite-operation permit exit ip-rule 20 source-ip any destination-ip any ip-protocol esp composite-operation Permit exit 402 Administration for the Avaya G250 and Avaya G350 Media Gateways...
- Page 403 Typical installations ip-rule 30 source-ip any destination-ip any ip-protocol icmp composite-operation Permit exit ip-rule 40 desintation-ip any source-ip host <Branch Subnet1> <Branch Subnet1 Mask> composite-operation Permit exit ip-rule 50 destination-ip any source-ip host <Branch Subnet2> <Branch Subnet2 Mask> composite-operation Permit exit ip-rule default composite-operation deny...
- Page 404 <First Branch Subnet1> <Second Branch Subnet1 Mask> protect crypto map 2 exit ip-rule 3 source-ip <Branch Subnet1> <Branch Subnet1 Mask> destination-ip <First Branch Subnet2> <Second Branch Subnet2 Mask> protect crypto map 2 exit 404 Administration for the Avaya G250 and Avaya G350 Media Gateways...
- Page 405 Typical installations ip-rule 4 source-ip <Branch Subnet2> <Branch Subnet2 Mask> destination-ip <First Branch Subnet2> <Second Branch Subnet2 Mask> protect crypto map 2 exit ip-rule 10 source-ip <Branch Subnet1> <Branch Subnet1 Mask> destination-ip protect crypto map 1 exit ip-rule 20 source-ip <Branch Subnet2> <Branch Subnet2 Mask> destination-ip protect crypto map 1 exit...
- Page 406 Ike-nat-t composite-operation permit exit ip-rule 12 source-ip any destination-ip any ip-protocol udp destination-port eq Ike-nat-t-vsu composite-operation permit exit ip-rule 20 source-ip any destination-ip any ip-protocol esp composite-operation Permit exit 406 Administration for the Avaya G250 and Avaya G350 Media Gateways...
- Page 407 Typical installations ip-rule 30 source-ip any destination-ip any ip-protocol icmp composite-operation Permit exit ip-rule 40 desintation-ip any source-ip host <Branch Subnet1> <Branch Subnet1 Mask> composite-operation Permit exit ip-rule 50 destination-ip any source-ip host <Branch Subnet2> <Branch Subnet2 Mask> composite-operation Permit exit ip-rule default composite-operation deny...
-
Page 408: Full Solution - Hub-And-Spoke With Vpn For Data And Voip Control Backup
Gateway VoIP bearer + primary control Avaya GW G350 Branch Office Main Office Access DSL or Data + VoIP Cable Router + control backup modem Data VLAN(s) termination Internet 408 Administration for the Avaya G250 and Avaya G350 Media Gateways... - Page 409 Typical installations Configuring hub-and-spoke with VPN for data and VoIP control backup This section describes how to configure hub-and-spoke with VPN for data and VoIP control backup, followed by a detailed configuration example. To configure hub-and-spoke with VPN for data and VoIP control backup: 1.
- Page 410 Destination IP = branch VoIP subnet(s) or GW address (PMI), DSCP = control -> ● Route: 1. WAN 2. DBR ACM is configured to route voice calls through PSTN when the main VoIP trunk is down. ● 410 Administration for the Avaya G250 and Avaya G350 Media Gateways...
- Page 411 Typical installations Configuration example crypto isakmp policy 1 encryption aes hash sha group 2 authentication pre-share exit crypto isakmp peer address <Main Office Internet public Static IP Address> pre-shared-key <key1> isakmp-policy 1 exit crypto ipsec transform-set ts1 esp-3des esp-sha-hmac exit crypto map 1 set peer <Main Office Internet public Static IP Address>...
- Page 412 <Branch voice Subnet> <Branch voice Subnet Mask> composite-operation Permit exit ip-rule default composite-operation deny exit exit ip access-control-list 302 ip-rule 10 source-ip any destination-ip any ip-protocol udp udp destination-port eq Ike composite-operation Permit exit 412 Administration for the Avaya G250 and Avaya G350 Media Gateways...
- Page 413 Typical installations ip-rule 11 source-ip any destination-ip any ip-protocol udp destination-port eq Ike-nat-t composite-operation permit exit ip-rule 12 source-ip any destination-ip any ip-protocol udp destination-port eq Ike-nat-t-vsu composite-operation permit exit ip-rule 20 source-ip any destination-ip any ip-protocol esp composite-operation Permit exit ip-rule 30 source-ip any...
- Page 414 ! The following command specifies the Voice bearer dscp 46 next-hop list 1 exit ip-rule 20 ! The following command specifies the Voice Control dscp 34 next-hop list 2 exit ip-rule default next-hop PBR exit exit 414 Administration for the Avaya G250 and Avaya G350 Media Gateways...
-
Page 415: Typical Failover Applications
IP address before establishing an IKE connection. Your DNS server should be able to provide an IP address of a living host. The G250/G350 will perform a new DNS query and try to re-establish the VPN connection to the newly provided IP address whenever it senses that the currently active remote peer stopped responding. -
Page 416: Failover Using Gre
When configuring a crypto map, point to the peer-group instead of to a single peer. Failover using GRE A branch with a G250/G350 can connect to two or more VPN hub sites, in a way that will provide either redundancy or load sharing. - Page 417 Typical installations Figure 43: Hub-and-spoke with hub redundancy/load sharing using GRE IPSec VPN link Access Router + Primary Main Office termination Ethernet Internet DSL or Avaya GW Cable G350 modem Branch Office Access Router + termination Backup Main Office Configuring VPN hub redundancy and load sharing topologies using GRE This section describes how to configure the VPN Hub Redundancy/Load sharing topologies, followed by a detailed configuration example.
- Page 418 ● modifications. The GRE tunnel interface is configured for the branch. ● Dynamic routing (OSPF or RIP) is configured to run over the GRE interface to the ● branch. 418 Administration for the Avaya G250 and Avaya G350 Media Gateways...
- Page 419 Typical installations Configuration example crypto isakmp policy 1 encryption aes hash sha group 2 authentication pre-share exit crypto isakmp peer address <Primary Main Office Internet public Static IP Address> pre-shared-key <key1> isakmp-policy 1 exit crypto isakmp peer address <Backup Main Office Internet public Static IP Address>...
- Page 420 Permit exit ip-rule 50 source-ip any destination-ip host <Branch Office Public Internet Static IP Address> ip-protocol icmp composite-operation Permit exit ip-rule 60 source-ip any destination-ip any composite-operation Permit exit 420 Administration for the Avaya G250 and Avaya G350 Media Gateways...
- Page 421 Typical installations ip-rule 70 source-ip host <Backup Main Office GRE Tunnel end point IP Address> destination-ip host <Branch GRE Tunnel end point IP Address> composite-operation Permit exit ip-rule default composite-operation deny exit exit ip access-control-list 302 ip-rule 30 source-ip any destination-ip any ip-protocol udp udp destination-port eq Ike...
- Page 422 Tunnel 2 keepalive 10 3 tunnel source <Branch GRE Tunnel end point IP Address> tunnel destination <Backup Main Office GRE Tunnel end point IP Address> ip address 20.20.20.1 255.255.255.252 exit 422 Administration for the Avaya G250 and Avaya G350 Media Gateways...
-
Page 423: Failover Using Dns
VPN peers. On the G250/G350 configure that hostname as your remote peer. The G250/G350 will perform a DNS query in order to resolve the hostname to an IP address before establishing an IKE connection. Your DNS server should be able to provide an IP address of a living host. - Page 424 Permit IKE Traffic (UDP port 500) for VPN control traffic (IKE). ● Permit ESP traffic (IP Protocol ESP) for VPN data traffic (IPSEC). ● Permit ICMP traffic, to support PMTU application support, for a better fragmentation ● process. 424 Administration for the Avaya G250 and Avaya G350 Media Gateways...
- Page 425 Typical installations For each private subnet, add a permit rule, with the destination being the private subnet, ● and the source being any. This traffic will be allowed only if it tunnels under the VPN, because of the crypto-list. Define all other traffic (default rule) as deny in order to protect the device from ●...
- Page 426 ! that is accessible without VPN. ip domain name-server-list 1 name-server 1 123.124.125.126 exit ! Define the IKE Entity crypto isakmp policy 1 encryption aes hash sha group 2 authentication pre-share exit 426 Administration for the Avaya G250 and Avaya G350 Media Gateways...
- Page 427 Typical installations ! Define the remote peer as FQDN (DNS Name) crypto isakmp peer fqdn main-vpn.avaya.com pre-shared-key <key1> isakmp-policy 1 exit ! Define the IPSEC Entity crypto ipsec transform-set ts1 esp-3des esp-sha-hmac exit ! Define the VPN Tunnel crypto map 1 set peer main-vpn.avaya.com...
- Page 428 Permit exit ip-rule 30 source-ip destination-ip ip-protocol icmp composite-operation Permit exit ip-rule 40 source-ip destination-ip 10.0.10.0 0.0.0.255 composite-operation Permit exit ip-rule 50 source-ip destination-ip 10.0.20.0 0.0.0.255 composite-operation Permit exit 428 Administration for the Avaya G250 and Avaya G350 Media Gateways...
- Page 429 Typical installations ip-rule default composite-operation deny exit exit ! Define the Egress access control list for the public interface ip access-control-list 302 ip-rule 5 source-ip destination-ip ip-protocol udp destination-port eq dns composite-operation Permit exit ip-rule 10 source-ip destination-ip ip-protocol udp destination-port eq Ike composite-operation Permit exit...
- Page 430 ! Activate the crypto-list and the access control list on the public interface interface FastEthernet 10/2 ip crypto-group 901 ip access-group 301 in ip access-group 302 out exit 430 Administration for the Avaya G250 and Avaya G350 Media Gateways...
-
Page 431: Failover Using A Peer-Group
Peer group Access Router + VPN termination Host 2 Host 1 Host 3 Corporate Ethernet Internet Intranet Access Router DSL or Avaya GW + VPN Cable Branch termination G350 modem Office Main Host 4 Host 5 Office Access Router + VPN... - Page 432 Define a track list that will monitor (by ICMP) 5 hosts behind the specific peer. If two or more hosts are not working then the object tracker is down. The G250/G350 will then pass on to the next peer in the peer group list.
- Page 433 Typical installations Permit ICMP traffic, to support PMTU application support, for a better fragmentation ● process. For each private subnet, add a permit rule, with the destination being the private subnet, ● and the source being any. This traffic will be allowed only if it tunnels under the VPN, because of the crypto-list.
- Page 434 10.0.20.1 255.255.255.0 exit ! Define the Public Subnet interface FastEthernet 10/2 ip address 100.0.0.2 255.255.255.0 exit ! Define the default gateway the public interfce ip default-gateway 100.0.0.1 434 Administration for the Avaya G250 and Avaya G350 Media Gateways...
- Page 435 Typical installations ! We wish to check 5 hosts in the Corporate intranet behind the current VPN ! remote peer, and if 2 or more hosts don’t work then keepalive-track will fail , ! and we will move to the next peer in the peer-group rtr 1 type echo protocol ipIcmpEcho <host1 IP>...
- Page 436 "Fast Ethernet 10/2.0" ip-rule 10 source-ip 10.0.10.0 0.0.0.255 destination-ip any protect crypto map 1 exit ip-rule 20 source-ip 10.0.20.0 0.0.0.255 destination-ip any protect crypto map 1 exit exit 436 Administration for the Avaya G250 and Avaya G350 Media Gateways...
- Page 437 Typical installations ! Define the Ingress access control list for the public interface ip access-control-list 301 ip-rule 10 source-ip destination-ip ip-protocol udp destination-port eq Ike composite-operation Permit exit ip-rule 11 source-ip any destination-ip any ip-protocol udp destination-port eq Ike-nat-t composite-operation permit exit ip-rule 12 source-ip any...
- Page 438 Permit exit ip-rule 40 source-ip 10.0.10.0 0.0.0.255 destination-ip composite-operation Permit exit ip-rule 50 source-ip 10.0.20.0 0.0.0.255 destination-ip composite-operation Permit exit ip-rule default composite-operation deny exit exit 438 Administration for the Avaya G250 and Avaya G350 Media Gateways...
- Page 439 Typical installations ! Activate the crypto-list and the access control list on the public interface interface FastEthernet 10/2 ip crypto-group 901 ip access-group 301 in ip access-group 302 out exit Issue 1.1 June 2005...
- Page 440 Configuring IPSec VPN 440 Administration for the Avaya G250 and Avaya G350 Media Gateways...
-
Page 441: Chapter 19: Configuring Policy
Each policy list consists of a set of rules determining the behavior of a packet entering or leaving the interface on which the list is applied. This section provides an overview of policy lists on the G250/G350 and includes the following topics: Access control lists —... -
Page 442: Access Control Lists
Global rules — a set of rules that are executed before the list is evaluated ● Rule list — a list of filtering rules and actions for the G250/G350 to take when a packet ● matches the rule. Match actions on this list are pointers to the composite operation table. -
Page 443: Qos Lists
DSCP values or CoS values, and can be based on specific values or groups of IP addresses, protocols, ports, IP fragments, or DSCP values. When a packet matches a rule on the QoS list, the G250/G350 sets one or both of the QoS fields in the packet. The following table shows these QoS fields:... -
Page 444: Policy-Based Routing
Configuring policy QoS lists have the following parts: Rule list — a list of filtering rules and actions for the G250/G350 to take when a packet ● matches the rule. Match actions on this list are pointers to the composite operation table. -
Page 445: Defining Policy Lists
— instructions on how to configure the attributes of a ● policy list, such as a list name, owner, and cookie Default actions — lists the default action the G250/G350 takes when no rule in the policy ● list matches the packet Deleting a policy list —... -
Page 446: Defining List Identification Attributes
● Configure DSCP mapping (QoS lists only) — see DSCP table on page 460 ● Defining list identification attributes The following policy list attributes are used by Avaya QoS Manager software to identify policy lists: Name ● Owner ● Cookie ●... -
Page 447: Default Actions
Attaching policy lists to an interface Default actions When no rule matches a packet, the G250/G350 applies the default action for the list. The following table shows the default action for each type of policy list: List Default action Access control list... - Page 448 Access Control List and the Egress Access Control List from among the access control lists that are configured on the G250/G350. You can choose the Ingress QoS List and the Egress QoS List from among the QoS lists that are configured on the G250/G350.
