1. Manuals
  2. Brands
  3. Secure Computing Manuals
  4. Gateway
  5. SnapGear
  6. Application note

Secure Computing SnapGear Application Note

Setting up snapgear for voip
Hide thumbs
Table of Contents

Advertisement

Quick Links

Download this manual
A
N
P P L I C A T I O N
O T E
PUT LOGO HERE
S e t t i n g u p
S n a p G e a r f o r V o I P
This note describes how to set up
SnapGear as an IPSec VPN gateway
for Voice over Internet Protocol.
www.securecomputing.com

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the SnapGear and is the answer not in the manual?

Questions and answers

Related Manuals for Secure Computing SnapGear

Summary of Contents for Secure Computing SnapGear

  • Page 1 S e t t i n g u p S n a p G e a r f o r V o I P This note describes how to set up SnapGear as an IPSec VPN gateway for Voice over Internet Protocol. www.securecomputing.com...

  • Page 2: Table Of Contents

    Setting up SnapGear for VoIP Table of Contents A b o u t t h i s n o t e ..........3 P o w e r i n g o n .

  • Page 3: About This Note

    About this note About this note This application note describes how to set up SnapGear as an IPSec VPN gateway for Voice over Internet Protocol traffic. It also describes how to take advantage of SnapGear’s Quality of Service (QoS) bandwidth management features to maintain voice quality.

  • Page 4: Powering On

    Setting up SnapGear for VoIP Powering on Powering on 1 Do not connect any Ethernet cables. Plug the 5V DC mini-plug into the back of the SnapGear appliance. 2 Plug the AC plug (the three-prong plug) of the power adapter into an electrical outlet.

  • Page 5: Logging In And Configuring

    192.168.0.2 in the IP address field. The default gateway IP address is the factory default address of the SnapGear unit (192.168.0.1). DNS settings are not required at this time. Note: Because the PC and the SnapGear are isolated during the initial configuration process, you can use any PC IP address in the range of 192.168.0.2 through...
  • Page 6 Actions It is good practice to change the default root password. The SnapGear firmware automates this step after a reset: 1 Enter a new password in the New Password field. 2 The characters you type are masked, so you are required to enter the new password the same way twice to ensure it is changed as intended.
  • Page 7 Logging in and configuring Configuration window Actions 1 Enter the SnapGear LAN address into the IP Address field. This is the address that all other hosts on the LAN will use as their default gateway, e.g. 192.168.0.254. 2 Enter the network mask into the Subnet Mask field. The example to the left showing the 24-bit mask length can also be entered as 255.255.255.0.
  • Page 8 Ports if there is no requirement for multiple Internet links. It can always be changed later. For the greatest flexibility in setting up the SnapGear