-
Page 449: Device-Wide Policy Lists
Device-wide policy lists You can attach a policy list (other than a policy-based routing list) to every interface on the G250/G350 using one command. To do this, attach a list to the Loopback 1 interface. For more information, see Attaching policy lists to an interface on page 447. -
Page 450: Defining Global Rules
Editing and creating rules — instructions on how to edit or create a policy rule ● Rule criteria — instructions on how to configure a policy rule’s criteria ● 450 Administration for the Avaya G250 and Avaya G350 Media Gateways... -
Page 451: Overview Of Rule Criteria
Defining rules Overview of rule criteria You can configure policy rules to match packets based on one or more of the following criteria: Source IP address, or a range of addresses ● Destination IP address or a range of addresses ●... -
Page 452: Rule Criteria
Layer 3 rules apply to non-initial fragments ● Layer 3 rules that include the fragment criteria do not apply to initial fragments or ● non-fragment packets 452 Administration for the Avaya G250 and Avaya G350 Media Gateways... -
Page 453: Ip Protocol
Defining rules Layer 3 rules that do not include the fragment criteria apply to initial fragments and ● non-fragment packets Layer 4 rules apply to initial fragments and non-fragment packets ● Layer 3 and Layer 4 rules in QoS and policy-based routing lists apply to non-initial ●... -
Page 454: Source And Destination Port Range
● with a name or number less than the specified name or number any — type any to apply the rule to all port names and port numbers ● 454 Administration for the Avaya G250 and Avaya G350 Media Gateways... -
Page 455: Icmp Type And Code
Defining rules Use the no form of the appropriate command to specify that the rule does not apply to the ports defined by the command. The following command specifies a source TCP port named telnet for rule 1 in access control list 301: G350-001(ACL 301/ip rule 1)# tcp source-port eq telnet The following command specifies any destination UDP port less than 1024 for rule 3 in QoS list... -
Page 456: Fragments
458. The following command specifies that rule 4 in access control list 302 drops packets that match the rule, and causes the G250/G350 to send a trap and reset the connection when the packet is dropped: G350-001(ACL 304/ip rule 4)# operation Deny-Notify-Rst Note: Composite operation names are case-sensitive. -
Page 457: Composite Operations
Overview of composite operations A composite operation is a set of operations that the G250/G350 can perform when a rule matches a packet. Every rule in a policy list has an operation field that specifies a composite operation. -
Page 458: Pre-Configured Composite Operations For Qos Lists
Access — determines whether the operation forwards (forward) or drops (deny) the ● packet Notify — determines whether the operation causes the G250/G350 to send a trap when it ● drops a packet Reset Connection — determines whether the operation causes the G250/G350 to reset ●... -
Page 459: Configuring Composite Operations
Composite operations CoS — the operation sets the Ethernet IEEE 802.1p CoS field in the packet to the value ● listed in this column DSCP — the operation sets the DSCP field in the packet to the value listed in this column ●... -
Page 460: Composite Operation Example
The following commands create a new composite operation called dscp5 and assign the new composite operation to rule 3 in QoS list 402. If the packet matches a rule, the G250/G350 changes the value of the DSCP field in the packet to 5. - Page 461 QoS rules on the list take precedence over the DSCP table. If a QoS rule other than the default matches the packet, the G350 does not apply the DSCP table to the packet. The G250/G350 applies only the operation specified in the QoS rule.
-
Page 462: Displaying And Testing Policy Lists
- show dscp-table — displays the current list’s DSCP table - show ip-rule — displays a list of all rules configured for the list - show list — displays the parameters of the current list, including its rules 462 Administration for the Avaya G250 and Avaya G350 Media Gateways... -
Page 463: Simulating Packets
(in or out), and a source and destination IP address. You may also specify other parameters. For a full list of parameters, see Avaya G250 and Avaya G350 CLI Reference, 03-300437. The following command simulates the effect of applying QoS list number 401 to a packet entering the G350 through interface VLAN 2: G350-001(if:Vlan 2)# ip simulate 401 in CoS1 dscp46 10.1.1.1... - Page 464 Configuring policy When you run the ip simulate command, the G250/G350 displays the effect of the policy rules on the simulated packet. For example: G350-001(super-if:Vlan 2)# ip simulate 401 in CoS1 dscp46 10.1.1.1 10.2.2.2 tcp 1182 20 Rule match for simulated packet is the default rule...
-
Page 465: Chapter 20: Configuring Policy-Based Routing
Each PBR list includes a set of rules, and each rule includes a next hop list. Each next hop list contains up to 20 next hop destinations to which the G250/G350 sends packets that match the rule. A destination can be either an IP address or an interface. -
Page 466: Applications
The Loopback interface is a logical interface which handles traffic that is sent to and from the G250/G350 itself. This includes ping packets to or from the G250/G350, as well as telnet, FTP, DHCP Relay, TFTP, HTTP, NTP, SNMP, H.248, and other types of traffic. The Loopback interface is also used for traffic to and from analog and DCP phones connected to the device via IP phone entities. -
Page 467: Backup
Applications Figure 49: Policy-based routing — Voice/Data Division By DSCP G350 Voice - DSCP=34, 41,43,44,46 Router Data - Default xDSL1 Headquarters Small Branch Backup You can utilize policy-based routing to define backup routes for defined classes of traffic. If the first route on the next hop list fails, the packets are routed to a subsequent hop. -
Page 468: Configuring Policy-Based Routing
It is recommended to leave a gap between rule numbers, in order to leave room Note: for inserting additional rules at a later time. For example, ip-rule 10, ip-rule 20, ip-rule 30. 468 Administration for the Avaya G250 and Avaya G350 Media Gateways... - Page 469 Configuring PPPoE page 139, Configuring GRE tunneling on page 321, and Configuring DHCP client on page 95. A next hop list can include the value NULL0. When the next hop is NULL0, the G250/G350 drops the packet. Issue 1.1 June 2005...
- Page 470 G350-001(super-if:Loopback 1)# ip pbr-group 802 Done! G350-001(super-if:Loopback 1)# exit G350-001(super)# 6. Type the copy running-config startup-config command. This saves the new policy-based routing configuration in the startup configuration file. 470 Administration for the Avaya G250 and Avaya G350 Media Gateways...
-
Page 471: Pbr Rules
PBR rules PBR rules Each PBR list can have up to 1,500 rules. The first rule that matches the packet specifies the next hop list for the packet. If no rule matches the packet, the packet is routed according to the default rule. -
Page 472: Modifying Rules
Use the next-hop list command, followed by the list number of a next hop list, to specify a next hop list for the G250/G350 to apply to packets that match the rule. You can specify Destination Based Routing instead of a next hop list, in which case the G250/G350 applies destination-based routing to a packet when the packet matches the rule. -
Page 473: Next Hop List Overview
Each next hop list can include up to 20 entries. An entry in a next hop list can be either an IP address or an interface. The G250/G350 attempts to route the packet to the first available destination on the next hop list. If every destination on the list is unavailable, the G250/G350 routes the packet according to destination-based routing. -
Page 474: Editing And Deleting Pbr Lists
- show ip pbr-list list number detailed — displays all the parameters of the specified PBR list - show ip active-lists — displays a list of each G250/G350 interface to which a PBR list is attached, along with the number and name of the PBR list - show ip active-lists list number —... -
Page 475: Application Example
This example includes a voice VLAN (6) and a data VLAN (5). The PMI is on VLAN 6. The G250/G350 is managed by a remote Media Gateway Controller (MGC) with the IP address 149.49.43.210. The G250/G350 also includes a local S8300 in LSP mode. - Page 476 G350-001(super-PBR 801/ip rule 20)# dscp 43 Done! G350-001(super-PBR 801/ip rule 20)# exit G350-001(super-PBR 801)# ip-rule 30 G350-001(super-PBR 801/ip rule 30)# next-hop list 1 Done! G350-001(super-PBR 801/ip rule 30)# destination-ip 149.49.123.0 0.0.0.255 Done! 476 Administration for the Avaya G250 and Avaya G350 Media Gateways...
- Page 477 Application example G350-001(super-PBR 801/ip rule 30)# dscp 44 Done! G350-001(super-PBR 801/ip rule 30)# exit G350-001(super-PBR 801)# ip-rule 40 G350-001(super-PBR 801/ip rule 40)# next-hop list 1 Done! G350-001(super-PBR 801/ip rule 40)# destination-ip 149.49.123.0 0.0.0.255 Done! G350-001(super-PBR 801/ip rule 40)# dscp 46 Done! G350-001(super-PBR 801/ip rule 40)# exit G350-001(super-PBR 801)# exit...
- Page 478 The next set of commands applies the PBR list to the Loopback interface. This is necessary to ensure that voice packets generated by the G250/G350 itself are routed via the E1/T1 line. The Loopback interface is a logical interface that is always up. Packets sent from the G250/G350, such as signaling packets, are sent via the Loopback interface.
-
Page 479: Simulating Packets
Application example Finally, the next set of commands applies the PBR list to the data VLAN (5). G350-001(super)# interface Vlan 5 G350-001(super-if:Vlan 6)# ip pbr-group 802 Done! G350-001(super-if:Vlan 6)# exit G350-001(super)# Simulating packets Policy-based routing supports the IP simulate command for testing policies. Refer to Simulating packets on page 463. - Page 480 Configuring policy-based routing 480 Administration for the Avaya G250 and Avaya G350 Media Gateways...
-
Page 481: Chapter 21: Setting Synchronization
Chapter 21: Setting synchronization If the Avaya G350 Media Gateway contains an MM710 T1/E1 media module, it is advisable to define the MM710 as the primary synchronization source for the G350. In so doing, clock synchronization signals from the Central Office (CO) are used by the MM710 to synchronize all operations of the G350. -
Page 482: Displaying Synchronization Status
The status can be Active, Standby, or Not Configured. The status is Not Configured when a source has not been defined, for example, when there are no T1 cards installed. 482 Administration for the Avaya G250 and Avaya G350 Media Gateways... -
Page 483: Chapter 22: Fips
Chapter 22: FIPS This chapter provides information about (i) the Avaya Branch Office Media Gateways (G250, G250-BRI, and G350) cryptographic modules’ compliance with the Federal Information Processing Standard (FIPS-140-2) for cryptographic modules, and (ii) how to configure the module to work in FIPS mode. This chapter includes the following sections: Overview —... -
Page 484: G250 Image And Interfaces
Table Table 26 Table 27 describe the functions of the physical and logical fixed ports, buttons, and LEDs on the G250 front panel. Table 25: Physical and logical interfaces on the G250 front panel Physical Quantity Description FIPS 140-2 logical... - Page 485 Overview Table 25: Physical and logical interfaces on the G250 front panel (continued) Physical Quantity Description FIPS 140-2 logical Comments interface interface Analog Line Analog telephone ports Analog Line 2 ceases to be a data ● on the integrated phones...
- Page 486 FIPS Table 25: Physical and logical interfaces on the G250 front panel (continued) Physical Quantity Description FIPS 140-2 logical Comments interface interface AC Power IEC socket Power input Provides power to the ● Input module from an external source Ground...
-
Page 487: G250-Bri Image And Interfaces
Overview Table 27: LEDs on the G250 front panel (continued) Quantity Description FIPS 140-2 logical Comments interface ETH WAN WAN status LEDs Status output Link state and activity ● indication on the associated data interface ETH LAN LAN status LEDs... - Page 488 Table Table 29 Table 30 describe the functions of the physical and logical fixed ports, buttons, and LEDs on the G250-BRI front panel. Table 28: Physical and logical interfaces on the G250-BRI front panel Physical Quantity Description FIPS 140-2 logical...
- Page 489 Overview Table 28: Physical and logical interfaces on the G250-BRI front panel (continued) Physical Quantity Description FIPS 140-2 logical Comments interface interface BRI phone trunks on BRI phone 2 BRI trunks (4 ISDN-B ● the integrated media trunks channels) supporting...
- Page 490 Link state and activity ● indication on the associated data interface ETH LAN LAN status LEDs Status output Link state and activity ● indication on the associated data interface 490 Administration for the Avaya G250 and Avaya G350 Media Gateways...
-
Page 491: G350 Image And Interfaces
Overview G350 Image and interfaces Figure 53: Image of the G350 cryptographic module 16 17 10 11 12 Figure notes: 1. V6 — high-density media module slot 9. Analog line ports 2. V2 — standard media module slot 10. CCA (Contact Closure) port 3. - Page 492 Status output ● Control input ● CONSOLE Console port for direct Control Supports cryptographic ● connection of CLI inputs module administration console. Status output ● RJ-45 connector. 1 of 2 492 Administration for the Avaya G250 and Avaya G350 Media Gateways...
- Page 493 Overview Table 31: Physical and logical interfaces on the G350 front panel (continued) Physical Quantity Description FIPS 140-2 logical Comments interface interface USB port. Supports the connection of the Multitech MultiModemUSB MT5634ZBA-USB-V92 USB modem. Media Slots for inserting Data input Provides the ability to ●...
- Page 494 Link state and activity ● indication on the associated data interface ETH LAN LAN status LEDs Status output Link state and activity ● indication on the associated data interface 494 Administration for the Avaya G250 and Avaya G350 Media Gateways...
-
Page 495: Supported Algorithms
Overview Supported algorithms The cryptographic module supports the following algorithms in FIPS mode: Approved Algorithms: RSA digital signature verification during firmware upgrades, and license file authentication. ● Support for RSA defined in PKCS#1 standard. RSA implementation, as defined by ANSI X9.31, is not supported. Triple-DES CBC (three key) for IPSec and IKE encryption ●... -
Page 496: Non-Fips Mode Of Operation
Group 1 IPSEC SNMPv3 SSH2 Group 786- 2048 bit VoIP Bearer (Media) Encryption H.248 Link Encryption CNA test plug Group 2 secure channel RAS authentication in SLS (G250 only) 496 Administration for the Avaya G250 and Avaya G350 Media Gateways... -
Page 497: Security Level
The FIPS 140-2 Area 6 Operational Environment requirements are not applicable because the device does not support the loading and execution of un-trusted code. Avaya digitally signs firmware images of the crypto module using RSA SHA1 digital signature. Through this signature, the crypto module verifies the authenticity of any update to its firmware image. - Page 498 OSPF protocol denying access to executed by examining services the authentication field in OSPF packet carrying MD5 hash of the packet and the secret. 1 of 2 498 Administration for the Avaya G250 and Avaya G350 Media Gateways...
-
Page 499: Assumptions Concerning User Behavior
Lock-out after authentication fail after fixed number of log-in attempts (default value is ● three) Device managed locally via direct link to Console port, and remotely via IPSec tunnel only. ● Commands are documented in the Avaya G250 and Avaya G350 CLI Reference, ● 03-300437. Issue 1.1 June 2005... -
Page 500: Critical Security Parameters And Private Keys
Key used for AES data encryption of ISAKMP SA Noncie, Noncer phase-2 initiator and responder nonce IPSEC SA phase-2 TDES key phase-2, basic quick mode IPSEC SA phase-2 DES key phase-2, basic quick mode 1 of 2 500 Administration for the Avaya G250 and Avaya G350 Media Gateways... - Page 501 Overview Table 37: Critical security parameters (continued) Description/Usage IPSEC SA phase-2 AES key phase-2, basic quick mode IPSEC SA phase-2, HMAC phase-2, basic quick mode keys IPSEC SA phase-2 keys per phase-2, basic quick mode protocol IKE ephemeral phase-2 phase-2 Diffie Hellman private keys used in PFS for key DH private key phase-2 renewal IKE ephemeral phase-2...
-
Page 502: Public Keys
Used for authentication of license file validity. The license signing authority public key is hard-coded in the Gateway image and is used directly for authentication of the digital signature embedded in the license file. 502 Administration for the Avaya G250 and Avaya G350 Media Gateways... -
Page 503: Csp Access Rights Within Roles And Services
Overview CSP access rights within roles and services Table 39 lists the CSP access rights according to role. Table 39: CSP access rights within roles and services Service Role Enable FIPS mode: Configure the module for the Approved mode of operation Firmware update: Load firmware images digitally... - Page 504 CSPs and keys IKE negotiation uses DH, TDES, HMAC-SHA1, PRNG X9.31 IPSec traffic processing uses AES, TDES, HMAC-SHA1 Serial Number Exchange OSPF Routing PPPoE connection RADIUS authentication 2 of 2 504 Administration for the Avaya G250 and Avaya G350 Media Gateways...
- Page 505 Overview Table 40 shows Role and Service Access to CSPs: R – Read: the data item is read into memory. ● W – Write: the data item is written into memory. ● Z – Zeroize: the data item is actively destroyed. ●...
- Page 506 DH phase-2 shared secret User password Root password OSPF Secret RADIUS Secret PPPoE Chap/ PAP Secret SNMPv3 authentication password Fixed Serial Number secret 2 of 3 506 Administration for the Avaya G250 and Avaya G350 Media Gateways...
-
Page 507: Security Rules
IKE Ephemeral DH public keys IKE Ephemeral DH phase-2 public keys Avaya root CA RSA public key License RSA public key 3 of 3 Security rules The following are security rules enforced by the cryptographic module to implement the security requirements of this FIPS 140-2 Level 1 module. - Page 508 8. Data output is inhibited during key generation, self-tests, zeroization, and error states. 9. The module supports concurrent operators and maintains separation of roles and services. 10. Users can plug-in and use any Avaya Media Module that does not support cryptographic functionality without restriction.
-
Page 509: Password Guidelines
Password guidelines Password guidelines Below are general guidelines for defining passwords. To maximize security, it is recommended to follow these guidelines or use company guidelines where available. Password length ● User password: at least eight characters ● Other passwords: at least six characters ●... -
Page 510: Prerequisites
Modem connections to the Console and USB ports must be shut down ● CHAP authentication services must be shut down ● Modem dial backup must be disabled ● CNA (Chatter) test plug application must be shut down ● 510 Administration for the Avaya G250 and Avaya G350 Media Gateways... -
Page 511: Fips-Related Cli Commands
The FIPS-related CLI commands include: zeroize ● ● enhanced security ● show self-test-status For a full description see Avaya G250 and Avaya G350 CLI Reference, 03-300437 Entering FIPS mode Prerequisites User type – crypto officer ● FIPS-approved hardware. Version 3.0.x or higher. ●... -
Page 512: Default Configuration
Resetting the device... G350-N(super)# 5. Log in to the device through the local console port. - User name: root - Password: root Login: root Password: **** Password accepted G350-N(super)# 512 Administration for the Avaya G250 and Avaya G350 Media Gateways... - Page 513 MAC Address : 00:04:0d:6d:30:e1 WAN MAC address : 00:04:0d:6d:30:e1 Serial No : 03IS07639510 Model No : G250-BRI HW Vintage HW Suffix FW Vintage : 24.11.0 HW ready for FIPS : Yes 7. Verify that both firmware banks contain firmware images that have been FIPS-approved.
-
Page 514: Reset The Gateway
9. If a more recent FIPS-approved G250/G350 image is available, download it using the image download procedures. - Use the copy tftp image command. 10. If it has not yet been installed, download the Avaya License file with the VPN feature activated. - Use the copy tftp license-file command. - Page 515 Note: Otherwise you cannot establish a signaling link after disabling encryption in the Media Gateway. 15. Disable Avaya Media Encryption (SRTP, AEA, RTP/AES). - Use the disable media encryption command and confirm the operation. G350-N(super)# disable media encryption Warning: The following command will disable the media encryption functionality and it cannot be rolled back.
- Page 516 - do you want to continue (Y/N)? y Shutting down all active sesssions Done! 21. Disable the CNA using the no cna testplug-service command. G350-001(super)# no cna testplug-service Done! 516 Administration for the Avaya G250 and Avaya G350 Media Gateways...
- Page 517 Administration procedures 22. In the G250 only: disable the SLS, using the set survivable-call-engine disable command. Note: This command does not apply to the G350 or G250-BRI. Note: G250-001(super)# set survivable-call-engine disable Survivable Call Engine is disabled 23. Configure other module configuration-related parameters, such as: VoIP, Media, L2 switching, E1/T1.
- Page 518 29. Change the password of the default Crypto-officer and of all existing CLI users to comply with the requirement for a minimum secret length of 8 characters. - Use the username command. G350-N(super)# Username root password root_fips access-type admin User account modified. G350-001(super)# 518 Administration for the Avaya G250 and Avaya G350 Media Gateways...
- Page 519 Administration procedures 30. Use the username command to define new additional operators for Crypto-officer, User, and Read-Only User roles, as required. G350-N(super)# username admin password admin_password access-type admin User account added G350-N(super)# username readwrite password rw_password access-type read-write User account added G350-N(super)# username readonly password ro_password access-type read-only User account added...
- Page 520 Inhibits output data traffic during powerup/error states. ● Inhibits modification of the active IPSEC transform-set parameters. ● In the G250 only: the G250 switches from performing symmetric encryption with a ● hardware accelerator, to software-based encryption. - Use the enhanced security command.
- Page 521 Administration procedures 37. Define an Access Control list that blocks packets with an IP destination address of any of the G250/G350 interfaces for the following protocols, and activate the ACL on the inbound direction of all clear-text interfaces. TELNET ●...
- Page 522 Telnet exit ip-rule 20 composite-operation "Deny" ip-protocol tcp destination-ip host 1.0.0.1 tcp destination-port eq Ftp exit ip-rule 21 composite-operation "Deny" ip-protocol tcp destination-ip host 10.0.0.1 tcp destination-port eq Ftp 522 Administration for the Avaya G250 and Avaya G350 Media Gateways...
- Page 523 Administration procedures exit ip-rule 22 composite-operation "Deny" ip-protocol tcp destination-ip host 10.20.0.1 tcp destination-port eq Ftp exit ip-rule 23 composite-operation "Deny" ip-protocol tcp destination-ip host 100.100.100.1 tcp destination-port eq Ftp exit ip-rule 24 composite-operation "Deny" ip-protocol tcp destination-ip host 10.3.0.1 tcp destination-port eq Ftp exit ip-rule 25...
- Page 524 10.3.0.1 udp destination-port eq Snmp exit ip-rule 45 composite-operation "Deny" ip-protocol udp destination-ip host 10.3.0.3 udp destination-port eq Snmp exit exit interface vlan 1 ip access-group 301 in exit 524 Administration for the Avaya G250 and Avaya G350 Media Gateways...
- Page 525 San Jose 111.110.110.112 IPv4 Address MM none New Jersey 149.49.70.1 vpn.ca.avaya.com AM on-de b. Use the no crypto isakmp peer address command to delete redundant VPN peers. G350-001(super)# no crypto isakmp peer address 149.49.70.1 Done! 40. Configure IKE phase 1 (ISAKMP policy) using the crypto isakmp policy command.
- Page 526 G350-N# crypto ipsec transform-set ts1 esp-3des esp-sha-hmac comp-lzs G350-N(config-transform:ts1)# exit 43. Configure Crypto Maps using the crypto map command. G350-N# crypto map 1 G350-N(super-crypto:1)# set transform-set ts1 Done! G350-N(super-crypto:1)# set peer 20.0.0.2 Done! G350-N(crypto-map)# exit 526 Administration for the Avaya G250 and Avaya G350 Media Gateways...
- Page 527 Administration procedures 44. Define one or more IPSec Crypto lists that provide encryption rules for traffic that needs protection. Use the ip crypto-list command. G350-N(super)# ip crypto-list 901 G350-N(super-Crypto 901)# local-address “FastEthernet 10/2.0” Done! G350-N(super-Crypto 901)# ip-rule 10 G350-N(super-Crypto 901/ip rule 10)# protect crypto map 1 Done! G350-N(super-Crypto 901/ip rule 10)# source-ip any Donw!
-
Page 528: Failure Scenarios And Repair Actions
48. Physically re-connect the network interfaces. Failure scenarios and repair actions The G250/G350 initiates power up tests automatically, without the need for operator intervention, and executes tests in the order defined below. The power-up self-tests are executed during the early boot sequence and before the G350’s data output interfaces are enabled and begin transmitting packets. -
Page 529: Error States
"PRNG integrity power-up self test" "Passed" "Crypto integrity power-up self test" "Passed" "EEPROM integrity power-up self test" "Passed" If the G250/G350 fails a conditional or power-up self-test, the module enters the error state. All data output interfaces are immediately blocked. Error states Table 42 describes the four error states and the recovery procedure taken by the G250/G350. -
Page 530: Recovering From An Error State
If the G350 does not recover from Error State 3, the secrets and other definitions SECURITY ALERT: are retained. If this information is highly sensitive, you should not send the G250/ G350 for repair. 530 Administration for the Avaya G250 and Avaya G350 Media Gateways... - Page 531 Administration procedures Figure 55: Recovering from an error state Power down Gatew ay Power up Gateway Gateway operates correctly? D elete setup Perform N VR AM initialization R econfigure Gateway Gateway operates correctly? C ontact Avaya representative Issue 1.1 June 2005...
- Page 532 FIPS 532 Administration for the Avaya G250 and Avaya G350 Media Gateways...
-
Page 533: Appendix A: Traps And Mibs
— a list of all G250/G350 traps. ● G250/G350 MIBs — a list of all G250/G350 MIBs. ● G250/G350 traps The following table provides a list of all G250/G350 traps with important information about each trap: Name Parameters Class Severity... - Page 534 Redundancy $1 manager of the deletion Trap Status definition deleted of the specified redundant link, which is identified by the softRedundancyId. It is enabled/disabled by chLntAgConfigChangeTr aps. 2 of 9 534 Administration for the Avaya G250 and Avaya G350 Media Gateways...
- Page 535 G250/G350 traps Name Parameters Class Severity Trap Name/ Format Description (MIB variables) Facility Mnemonic createSW soft P330 SWITCH Info createSWRedu Software The trap is generated on Redundancy Redundancy FABRIC ndancyTrap Redundancy $1 the creation of the Trap Status definition created redundant links for the specified ports.
- Page 536 Module $2 Inline This trap reports the FaultMask, FltOK Power Supply correction of a failure on genGroupId, failure was cleared an inline power supply. genGroup BUPSActivity Status 4 of 9 536 Administration for the Avaya G250 and Avaya G350 Media Gateways...
- Page 537 G250/G350 traps Name Parameters Class Severity Trap Name/ Format Description (MIB variables) Facility Mnemonic WanPhysical ifIndex, Critical Cable Problem on An E1/T1/Serial cable AlarmOn ifAdminStatus, Physical port $4 was disconnected. ifOperStatus, AlarmOn ifName, ifAlias, dsx1Line Status wanPhysical ifIndex, Notification wan...
- Page 538 This trap reports a PwrFlt Index, NTITY PwrFlt power supply Fault problem with a 3.3V entPhysical power supply. Descr, entPhySensor Value, avEntPhy SensorHi Warning, avEntPhy SensorLo Warningent Physical ParentRelPos 6 of 9 538 Administration for the Avaya G250 and Avaya G350 Media Gateways...
- Page 539 G250/G350 traps Name Parameters Class Severity Trap Name/ Format Description (MIB variables) Facility Mnemonic avEnt2500mv entPhysical AVAYA-E SUPPLY avEnt2500mv 2.5V (2500mv) This trap reports a PwrFlt Index, NTITY PwrFlt power supply Fault problem with a 2.5V entPhysical power supply. Descr,...
- Page 540 Fault correction of a problem entPhysical Cleared with a 1.8V power supply. Descr, entPhySensor Value, avEntPhy SensorHi Warning, avEntPhy SensorLo Warningent Physical ParentRelPos 8 of 9 540 Administration for the Avaya G250 and Avaya G350 Media Gateways...
-
Page 541: G250/G350 Mibs
Value, avEntPhy SensorHi Warning, entPhysical ParentRelPos 9 of 9 G250/G350 MIBs The following table provides a list of the MIB files and their associated modules that are supported by the G250/G350: MIB File MIB Module Load.MIB LOAD-MIB RFC1315-MIB.my RFC1315-MIB Q-BRIDGE-MIB.my Q-BRIDGE-MIB ENTITY-MIB.my... - Page 542 RS-232-MIB.my RS-232-MIB RIPv2-MIB.my RIPv2-MIB IF-MIB.my IF-MIB DS0BUNDLE-MIB.my DS0BUNDLE-MIB RFC1406-MIB.my RFC1406-MIB DS0-MIB.my DS0-MIB POLICY-MIB.MY POLICY-MIB BRIDGE-MIB.my BRIDGE-MIB CONFIG-MIB.MY CONFIG-MIB G700-MG-MIB.MY G700-MG-MIB FRAME-RELAY-DTE-MIB.my FRAME-RELAY-DTE-MIB IP-MIB.my IP-MIB Load12.MIB LOAD-MIB 2 of 3 542 Administration for the Avaya G250 and Avaya G350 Media Gateways...
- Page 543 USM-MIB VACM-MIB.my VACM-MIB OSPF-MIB.my OSPF-MIB Tunnel-MIB.my TUNNEL-MIB 3 of 3 The following table provides a list of the MIBs in the Load.MIB file that are supported by the G250/G350 and their OIDs: Object genOpModuleId 1.3.6.1.4.1.1751.2.53.1.2.1.1 genOpIndex 1.3.6.1.4.1.1751.2.53.1.2.1.2 genOpRunningState 1.3.6.1.4.1.1751.2.53.1.2.1.3 genOpSourceIndex 1.3.6.1.4.1.1751.2.53.1.2.1.4...
- Page 544 The following table provides a list of the MIBs in the RFC1315-MIB.my file that are supported by the G250/G350 and their OIDs: Object frDlcmiIfIndex 1.3.6.1.2.1.10.32.1.1.1 frDlcmiState 1.3.6.1.2.1.10.32.1.1.2 frDlcmiAddress 1.3.6.1.2.1.10.32.1.1.3 frDlcmiAddressLen 1.3.6.1.2.1.10.32.1.1.4 frDlcmiPollingInterval 1.3.6.1.2.1.10.32.1.1.5 frDlcmiFullEnquiryInterval 1.3.6.1.2.1.10.32.1.1.6 1 of 2 544 Administration for the Avaya G250 and Avaya G350 Media Gateways...
- Page 545 G250/G350 MIBs Object frDlcmiErrorThreshold 1.3.6.1.2.1.10.32.1.1.7 frDlcmiMonitoredEvents 1.3.6.1.2.1.10.32.1.1.8 frDlcmiMaxSupportedVCs 1.3.6.1.2.1.10.32.1.1.9 frDlcmiMulticast 1.3.6.1.2.1.10.32.1.1.10 frCircuitIfIndex 1.3.6.1.2.1.10.32.2.1.1 frCircuitDlci 1.3.6.1.2.1.10.32.2.1.2 frCircuitState 1.3.6.1.2.1.10.32.2.1.3 frCircuitReceivedFECNs 1.3.6.1.2.1.10.32.2.1.4 frCircuitReceivedBECNs 1.3.6.1.2.1.10.32.2.1.5 frCircuitSentFrames 1.3.6.1.2.1.10.32.2.1.6 frCircuitSentOctets 1.3.6.1.2.1.10.32.2.1.7 frCircuitReceivedFrames 1.3.6.1.2.1.10.32.2.1.8 frCircuitReceivedOctets 1.3.6.1.2.1.10.32.2.1.9 frCircuitCreationTime 1.3.6.1.2.1.10.32.2.1.10 frCircuitLastTimeChange 1.3.6.1.2.1.10.32.2.1.11 frCircuitCommittedBurst 1.3.6.1.2.1.10.32.2.1.12 frCircuitExcessBurst 1.3.6.1.2.1.10.32.2.1.13 frCircuitThroughput 1.3.6.1.2.1.10.32.2.1.14 frErrIfIndex 1.3.6.1.2.1.10.32.3.1.1...
- Page 546 1.3.6.1.2.1.17.7.1.4.2.1.5 dot1qVlanStatus 1.3.6.1.2.1.17.7.1.4.2.1.6 dot1qVlanCreationTime 1.3.6.1.2.1.17.7.1.4.2.1.7 dot1qVlanStaticName 1.3.6.1.2.1.17.7.1.4.3.1.1 dot1qVlanStaticEgressPorts 1.3.6.1.2.1.17.7.1.4.3.1.2 dot1qVlanForbiddenEgressPorts 1.3.6.1.2.1.17.7.1.4.3.1.3 dot1qVlanStaticUntaggedPorts 1.3.6.1.2.1.17.7.1.4.3.1.4 dot1qVlanStaticRowStatus 1.3.6.1.2.1.17.7.1.4.3.1.5 dot1qNextFreeLocalVlanIndex 1.3.6.1.2.1.17.7.1.4.4 dot1qPvid 1.3.6.1.2.1.17.7.1.4.5.1.1 dot1qPortAcceptableFrameTypes 1.3.6.1.2.1.17.7.1.4.5.1.2 dot1qPortIngressFiltering 1.3.6.1.2.1.17.7.1.4.5.1.3 dot1qPortGvrpStatus 1.3.6.1.2.1.17.7.1.4.5.1.4 dot1qPortGvrpFailedRegistrations 1.3.6.1.2.1.17.7.1.4.5.1.5 dot1qPortGvrpLastPduOrigin 1.3.6.1.2.1.17.7.1.4.5.1.6 546 Administration for the Avaya G250 and Avaya G350 Media Gateways...
- Page 547 1.3.6.1.2.1.47.1.1.1.1.12 entPhysicalModelName 1.3.6.1.2.1.47.1.1.1.1.13 entPhysicalAlias 1.3.6.1.2.1.47.1.1.1.1.14 entPhysicalAssetID 1.3.6.1.2.1.47.1.1.1.1.15 entPhysicalIsFRU 1.3.6.1.2.1.47.1.1.1.1.16 The following table provides a list of the MIBs in the IP-FORWARD-MIB.my file that are supported by the G250/G350 and their OIDs: Object ipCidrRouteNumber 1.3.6.1.2.1.4.24.3 ipCidrRouteDest 1.3.6.1.2.1.4.24.4.1.1 ipCidrRouteMask 1.3.6.1.2.1.4.24.4.1.2 ipCidrRouteTos 1.3.6.1.2.1.4.24.4.1.3 1 of 2 Issue 1.1 June 2005...
- Page 548 The following table provides a list of the MIBs in theVRRP-MIB.my file that are supported by the G250/G350 and their OIDs: Object vrrpNodeVersion 1.3.6.1.2.1.68.1.1.1 vrrpOperVrId 1.3.6.1.2.1.68.1.1.3.1.1 vrrpOperVirtualMacAddr 1.3.6.1.2.1.68.1.1.3.1.2 vrrpOperState 1.3.6.1.2.1.68.1.1.3.1.3 vrrpOperAdminState 1.3.6.1.2.1.68.1.1.3.1.4 vrrpOperPriority 1.3.6.1.2.1.68.1.1.3.1.5 vrrpOperIpAddrCount 1.3.6.1.2.1.68.1.1.3.1.6 vrrpOperMasterIpAddr 1.3.6.1.2.1.68.1.1.3.1.7 vrrpOperPrimaryIpAddr 1.3.6.1.2.1.68.1.1.3.1.8 1 of 2 548 Administration for the Avaya G250 and Avaya G350 Media Gateways...
- Page 549 1.3.6.1.2.1.68.1.1.3.1.14 vrrpOperRowStatus 1.3.6.1.2.1.68.1.1.3.1.15 vrrpAssoIpAddr 1.3.6.1.2.1.68.1.1.4.1.1 vrrpAssoIpAddrRowStatus 1.3.6.1.2.1.68.1.1.4.1.2 2 of 2 The following table provides a list of the MIBs in the UTILIZATION-MANAGEMENT-MIB.my file that are supported by the G250/G350 and their OIDs: Object genCpuIndex 1.3.6.1.4.1.6889.2.1.11.1.1.1.1.1 genCpuUtilizationEnableMonitoring 1.3.6.1.4.1.6889.2.1.11.1.1.1.1.2 genCpuUtilizationEnableEventGeneration 1.3.6.1.4.1.6889.2.1.11.1.1.1.1.3 genCpuUtilizationHighThreshold 1.3.6.1.4.1.6889.2.1.11.1.1.1.1.4...
- Page 550 The following table provides a list of the MIBs in the RSTP-MIB.my file that are supported by the G250/G350 and their OIDs: Object dot1dStpVersion 1.3.6.1.2.1.17.2.16 dot1dStpTxHoldCount 1.3.6.1.2.1.17.2.17 dot1dStpPathCostDefault 1.3.6.1.2.1.17.2.18 dot1dStpPortProtocolMigration 1.3.6.1.2.1.17.2.19.1.1 dot1dStpPortAdminEdgePort 1.3.6.1.2.1.17.2.19.1.2 1 of 2 550 Administration for the Avaya G250 and Avaya G350 Media Gateways...
- Page 551 1.3.6.1.2.1.17.2.19.1.3 dot1dStpPortAdminPointToPoint 1.3.6.1.2.1.17.2.19.1.4 dot1dStpPortOperPointToPoint 1.3.6.1.2.1.17.2.19.1.5 dot1dStpPortAdminPathCost 1.3.6.1.2.1.17.2.19.1.6 2 of 2 The following table provides a list of the MIBs in the APPLIC-MIB.my file that are supported by the G250/G350 and their OIDs: Object lseIntPortGroupId 1.3.6.1.4.1.81.19.1.2.1.1.1 lseIntPortId 1.3.6.1.4.1.81.19.1.2.1.1.2 lseIntPortCAMLastChange 1.3.6.1.4.1.81.19.1.2.1.1.39 lseIntPortMACAddGroupId 1.3.6.1.4.1.81.19.1.2.2.1.1.1...
- Page 552 1.3.6.1.2.1.10.18.7.1.1 dsx1CurrentESs 1.3.6.1.2.1.10.18.7.1.2 dsx1CurrentSESs 1.3.6.1.2.1.10.18.7.1.3 dsx1CurrentSEFSs 1.3.6.1.2.1.10.18.7.1.4 dsx1CurrentUASs 1.3.6.1.2.1.10.18.7.1.5 dsx1CurrentCSSs 1.3.6.1.2.1.10.18.7.1.6 dsx1CurrentPCVs 1.3.6.1.2.1.10.18.7.1.7 dsx1CurrentLESs 1.3.6.1.2.1.10.18.7.1.8 dsx1CurrentBESs 1.3.6.1.2.1.10.18.7.1.9 dsx1CurrentDMs 1.3.6.1.2.1.10.18.7.1.10 dsx1CurrentLCVs 1.3.6.1.2.1.10.18.7.1.11 dsx1IntervalIndex 1.3.6.1.2.1.10.18.8.1.1 dsx1IntervalNumber 1.3.6.1.2.1.10.18.8.1.2 2 of 3 552 Administration for the Avaya G250 and Avaya G350 Media Gateways...
- Page 553 G250/G350 MIBs Object dsx1IntervalESs 1.3.6.1.2.1.10.18.8.1.3 dsx1IntervalSESs 1.3.6.1.2.1.10.18.8.1.4 dsx1IntervalSEFSs 1.3.6.1.2.1.10.18.8.1.5 dsx1IntervalUASs 1.3.6.1.2.1.10.18.8.1.6 dsx1IntervalCSSs 1.3.6.1.2.1.10.18.8.1.7 dsx1IntervalPCVs 1.3.6.1.2.1.10.18.8.1.8 dsx1IntervalLESs 1.3.6.1.2.1.10.18.8.1.9 dsx1IntervalBESs 1.3.6.1.2.1.10.18.8.1.10 dsx1IntervalDMs 1.3.6.1.2.1.10.18.8.1.11 dsx1IntervalLCVs 1.3.6.1.2.1.10.18.8.1.12 dsx1IntervalValidData 1.3.6.1.2.1.10.18.8.1.13 dsx1TotalIndex 1.3.6.1.2.1.10.18.9.1.1 dsx1TotalESs 1.3.6.1.2.1.10.18.9.1.2 dsx1TotalSESs 1.3.6.1.2.1.10.18.9.1.3 dsx1TotalSEFSs 1.3.6.1.2.1.10.18.9.1.4 dsx1TotalUASs 1.3.6.1.2.1.10.18.9.1.5 dsx1TotalCSSs 1.3.6.1.2.1.10.18.9.1.6 dsx1TotalPCVs 1.3.6.1.2.1.10.18.9.1.7 dsx1TotalLESs 1.3.6.1.2.1.10.18.9.1.8...
- Page 554 1.3.6.1.2.1.1.2 sysUpTime 1.3.6.1.2.1.1.3 sysContact 1.3.6.1.2.1.1.4 sysName 1.3.6.1.2.1.1.5 sysLocation 1.3.6.1.2.1.1.6 sysServices 1.3.6.1.2.1.1.7 ifNumber 1.3.6.1.2.1.2.1 ifIndex 1.3.6.1.2.1.2.2.1.1 ifDescr 1.3.6.1.2.1.2.2.1.2 ifType 1.3.6.1.2.1.2.2.1.3 ifMtu 1.3.6.1.2.1.2.2.1.4 ifSpeed 1.3.6.1.2.1.2.2.1.5 ifPhysAddress 1.3.6.1.2.1.2.2.1.6 1 of 5 554 Administration for the Avaya G250 and Avaya G350 Media Gateways...
- Page 555 G250/G350 MIBs Object ifAdminStatus 1.3.6.1.2.1.2.2.1.7 ifOperStatus 1.3.6.1.2.1.2.2.1.8 ifLastChange 1.3.6.1.2.1.2.2.1.9 ifInOctets 1.3.6.1.2.1.2.2.1.10 ifInUcastPkts 1.3.6.1.2.1.2.2.1.11 ifInNUcastPkts 1.3.6.1.2.1.2.2.1.12 ifInDiscards 1.3.6.1.2.1.2.2.1.13 ifInErrors 1.3.6.1.2.1.2.2.1.14 ifInUnknownProtos 1.3.6.1.2.1.2.2.1.15 ifOutOctets 1.3.6.1.2.1.2.2.1.16 ifOutUcastPkts 1.3.6.1.2.1.2.2.1.17 ifOutNUcastPkts 1.3.6.1.2.1.2.2.1.18 ifOutDiscards 1.3.6.1.2.1.2.2.1.19 ifOutErrors 1.3.6.1.2.1.2.2.1.20 ifOutQLen 1.3.6.1.2.1.2.2.1.21 ifSpecific 1.3.6.1.2.1.2.2.1.22 ipForwarding 1.3.6.1.2.1.4.1 ipDefaultTTL 1.3.6.1.2.1.4.2 ipInReceives 1.3.6.1.2.1.4.3...
- Page 556 1.3.6.1.2.1.4.20.1.5 ipRouteDest 1.3.6.1.2.1.4.21.1.1 ipRouteIfIndex 1.3.6.1.2.1.4.21.1.2 ipRouteMetric1 1.3.6.1.2.1.4.21.1.3 ipRouteMetric2 1.3.6.1.2.1.4.21.1.4 ipRouteMetric3 1.3.6.1.2.1.4.21.1.5 ipRouteMetric4 1.3.6.1.2.1.4.21.1.6 ipRouteNextHop 1.3.6.1.2.1.4.21.1.7 ipRouteType 1.3.6.1.2.1.4.21.1.8 ipRouteProto 1.3.6.1.2.1.4.21.1.9 ipRouteAge 1.3.6.1.2.1.4.21.1.10 ipRouteMask 1.3.6.1.2.1.4.21.1.11 ipRouteMetric5 1.3.6.1.2.1.4.21.1.12 3 of 5 556 Administration for the Avaya G250 and Avaya G350 Media Gateways...
- Page 557 G250/G350 MIBs Object ipRouteInfo 1.3.6.1.2.1.4.21.1.13 ipNetToMediaIfIndex 1.3.6.1.2.1.4.22.1.1 ipNetToMediaPhysAddress 1.3.6.1.2.1.4.22.1.2 ipNetToMediaNetAddress 1.3.6.1.2.1.4.22.1.3 ipNetToMediaType 1.3.6.1.2.1.4.22.1.4 ipRoutingDiscards 1.3.6.1.2.1.4.23 snmpInPkts 1.3.6.1.2.1.11.1 snmpOutPkts 1.3.6.1.2.1.11.2 snmpInBadVersions 1.3.6.1.2.1.11.3 snmpInBadCommunityNames 1.3.6.1.2.1.11.4 snmpInBadCommunityUses 1.3.6.1.2.1.11.5 snmpInASNParseErrs 1.3.6.1.2.1.11.6 snmpInTooBigs 1.3.6.1.2.1.11.8 snmpInNoSuchNames 1.3.6.1.2.1.11.9 snmpInBadValues 1.3.6.1.2.1.11.10 snmpInReadOnlys 1.3.6.1.2.1.11.11 snmpInGenErrs 1.3.6.1.2.1.11.12 snmpInTotalReqVars 1.3.6.1.2.1.11.13 snmpInTotalSetVars 1.3.6.1.2.1.11.14...
- Page 558 1.3.6.1.2.1.11.27 snmpOutGetResponses 1.3.6.1.2.1.11.28 snmpOutTraps 1.3.6.1.2.1.11.29 snmpEnableAuthenTraps 1.3.6.1.2.1.11.30 5 of 5 The following table provides a list of the MIBs in the AVAYA-ENTITY-MIB.my file that are supported by the G250/G350 and their OIDs: Object avEntPhySensorHiShutdown 1.3.6.1.4.1.6889.2.1.99.1.1.1 avEntPhySensorHiWarning 1.3.6.1.4.1.6889.2.1.99.1.1.2 avEntPhySensorHiWarningClear 1.3.6.1.4.1.6889.2.1.99.1.1.3 avEntPhySensorLoWarningClear 1.3.6.1.4.1.6889.2.1.99.1.1.4...
- Page 559 G250/G350 MIBs The following table provides a list of the MIBs in the XSWITCH-MIB.my file that are supported by the G250/G350 and their OIDs: Object scGenPortGroupId 1.3.6.1.4.1.81.28.1.4.1.1.1 scGenPortId 1.3.6.1.4.1.81.28.1.4.1.1.2 scGenPortVLAN 1.3.6.1.4.1.81.28.1.4.1.1.3 scGenPortPriority 1.3.6.1.4.1.81.28.1.4.1.1.4 scGenPortSetDefaults 1.3.6.1.4.1.81.28.1.4.1.1.5 scGenPortLinkAggregationNumber 1.3.6.1.4.1.81.28.1.4.1.1.9 scGenPortGenericTrap 1.3.6.1.4.1.81.28.1.4.1.1.15 scGenPortLagCapability 1.3.6.1.4.1.81.28.1.4.1.1.20...
- Page 560 1.3.6.1.4.1.81.31.1.2.1.8 ipInterfaceMainRouterAddr 1.3.6.1.4.1.81.31.1.2.1.9 ipInterfaceARPServerStatus 1.3.6.1.4.1.81.31.1.2.1.10 ipInterfaceName 1.3.6.1.4.1.81.31.1.2.1.11 ipInterfaceNetbiosRebroadcast 1.3.6.1.4.1.81.31.1.2.1.12 ipInterfaceIcmpRedirects 1.3.6.1.4.1.81.31.1.2.1.13 ipInterfaceOperStatus 1.3.6.1.4.1.81.31.1.2.1.14 ipInterfaceDhcpRelay 1.3.6.1.4.1.81.31.1.2.1.15 ripGlobalsRIPEnable 1.3.6.1.4.1.81.31.1.3.1 ripGlobalsLeakOSPFIntoRIP 1.3.6.1.4.1.81.31.1.3.2 ripGlobalsLeakStaticIntoRIP 1.3.6.1.4.1.81.31.1.3.3 ripGlobalsPeriodicUpdateTimer 1.3.6.1.4.1.81.31.1.3.4 ripGlobalsPeriodicInvalidRouteTimer 1.3.6.1.4.1.81.31.1.3.5 1 of 4 560 Administration for the Avaya G250 and Avaya G350 Media Gateways...
- Page 561 G250/G350 MIBs Object ripGlobalsDefaultExportMetric 1.3.6.1.4.1.81.31.1.3.6 ripInterfaceAddr 1.3.6.1.4.1.81.31.1.4.1.1 ripInterfaceMetric 1.3.6.1.4.1.81.31.1.4.1.2 ripInterfaceSplitHorizon 1.3.6.1.4.1.81.31.1.4.1.3 ripInterfaceAcceptDefaultRoute 1.3.6.1.4.1.81.31.1.4.1.4 ripInterfaceSendDefaultRoute 1.3.6.1.4.1.81.31.1.4.1.5 ripInterfaceState 1.3.6.1.4.1.81.31.1.4.1.6 ripInterfaceSendMode 1.3.6.1.4.1.81.31.1.4.1.7 ripInterfaceVersion 1.3.6.1.4.1.81.31.1.4.1.8 ospfGlobalsLeakRIPIntoOSPF 1.3.6.1.4.1.81.31.1.5.1 ospfGlobalsLeakStaticIntoOSPF 1.3.6.1.4.1.81.31.1.5.2 ospfGlobalsLeakDirectIntoOSPF 1.3.6.1.4.1.81.31.1.5.3 ospfGlobalsDefaultExportMetric 1.3.6.1.4.1.81.31.1.5.4 relayVlIndex 1.3.6.1.4.1.81.31.1.6.1.1 relayVlPrimaryServerAddr 1.3.6.1.4.1.81.31.1.6.1.2 relayVlSeconderyServerAddr 1.3.6.1.4.1.81.31.1.6.1.3 relayVlStatus 1.3.6.1.4.1.81.31.1.6.1.4 relayVlRelayAddr 1.3.6.1.4.1.81.31.1.6.1.5 ipRedundancyStatus 1.3.6.1.4.1.81.31.1.9.1...
- Page 562 1.3.6.1.4.1.81.31.1.15.1.1.6 iphcNegotiatedRtpSessions 1.3.6.1.4.1.81.31.1.15.1.1.7 iphcControlNonTcpAdminStatus 1.3.6.1.4.1.81.31.1.15.1.1.8 iphcNonTcpSessions 1.3.6.1.4.1.81.31.1.15.1.1.9 iphcNegotiatedNonTcpSessions 1.3.6.1.4.1.81.31.1.15.1.1.10 iphcMaxPeriod 1.3.6.1.4.1.81.31.1.15.1.1.11 iphcMaxTime 1.3.6.1.4.1.81.31.1.15.1.1.12 iphcControRtpMinPortNumber 1.3.6.1.4.1.81.31.1.15.1.1.13 iphcControRtpMaxPortNumber 1.3.6.1.4.1.81.31.1.15.1.1.14 iphcControlRtpCompressionRatio 1.3.6.1.4.1.81.31.1.15.1.1.15 iphcControlNonTcpMode 1.3.6.1.4.1.81.31.1.15.1.1.16 ospfXtndIfIpAddress 1.3.6.1.4.1.81.31.1.16.1.1 ospfXtndIfAddressLessIf 1.3.6.1.4.1.81.31.1.16.1.2 3 of 4 562 Administration for the Avaya G250 and Avaya G350 Media Gateways...
- Page 563 1.3.6.1.4.1.81.31.1.16.1.3 vlConfIndex 1.3.6.1.4.1.81.31.3.1.1.1 vlConfAlias 1.3.6.1.4.1.81.31.3.1.1.2 vlConfStatus 1.3.6.1.4.1.81.31.3.1.1.3 4 of 4 The following table provides a list of the MIBs in the RS-232-MIB.my file that are supported by the G250/G350 and their OIDs: Object rs232Number 1.3.6.1.2.1.10.33.1 rs232PortIndex 1.3.6.1.2.1.10.33.2.1.1 rs232PortType 1.3.6.1.2.1.10.33.2.1.2 rs232PortInSigNumber 1.3.6.1.2.1.10.33.2.1.3...
- Page 564 The following table provides a list of the MIBs in the RIPv2-MIB.my file that are supported by the G250/G350 and their OIDs: Object rip2GlobalRouteChanges 1.3.6.1.2.1.23.1.1 rip2GlobalQueries 1.3.6.1.2.1.23.1.2 rip2IfStatAddress 1.3.6.1.2.1.23.2.1.1 rip2IfStatRcvBadPackets 1.3.6.1.2.1.23.2.1.2 rip2IfStatRcvBadRoutes 1.3.6.1.2.1.23.2.1.3 rip2IfStatSentUpdates 1.3.6.1.2.1.23.2.1.4 rip2IfStatStatus 1.3.6.1.2.1.23.2.1.5 rip2IfConfAddress 1.3.6.1.2.1.23.3.1.1 rip2IfConfDomain 1.3.6.1.2.1.23.3.1.2 1 of 2 564 Administration for the Avaya G250 and Avaya G350 Media Gateways...
- Page 565 1.3.6.1.2.1.23.3.1.6 rip2IfConfDefaultMetric 1.3.6.1.2.1.23.3.1.7 rip2IfConfStatus 1.3.6.1.2.1.23.3.1.8 rip2IfConfSrcAddress 1.3.6.1.2.1.23.3.1.9 2 of 2 The following table provides a list of the MIBs in the IF-MIB.my file that are supported by the G250/G350 and their OIDs: Object ifNumber 1.3.6.1.2.1.2.1 ifIndex 1.3.6.1.2.1.2.2.1.1 ifDescr 1.3.6.1.2.1.2.2.1.2 ifType 1.3.6.1.2.1.2.2.1.3...
- Page 566 1.3.6.1.2.1.31.1.1.1.5 ifHCInOctets 1.3.6.1.2.1.31.1.1.1.6 ifHCInUcastPkts 1.3.6.1.2.1.31.1.1.1.7 ifHCInMulticastPkts 1.3.6.1.2.1.31.1.1.1.8 ifHCInBroadcastPkts 1.3.6.1.2.1.31.1.1.1.9 ifHCOutOctets 1.3.6.1.2.1.31.1.1.1.10 ifHCOutUcastPkts 1.3.6.1.2.1.31.1.1.1.11 ifHCOutMulticastPkts 1.3.6.1.2.1.31.1.1.1.12 ifHCOutBroadcastPkts 1.3.6.1.2.1.31.1.1.1.13 ifLinkUpDownTrapEnable 1.3.6.1.2.1.31.1.1.1.14 ifHighSpeed 1.3.6.1.2.1.31.1.1.1.15 ifPromiscuousMode 1.3.6.1.2.1.31.1.1.1.16 ifConnectorPresent 1.3.6.1.2.1.31.1.1.1.17 2 of 3 566 Administration for the Avaya G250 and Avaya G350 Media Gateways...
- Page 567 G250/G350 MIBs Object ifAlias 1.3.6.1.2.1.31.1.1.1.18 ifCounterDiscontinuityTime 1.3.6.1.2.1.31.1.1.1.19 3 of 3 The following table provides a list of the MIBs in the DS0BUNDLE-MIB.my file that are supported by the G250/G350 and their OIDs: Object dsx0BundleIndex 1.3.6.1.2.1.10.82.3.1.1 dsx0BundleIfIndex 1.3.6.1.2.1.10.82.3.1.2 dsx0BundleCircuitIdentifier 1.3.6.1.2.1.10.82.3.1.3 dsx0BundleRowStatus 1.3.6.1.2.1.10.82.3.1.4...
- Page 568 1.3.6.1.2.1.10.18.8.1.2 dsx1IntervalESs 1.3.6.1.2.1.10.18.8.1.3 dsx1IntervalSESs 1.3.6.1.2.1.10.18.8.1.4 dsx1IntervalSEFSs 1.3.6.1.2.1.10.18.8.1.5 dsx1IntervalUASs 1.3.6.1.2.1.10.18.8.1.6 dsx1IntervalCSSs 1.3.6.1.2.1.10.18.8.1.7 dsx1IntervalPCVs 1.3.6.1.2.1.10.18.8.1.8 dsx1IntervalLESs 1.3.6.1.2.1.10.18.8.1.9 dsx1IntervalBESs 1.3.6.1.2.1.10.18.8.1.10 dsx1IntervalDMs 1.3.6.1.2.1.10.18.8.1.11 dsx1IntervalLCVs 1.3.6.1.2.1.10.18.8.1.12 dsx1TotalIndex 1.3.6.1.2.1.10.18.9.1.1 dsx1TotalESs 1.3.6.1.2.1.10.18.9.1.2 2 of 3 568 Administration for the Avaya G250 and Avaya G350 Media Gateways...
- Page 569 1.3.6.1.2.1.10.18.9.1.8 dsx1TotalBESs 1.3.6.1.2.1.10.18.9.1.9 dsx1TotalDMs 1.3.6.1.2.1.10.18.9.1.10 dsx1TotalLCVs 1.3.6.1.2.1.10.18.9.1.11 3 of 3 The following table provides a list of the MIBs in the DS0-MIB.my file that are supported by the G250/G350 and their OIDs: Object dsx0Ds0ChannelNumber 1.3.6.1.2.1.10.81.1.1.1 dsx0RobbedBitSignalling 1.3.6.1.2.1.10.81.1.1.2 dsx0CircuitIdentifier 1.3.6.1.2.1.10.81.1.1.3 dsx0IdleCode 1.3.6.1.2.1.10.81.1.1.4...
- Page 570 1.3.6.1.4.1.81.36.1.1.13 ipPolicyListIpOptionOperation 1.3.6.1.4.1.81.36.1.1.14 ipPolicyListIpFragmentationOperation 1.3.6.1.4.1.81.36.1.1.15 ipPolicyListType 1.3.6.1.4.1.81.36.1.1.16 ipPolicyListEtherTypeDefaultOperation 1.3.6.1.4.1.81.36.1.1.17 ipPolicyRuleSlot 1.3.6.1.4.1.81.36.2.1.1 ipPolicyRuleListID 1.3.6.1.4.1.81.36.2.1.2 ipPolicyRuleID 1.3.6.1.4.1.81.36.2.1.3 ipPolicyRuleSrcAddr 1.3.6.1.4.1.81.36.2.1.4 ipPolicyRuleSrcAddrWild 1.3.6.1.4.1.81.36.2.1.5 ipPolicyRuleDstAddr 1.3.6.1.4.1.81.36.2.1.6 ipPolicyRuleDstAddrWild 1.3.6.1.4.1.81.36.2.1.7 ipPolicyRuleProtocol 1.3.6.1.4.1.81.36.2.1.8 1 of 6 570 Administration for the Avaya G250 and Avaya G350 Media Gateways...
- Page 571 G250/G350 MIBs Object ipPolicyRuleL4SrcPortMin 1.3.6.1.4.1.81.36.2.1.9 ipPolicyRuleL4SrcPortMax 1.3.6.1.4.1.81.36.2.1.10 ipPolicyRuleL4DestPortMin 1.3.6.1.4.1.81.36.2.1.11 ipPolicyRuleL4DestPortMax 1.3.6.1.4.1.81.36.2.1.12 ipPolicyRuleEstablished 1.3.6.1.4.1.81.36.2.1.13 ipPolicyRuleOperation 1.3.6.1.4.1.81.36.2.1.14 ipPolicyRuleApplicabilityPrecedence 1.3.6.1.4.1.81.36.2.1.15 ipPolicyRuleApplicabilityStatus 1.3.6.1.4.1.81.36.2.1.16 ipPolicyRuleApplicabilityType 1.3.6.1.4.1.81.36.2.1.17 ipPolicyRuleErrMsg 1.3.6.1.4.1.81.36.2.1.18 ipPolicyRuleStatus 1.3.6.1.4.1.81.36.2.1.19 ipPolicyRuleDSCPOperation 1.3.6.1.4.1.81.36.2.1.20 ipPolicyRuleDSCPFilter 1.3.6.1.4.1.81.36.2.1.21 ipPolicyRuleDSCPFilterWild 1.3.6.1.4.1.81.36.2.1.22 ipPolicyRuleIcmpTypeCode 1.3.6.1.4.1.81.36.2.1.23 ipPolicyRuleSrcAddrNot 1.3.6.1.4.1.81.36.2.1.24 ipPolicyRuleDstAddrNot 1.3.6.1.4.1.81.36.2.1.25 ipPolicyRuleProtocolNot 1.3.6.1.4.1.81.36.2.1.26 ipPolicyRuleL4SrcPortNot 1.3.6.1.4.1.81.36.2.1.27...
- Page 572 1.3.6.1.4.1.81.36.5.1.1 ipPolicyQueryListID 1.3.6.1.4.1.81.36.5.1.2 ipPolicyQuerySrcAddr 1.3.6.1.4.1.81.36.5.1.3 ipPolicyQueryDstAddr 1.3.6.1.4.1.81.36.5.1.4 ipPolicyQueryProtocol 1.3.6.1.4.1.81.36.5.1.5 ipPolicyQueryL4SrcPort 1.3.6.1.4.1.81.36.5.1.6 ipPolicyQueryL4DestPort 1.3.6.1.4.1.81.36.5.1.7 ipPolicyQueryEstablished 1.3.6.1.4.1.81.36.5.1.8 ipPolicyQueryDSCP 1.3.6.1.4.1.81.36.5.1.9 ipPolicyQueryOperation 1.3.6.1.4.1.81.36.5.1.10 ipPolicyQueryRuleID 1.3.6.1.4.1.81.36.5.1.11 ipPolicyQueryDSCPOperation 1.3.6.1.4.1.81.36.5.1.12 ipPolicyQueryPriority 1.3.6.1.4.1.81.36.5.1.13 3 of 6 572 Administration for the Avaya G250 and Avaya G350 Media Gateways...
- Page 573 G250/G350 MIBs Object ipPolicyQueryIfIndex 1.3.6.1.4.1.81.36.5.1.14 ipPolicyQuerySubContext 1.3.6.1.4.1.81.36.5.1.15 ipPolicyQueryEtherTypeType 1.3.6.1.4.1.81.36.5.1.16 ipPolicyQueryEtherTypeTrafficType 1.3.6.1.4.1.81.36.5.1.17 ipPolicyQueryIcmpTypeCode 1.3.6.1.4.1.81.36.5.1.18 ipPolicyDiffServControlSlot 1.3.6.1.4.1.81.36.6.1.1 ipPolicyDiffServControlChecksum 1.3.6.1.4.1.81.36.6.1.2 ipPolicyDiffServControlTrustedFields 1.3.6.1.4.1.81.36.6.1.3 ipPolicyDiffServControlValidityStatus 1.3.6.1.4.1.81.36.6.1.4 ipPolicyDiffServControlErrMsg 1.3.6.1.4.1.81.36.6.1.5 ipPolicyAccessControlViolationEntID 1.3.6.1.4.1.81.36.7.1.1 ipPolicyAccessControlViolationSrcAddr 1.3.6.1.4.1.81.36.7.1.2 ipPolicyAccessControlViolationDstAddr 1.3.6.1.4.1.81.36.7.1.3 ipPolicyAccessControlViolationProtocol 1.3.6.1.4.1.81.36.7.1.4 ipPolicyAccessControlViolationL4SrcPort 1.3.6.1.4.1.81.36.7.1.5 ipPolicyAccessControlViolationL4DstPort 1.3.6.1.4.1.81.36.7.1.6 ipPolicyAccessControlViolationEstablished 1.3.6.1.4.1.81.36.7.1.7 ipPolicyAccessControlViolationDSCP 1.3.6.1.4.1.81.36.7.1.8 ipPolicyAccessControlViolationIfIndex 1.3.6.1.4.1.81.36.7.1.9...
- Page 574 1.3.6.1.4.1.81.36.9.1.6 ipPolicyDSCPmapApplicabilityStatus 1.3.6.1.4.1.81.36.9.1.7 ipPolicyDSCPmapApplicabilityType 1.3.6.1.4.1.81.36.9.1.8 ipPolicyDSCPmapErrMsg 1.3.6.1.4.1.81.36.9.1.9 ipPolicyActivationEntID 1.3.6.1.4.1.81.36.10.1.1 ipPolicyActivationifIndex 1.3.6.1.4.1.81.36.10.1.2 ipPolicyActivationSubContext 1.3.6.1.4.1.81.36.10.1.3 ipPolicyActivationSubContextName 1.3.6.1.4.1.81.36.10.1.4 ipPolicyActivationList 1.3.6.1.4.1.81.36.10.1.5 ipPolicyActivationAclList 1.3.6.1.4.1.81.36.10.1.6 ipPolicyActivationQoSList 1.3.6.1.4.1.81.36.10.1.7 ipPolicyActivationSourceNatList 1.3.6.1.4.1.81.36.10.1.8 ipPolicyActivationDestinationNatList 1.3.6.1.4.1.81.36.10.1.9 5 of 6 574 Administration for the Avaya G250 and Avaya G350 Media Gateways...
- Page 575 G250/G350 MIBs Object ipPolicyActivationAntiSpoofignList 1.3.6.1.4.1.81.36.10.1.10 ipPolicyActivationPBRList ipPolicyValidListEntID 1.3.6.1.4.1.81.36.11.1.1.1 ipPolicyValidListIfIndex 1.3.6.1.4.1.81.36.11.1.1.2 ipPolicyValidListSubContext 1.3.6.1.4.1.81.36.11.1.1.3 ipPolicyValidListListID 1.3.6.1.4.1.81.36.11.1.1.4 ipPolicyValidListStatus 1.3.6.1.4.1.81.36.11.1.1.5 ipPolicyValidListErrMsg 1.3.6.1.4.1.81.36.11.1.1.6 ipPolicyValidListIpOption 1.3.6.1.4.1.81.36.11.1.1.7 ipPolicyValidListIpFragmentation 1.3.6.1.4.1.81.36.11.1.1.8 ipPolicyValidRuleEntID 1.3.6.1.4.1.81.36.11.2.1.1 ipPolicyValidRuleIfIndex 1.3.6.1.4.1.81.36.11.2.1.2 ipPolicyValidRuleSubContext 1.3.6.1.4.1.81.36.11.2.1.3 ipPolicyValidRuleListID 1.3.6.1.4.1.81.36.11.2.1.4 ipPolicyValidRuleRuleID 1.3.6.1.4.1.81.36.11.2.1.5 ipPolicyValidRuleStatus 1.3.6.1.4.1.81.36.11.2.1.6 ipPolicyValidRuleApplicabilityType 1.3.6.1.4.1.81.36.11.2.1.7 ipPolicyValidRuleErrMsg 1.3.6.1.4.1.81.36.11.2.1.8 ipPolicyValidDSCPEntID 1.3.6.1.4.1.81.36.11.3.1.1 ipPolicyValidDSCPIfIndex 1.3.6.1.4.1.81.36.11.3.1.2...
- Page 576 1.3.6.1.2.1.17.2.5 dot1dStpRootCost 1.3.6.1.2.1.17.2.6 dot1dStpRootPort 1.3.6.1.2.1.17.2.7 dot1dStpMaxAge 1.3.6.1.2.1.17.2.8 dot1dStpHelloTime 1.3.6.1.2.1.17.2.9 dot1dStpHoldTime 1.3.6.1.2.1.17.2.10 dot1dStpForwardDelay 1.3.6.1.2.1.17.2.11 dot1dStpBridgeMaxAge 1.3.6.1.2.1.17.2.12 dot1dStpBridgeHelloTime 1.3.6.1.2.1.17.2.13 dot1dStpBridgeForwardDelay 1.3.6.1.2.1.17.2.14 dot1dStpPort 1.3.6.1.2.1.17.2.15.1.1 dot1dStpPortPriority 1.3.6.1.2.1.17.2.15.1.2 dot1dStpPortState 1.3.6.1.2.1.17.2.15.1.3 1 of 2 576 Administration for the Avaya G250 and Avaya G350 Media Gateways...
- Page 577 1.3.6.1.2.1.17.4.2 dot1dTpFdbAddress 1.3.6.1.2.1.17.4.3.1.1 dot1dTpFdbPort 1.3.6.1.2.1.17.4.3.1.2 dot1dTpFdbStatus 1.3.6.1.2.1.17.4.3.1.3 2 of 2 The following table provides a list of the MIBs in the CONFIG-MIB.MY file that are supported by the G250/G350 and their OIDs: Object chHWType 1.3.6.1.4.1.81.7.1 chNumberOfSlots 1.3.6.1.4.1.81.7.2 chReset 1.3.6.1.4.1.81.7.7 chLntAgMaxNmbOfMngrs 1.3.6.1.4.1.81.7.9.3.1...
- Page 578 1.3.6.1.4.1.81.8.1.1.7 genGroupReset 1.3.6.1.4.1.81.8.1.1.8 genGroupAutoMan 1.3.6.1.4.1.81.8.1.1.9 genGroupFullConfig 1.3.6.1.4.1.81.8.1.1.10 genGroupRedun12 1.3.6.1.4.1.81.8.1.1.11 genGroupRedun34 1.3.6.1.4.1.81.8.1.1.12 genGroupStandAloneMode 1.3.6.1.4.1.81.8.1.1.14 genGroupInterProcCommStatus 1.3.6.1.4.1.81.8.1.1.15 genGroupCommStatus 1.3.6.1.4.1.81.8.1.1.16 genGroupHWStatus 1.3.6.1.4.1.81.8.1.1.17 genGroupSupplyVoltageFault 1.3.6.1.4.1.81.8.1.1.18 genGroupIntTemp 1.3.6.1.4.1.81.8.1.1.19 genGroupSpecificOID 1.3.6.1.4.1.81.8.1.1.20 2 of 5 578 Administration for the Avaya G250 and Avaya G350 Media Gateways...
- Page 579 G250/G350 MIBs Object genGroupConfigurationSymbol 1.3.6.1.4.1.81.8.1.1.21 genGroupLastChange 1.3.6.1.4.1.81.8.1.1.22 genGroupRedunRecovery 1.3.6.1.4.1.81.8.1.1.23 genGroupHWVersion 1.3.6.1.4.1.81.8.1.1.24 genGroupHeight 1.3.6.1.4.1.81.8.1.1.25 genGroupWidth 1.3.6.1.4.1.81.8.1.1.26 genGroupIntrusionControl 1.3.6.1.4.1.81.8.1.1.27 genGroupThresholdStatus 1.3.6.1.4.1.81.8.1.1.28 genGroupEavesdropping 1.3.6.1.4.1.81.8.1.1.29 genGroupMainSWVersion 1.3.6.1.4.1.81.8.1.1.30 genGroupMPSActivityStatus 1.3.6.1.4.1.81.8.1.1.31 genGroupBUPSActivityStatus 1.3.6.1.4.1.81.8.1.1.32 genGroupPrepareCounters 1.3.6.1.4.1.81.8.1.1.33 genGroupPortLastChange 1.3.6.1.4.1.81.8.1.1.34 genGroupIntPortLastChange 1.3.6.1.4.1.81.8.1.1.35 genGroupFaultMask 1.3.6.1.4.1.81.8.1.1.36 genGroupTypeName 1.3.6.1.4.1.81.8.1.1.37 genGroupAgentSlot 1.3.6.1.4.1.81.8.1.1.38 genGroupMngType 1.3.6.1.4.1.81.8.1.1.39...
- Page 580 1.3.6.1.4.1.81.9.1.1.4 genPortDescr 1.3.6.1.4.1.81.9.1.1.5 genPortAdminStatus 1.3.6.1.4.1.81.9.1.1.10 genPortFaultMask 1.3.6.1.4.1.81.9.1.1.14 genPortSWRdFault 1.3.6.1.4.1.81.9.1.1.15 genPortVLANMode 1.3.6.1.4.1.81.9.1.1.19 genPortAdminPermission 1.3.6.1.4.1.81.9.1.1.20 genPortName 1.3.6.1.4.1.81.9.1.1.21 genPortClassification 1.3.6.1.4.1.81.9.1.1.22 genPortVLANBindingMode 1.3.6.1.4.1.81.9.1.1.23 softRedundancyId 1.3.6.1.4.1.81.11.1.1.1 softRedundancyName 1.3.6.1.4.1.81.11.1.1.2 softRedundancyGroupId1 1.3.6.1.4.1.81.11.1.1.3 4 of 5 580 Administration for the Avaya G250 and Avaya G350 Media Gateways...
- Page 581 1.3.6.1.4.1.81.11.1.1.7 softRedundancyGlobalStatus 1.3.6.1.4.1.81.11.2 softRedundancyMinTimeBetweenSwitchOvers 1.3.6.1.4.1.81.11.4 softRedundancySwitchBackInterval 1.3.6.1.4.1.81.11.5 5 of 5 The following table provides a list of the MIBs in the G700-MG-MIB.MY file that are supported by the G250/G350 and their OIDs: Object cmgHWType 1.3.6.1.4.1.6889.2.9.1.1.1 cmgModelNumber 1.3.6.1.4.1.6889.2.9.1.1.2 cmgDescription 1.3.6.1.4.1.6889.2.9.1.1.3 cmgSerialNumber 1.3.6.1.4.1.6889.2.9.1.1.4...
- Page 582 1.3.6.1.4.1.6889.2.9.1.2.1.15 cmgQosControl 1.3.6.1.4.1.6889.2.9.1.2.2.1 cmgRemoteSigDscp 1.3.6.1.4.1.6889.2.9.1.2.2.2 cmgRemoteSig802Priority 1.3.6.1.4.1.6889.2.9.1.2.2.3 cmgLocalSigDscp 1.3.6.1.4.1.6889.2.9.1.2.2.4 cmgLocalSig802Priority 1.3.6.1.4.1.6889.2.9.1.2.2.5 cmgStatic802Vlan 1.3.6.1.4.1.6889.2.9.1.2.2.6 cmgCurrent802Vlan 1.3.6.1.4.1.6889.2.9.1.2.2.7 cmgPrimaryClockSource 1.3.6.1.4.1.6889.2.9.1.2.3.1 cmgSecondaryClockSource 1.3.6.1.4.1.6889.2.9.1.2.3.2 cmgActiveClockSource 1.3.6.1.4.1.6889.2.9.1.2.3.3 cmgRegistrationState 1.3.6.1.4.1.6889.2.9.1.3.1 cmgActiveControllerAddress 1.3.6.1.4.1.6889.2.9.1.3.2 2 of 5 582 Administration for the Avaya G250 and Avaya G350 Media Gateways...
- Page 583 G250/G350 MIBs Object cmgH248LinkStatus 1.3.6.1.4.1.6889.2.9.1.3.3 cmgH248LinkErrorCode 1.3.6.1.4.1.6889.2.9.1.3.4 cmgUseDhcpForMgcList 1.3.6.1.4.1.6889.2.9.1.3.5 cmgStaticControllerHosts 1.3.6.1.4.1.6889.2.9.1.3.6 cmgDhcpControllerHosts 1.3.6.1.4.1.6889.2.9.1.3.7 cmgVoipEngineUseDhcp 1.3.6.1.4.1.6889.2.9.1.4.1 cmgVoipQosControl 1.3.6.1.4.1.6889.2.9.1.4.2 cmgVoipRemoteBbeDscp 1.3.6.1.4.1.6889.2.9.1.4.3.1.1 cmgVoipRemoteEfDscp 1.3.6.1.4.1.6889.2.9.1.4.3.1.2 cmgVoipRemote802Priority 1.3.6.1.4.1.6889.2.9.1.4.3.1.3 cmgVoipRemoteMinRtpPort 1.3.6.1.4.1.6889.2.9.1.4.3.1.4 cmgVoipRemoteMaxRtpPort 1.3.6.1.4.1.6889.2.9.1.4.3.1.5 cmgVoipRemoteRtcpEnabled 1.3.6.1.4.1.6889.2.9.1.4.3.2.1 cmgVoipRemoteRtcpMonitorIpAddress 1.3.6.1.4.1.6889.2.9.1.4.3.2.2 cmgVoipRemoteRtcpMonitorPort 1.3.6.1.4.1.6889.2.9.1.4.3.2.3 cmgVoipRemoteRtcpReportPeriod 1.3.6.1.4.1.6889.2.9.1.4.3.2.4 cmgVoipRemoteRsvpEnabled 1.3.6.1.4.1.6889.2.9.1.4.3.3.1 cmgVoipRemoteRetryOnFailure 1.3.6.1.4.1.6889.2.9.1.4.3.3.2 cmgVoipRemoteRetryDelay 1.3.6.1.4.1.6889.2.9.1.4.3.3.3...
- Page 584 1.3.6.1.4.1.6889.2.9.1.4.5.1.7 cmgVoipAverageOccupancy 1.3.6.1.4.1.6889.2.9.1.4.5.1.8 cmgVoipHyperactivity 1.3.6.1.4.1.6889.2.9.1.4.5.1.9 cmgVoipAdminState 1.3.6.1.4.1.6889.2.9.1.4.5.1.10 cmgVoipDspFWVersion 1.3.6.1.4.1.6889.2.9.1.4.5.1.11 cmgVoipDspStatus 1.3.6.1.4.1.6889.2.9.1.4.5.1.12 cmgVoipEngineReset 1.3.6.1.4.1.6889.2.9.1.4.5.1.13 cmgVoipFaultMask 1.3.6.1.4.1.6889.2.9.1.4.5.1.14 cmgCcModule 1.3.6.1.4.1.6889.2.9.1.6.1.1.1 cmgCcPort 1.3.6.1.4.1.6889.2.9.1.6.1.1.2 cmgCcRelay 1.3.6.1.4.1.6889.2.9.1.6.1.1.3 cmgCcAdminState 1.3.6.1.4.1.6889.2.9.1.6.1.1.4 cmgCcPulseDuration 1.3.6.1.4.1.6889.2.9.1.6.1.1.5 4 of 5 584 Administration for the Avaya G250 and Avaya G350 Media Gateways...
- Page 585 1.3.6.1.4.1.6889.2.9.1.7.1.1.5 cmgDynCacStatus 1.3.6.1.4.1.6889.2.9.1.8.1 cmgDynCacRBBL 1.3.6.1.4.1.6889.2.9.1.8.2 cmgDynCacLastUpdate 1.3.6.1.4.1.6889.2.9.1.8.3 5 of 5 The following table provides a list of the MIBs in the FRAME-RELAY-DTE-MIB.my file that are supported by the G250/G350 and their OIDs: Object frDlcmiIfIndex 1.3.6.1.2.1.10.32.1.1.1 frDlcmiState 1.3.6.1.2.1.10.32.1.1.2 frDlcmiAddress 1.3.6.1.2.1.10.32.1.1.3 frDlcmiAddressLen 1.3.6.1.2.1.10.32.1.1.4...
- Page 586 1.3.6.1.2.1.10.32.2.1.15 frCircuitType 1.3.6.1.2.1.10.32.2.1.16 frCircuitDiscards 1.3.6.1.2.1.10.32.2.1.17 frCircuitReceivedDEs 1.3.6.1.2.1.10.32.2.1.18 frCircuitSentDEs 1.3.6.1.2.1.10.32.2.1.19 frCircuitLogicalIfIndex 1.3.6.1.2.1.10.32.2.1.20 frCircuitRowStatus 1.3.6.1.2.1.10.32.2.1.21 frErrIfIndex 1.3.6.1.2.1.10.32.3.1.1 frErrType 1.3.6.1.2.1.10.32.3.1.2 frErrData 1.3.6.1.2.1.10.32.3.1.3 frErrTime 1.3.6.1.2.1.10.32.3.1.4 frErrFaults 1.3.6.1.2.1.10.32.3.1.5 frErrFaultTime 1.3.6.1.2.1.10.32.3.1.6 2 of 3 586 Administration for the Avaya G250 and Avaya G350 Media Gateways...
- Page 587 G250/G350 MIBs Object frTrapState 1.3.6.1.2.1.10.32.4.1 frTrapMaxRate 1.3.6.1.2.1.10.32.4.2 3 of 3 The following table provides a list of the MIBs in the IP-MIB.my file that are supported by the G250/G350 and their OIDs: Object ipForwarding 1.3.6.1.2.1.4.1 ipDefaultTTL 1.3.6.1.2.1.4.2 ipInReceives 1.3.6.1.2.1.4.3 ipInHdrErrors 1.3.6.1.2.1.4.4...
- Page 588 1.3.6.1.4.1.1751.2.53.1.2.1.1 genOpIndex 1.3.6.1.4.1.1751.2.53.1.2.1.2 genOpRunningState 1.3.6.1.4.1.1751.2.53.1.2.1.3 genOpSourceIndex 1.3.6.1.4.1.1751.2.53.1.2.1.4 genOpDestIndex 1.3.6.1.4.1.1751.2.53.1.2.1.5 genOpServerIP 1.3.6.1.4.1.1751.2.53.1.2.1.6 genOpUserName 1.3.6.1.4.1.1751.2.53.1.2.1.7 genOpPassword 1.3.6.1.4.1.1751.2.53.1.2.1.8 genOpProtocolType 1.3.6.1.4.1.1751.2.53.1.2.1.9 genOpFileName 1.3.6.1.4.1.1751.2.53.1.2.1.10 genOpRunningStateDisplay 1.3.6.1.4.1.1751.2.53.1.2.1.11 genOpLastFailureIndex 1.3.6.1.4.1.1751.2.53.1.2.1.12 genOpLastFailureDisplay 1.3.6.1.4.1.1751.2.53.1.2.1.13 1 of 2 588 Administration for the Avaya G250 and Avaya G350 Media Gateways...
- Page 589 1.3.6.1.4.1.1751.2.53.2.1.1.6 genAppFileLocation 1.3.6.1.4.1.1751.2.53.2.1.1.7 genAppFileDateStamp 1.3.6.1.4.1.1751.2.53.2.1.1.8 genAppFileRowStatus 1.3.6.1.4.1.1751.2.53.2.1.1.9 2 of 2 The following table provides a list of the MIBs in the PPP-LCP-MIB.my file that are supported by the G250/G350 and their OIDs: Object pppLinkStatusPhysicalIndex 1.3.6.1.2.1.10.23.1.1.1.1.1 pppLinkStatusBadAddresses 1.3.6.1.2.1.10.23.1.1.1.1.2 pppLinkStatusBadControls 1.3.6.1.2.1.10.23.1.1.1.1.3 pppLinkStatusPacketTooLongs 1.3.6.1.2.1.10.23.1.1.1.1.4...
- Page 590 The following table provides a list of the MIBs in the WAN-MIB.MY file that are supported by the G250/G350 and their OIDs: Object ds0BundleMemmbersList 1.3.6.1.4.1.6889.2.1.6.1.1.2.1.1 ds0BundleSpeedFactor 1.3.6.1.4.1.6889.2.1.6.1.1.2.1.2 ds1DeviceMode 1.3.6.1.4.1.6889.2.1.6.2.1.1 ifTableXtndIndex 1.3.6.1.4.1.6889.2.1.6.2.2.1.1.1 ifTableXtndPeerAddress 1.3.6.1.4.1.6889.2.1.6.2.2.1.1.2 ifTableXtndVoIPQueue 1.3.6.1.4.1.6889.2.1.6.2.2.1.1.3 ifTableXtndCableLength 1.3.6.1.4.1.6889.2.1.6.2.2.1.1.4 ifTableXtndGain 1.3.6.1.4.1.6889.2.1.6.2.2.1.1.5 1 of 3 590 Administration for the Avaya G250 and Avaya G350 Media Gateways...
- Page 591 G250/G350 MIBs Object ifTableXtndDescription 1.3.6.1.4.1.6889.2.1.6.2.2.1.1.6 ifTableXtndKeepAlive 1.3.6.1.4.1.6889.2.1.6.2.2.1.1.7 ifTableXtndMtu 1.3.6.1.4.1.6889.2.1.6.2.2.1.1.8 ifTableXtndInvertTxClock 1.3.6.1.4.1.6889.2.1.6.2.2.1.1.9 ifTableXtndDTELoopback 1.3.6.1.4.1.6889.2.1.6.2.2.1.1.10 ifTableXtndIgnoreDCD 1.3.6.1.4.1.6889.2.1.6.2.2.1.1.11 ifTableXtndIdleChars 1.3.6.1.4.1.6889.2.1.6.2.2.1.1.12 ifTableXtndBandwidth 1.3.6.1.4.1.6889.2.1.6.2.2.1.1.13 ifTableXtndEncapsulation 1.3.6.1.4.1.6889.2.1.6.2.2.1.1.14 ifTableXtndOperStatus 1.3.6.1.4.1.6889.2.1.6.2.2.1.1.15 ifTableXtndBackupCapabilities 1.3.6.1.4.1.6889.2.1.6.2.2.1.1.16 ifTableXtndBackupIf 1.3.6.1.4.1.6889.2.1.6.2.2.1.1.17 ifTableXtndBackupEnableDelay 1.3.6.1.4.1.6889.2.1.6.2.2.1.1.18 ifTableXtndBackupDisableDelay 1.3.6.1.4.1.6889.2.1.6.2.2.1.1.19 ifTableXtndPrimaryIf 1.3.6.1.4.1.6889.2.1.6.2.2.1.1.20 ifTableXtndCarrierDelay 1.3.6.1.4.1.6889.2.1.6.2.2.1.1.21 ifTableXtndDtrRestartDelay 1.3.6.1.4.1.6889.2.1.6.2.2.1.1.22 ifTableXtndDtrPulseTime 1.3.6.1.4.1.6889.2.1.6.2.2.1.1.23 ifTableXtndLoadInterval 1.3.6.1.4.1.6889.2.1.6.2.2.1.1.24...
- Page 592 G250/G350 and their OIDs: Object sysDescr 1.3.6.1.2.1.1.1 sysObjectID 1.3.6.1.2.1.1.2 sysUpTime 1.3.6.1.2.1.1.3 sysContact 1.3.6.1.2.1.1.4 sysName 1.3.6.1.2.1.1.5 sysLocation 1.3.6.1.2.1.1.6 sysServices 1.3.6.1.2.1.1.7 snmpInPkts 1.3.6.1.2.1.11.1 snmpInBadVersions 1.3.6.1.2.1.11.3 snmpInBadCommunityNames 1.3.6.1.2.1.11.4 snmpInBadCommunityUses 1.3.6.1.2.1.11.5 1 of 2 592 Administration for the Avaya G250 and Avaya G350 Media Gateways...
- Page 593 G250/G350 MIBs Object snmpInASNParseErrs 1.3.6.1.2.1.11.6 snmpEnableAuthenTraps 1.3.6.1.2.1.11.30 snmpOutPkts 1.3.6.1.2.1.11.2 snmpInTooBigs 1.3.6.1.2.1.11.8 snmpInNoSuchNames 1.3.6.1.2.1.11.9 snmpInBadValues 1.3.6.1.2.1.11.10 snmpInReadOnlys 1.3.6.1.2.1.11.11 snmpInGenErrs 1.3.6.1.2.1.11.12 snmpInTotalReqVars 1.3.6.1.2.1.11.13 snmpInTotalSetVars 1.3.6.1.2.1.11.14 snmpInGetRequests 1.3.6.1.2.1.11.15 snmpInGetNexts 1.3.6.1.2.1.11.16 snmpInSetRequests 1.3.6.1.2.1.11.17 snmpInGetResponses 1.3.6.1.2.1.11.18 snmpInTraps 1.3.6.1.2.1.11.19 snmpOutTooBigs 1.3.6.1.2.1.11.20 snmpOutNoSuchNames 1.3.6.1.2.1.11.21 snmpOutBadValues 1.3.6.1.2.1.11.22 snmpOutGenErrs 1.3.6.1.2.1.11.24...
- Page 594 1.3.6.1.2.1.14.1.13 ospfDemandExtensions 1.3.6.1.2.1.14.1.14 ospfAreaId 1.3.6.1.2.1.14.2.1.1 ospfAuthType 1.3.6.1.2.1.14.2.1.2 ospfImportAsExtern 1.3.6.1.2.1.14.2.1.3 ospfSpfRuns 1.3.6.1.2.1.14.2.1.4 ospfAreaBdrRtrCount 1.3.6.1.2.1.14.2.1.5 ospfAsBdrRtrCount 1.3.6.1.2.1.14.2.1.6 ospfAreaLsaCount 1.3.6.1.2.1.14.2.1.7 ospfAreaLsaCksumSum 1.3.6.1.2.1.14.2.1.8 ospfAreaSummary 1.3.6.1.2.1.14.2.1.9 ospfAreaStatus 1.3.6.1.2.1.14.2.1.10 ospfLsdbAreaId 1.3.6.1.2.1.14.4.1.1 1 of 3 594 Administration for the Avaya G250 and Avaya G350 Media Gateways...
- Page 595 G250/G350 MIBs Object ospfLsdbType 1.3.6.1.2.1.14.4.1.2 ospfLsdbLsid 1.3.6.1.2.1.14.4.1.3 ospfLsdbRouterId 1.3.6.1.2.1.14.4.1.4 ospfLsdbSequence 1.3.6.1.2.1.14.4.1.5 ospfLsdbAge 1.3.6.1.2.1.14.4.1.6 ospfLsdbChecksum 1.3.6.1.2.1.14.4.1.7 ospfLsdbAdvertisement 1.3.6.1.2.1.14.4.1.8 ospfIfIpAddress 1.3.6.1.2.1.14.7.1.1 ospfAddressLessIf 1.3.6.1.2.1.14.7.1.2 ospfIfAreaId 1.3.6.1.2.1.14.7.1.3 ospfIfType 1.3.6.1.2.1.14.7.1.4 ospfIfAdminStat 1.3.6.1.2.1.14.7.1.5 ospfIfRtrPriority 1.3.6.1.2.1.14.7.1.6 ospfIfTransitDelay 1.3.6.1.2.1.14.7.1.7 ospfIfRetransInterval 1.3.6.1.2.1.14.7.1.8 ospfIfHelloInterval 1.3.6.1.2.1.14.7.1.9 ospfIfRtrDeadInterval 1.3.6.1.2.1.14.7.1.10 ospfIfPollInterval 1.3.6.1.2.1.14.7.1.11 ospfIfState 1.3.6.1.2.1.14.7.1.12...
- Page 596 1.3.6.1.2.1.14.10.1.6 ospfNbrEvents 1.3.6.1.2.1.14.10.1.7 ospfNbrLsRetransQLen 1.3.6.1.2.1.14.10.1.8 ospfNbmaNbrStatus 1.3.6.1.2.1.14.10.1.9 ospfNbmaNbrPermanence 1.3.6.1.2.1.14.10.1.10 ospfNbrHelloSuppressed 1.3.6.1.2.1.14.10.1.11 ospfExtLsdbType 1.3.6.1.2.1.14.12.1.1 ospfExtLsdbLsid 1.3.6.1.2.1.14.12.1.2 ospfExtLsdbRouterId 1.3.6.1.2.1.14.12.1.3 ospfExtLsdbSequence 1.3.6.1.2.1.14.12.1.4 ospfExtLsdbAge 1.3.6.1.2.1.14.12.1.5 ospfExtLsdbChecksum 1.3.6.1.2.1.14.12.1.6 ospfExtLsdbAdvertisement 1.3.6.1.2.1.14.12.1.7 3 of 3 596 Administration for the Avaya G250 and Avaya G350 Media Gateways...
- Page 597 G250/G350 MIBs The following table provides a list of the MIBs in the TUNNEL-MIB.my file that are supported by the G250/G350 and their OIDs: Object tunnelIfLocalAddress 1.3.6.1.2.1.10.131.1.1.1.1.1 tunnelIfRemoteAddress 1.3.6.1.2.1.10.131.1.1.1.1.2 tunnelIfEncapsMethod 1.3.6.1.2.1.10.131.1.1.1.1.3 tunnelIfTOS 1.3.6.1.2.1.10.131.1.1.1.1.4 tunnelIfHopLimit 1.3.6.1.2.1.10.131.1.1.1.1.5 tunnelConfigLocalAddress 1.3.6.1.2.1.10.131.1.1.2.1.1 tunnelConfigRemoteAddress 1.3.6.1.2.1.10.131.1.1.2.1.2 tunnelConfigEncapsMethod 1.3.6.1.2.1.10.131.1.1.2.1.3...
- Page 598 Traps and MIBs 598 Administration for the Avaya G250 and Avaya G350 Media Gateways...
-
Page 599: Index
... . . NetBIOS rebroadcast Avaya G250/G350 Media Gateway ....accessing . - Page 600 ... crypto ipsec minimal pmtu ....clear capture-buffer ..crypto ipsec transform-set 600 Administration for the Avaya G250 and Avaya G350 Media Gateways...
- Page 601 Index Commands, (continued) Commands, (continued) ......crypto isakmp invalid-spi-recovery interface ... . .
- Page 602 ... . . no cna testplug-service ....router vrrp 602 Administration for the Avaya G250 and Avaya G350 Media Gateways...
- Page 603 Index Commands, (continued) Commands, (continued) ......rtp-echo-port set port dot1x port control .
- Page 604 ....... show interfaces vlan show restart-log 604 Administration for the Avaya G250 and Avaya G350 Media Gateways...
- Page 605 Index Commands, (continued) Commands, (continued) ....... . show rmon alarm threshold count .
- Page 606 ....entering context ....typical application 606 Administration for the Avaya G250 and Avaya G350 Media Gateways...
- Page 607 Index Diagnosing DSCP ....and monitoring the network as access control list rule criteria ....
- Page 608 ....prerequisites ....private keys 608 Administration for the Avaya G250 and Avaya G350 Media Gateways...
- Page 609 ....G250 front panel ....
- Page 610 ..configuring on PPPoE interface ....introduction 610 Administration for the Avaya G250 and Avaya G350 Media Gateways...
- Page 611 ..overview running Avaya Communication Manager ........
- Page 612 ....setting buffers see OSPF ... setting capture list context 612 Administration for the Avaya G250 and Avaya G350 Media Gateways...
- Page 613 Index Packet sniffing, (continued) ....setting capture list parameters adding and removing devices ....
- Page 614 ....PBR lists, see PBR lists ....routing to GRE tunnel USP, see USP ports 614 Administration for the Avaya G250 and Avaya G350 Media Gateways...
- Page 615 Index ... . as default WAN protocol ... . . configuring on WAN line ....
- Page 616 ....RSA authentication ......616 Administration for the Avaya G250 and Avaya G350 Media Gateways...
- Page 617 Index Security SNMP, (continued) ....... . . overview displaying information .
- Page 618 ..... . . SYN flood attack protection, see SYN cookies 618 Administration for the Avaya G250 and Avaya G350 Media Gateways...
- Page 619 Index ....Virtual router Virtual Router Redundancy Protocol, see VRRP ... . Virtual topological networks .
- Page 620 ....full solution ..hub and spokes installation 620 Administration for the Avaya G250 and Avaya G350 Media Gateways...
Need help?
Do you have a question about the G250 and is the answer not in the manual?
Questions and answers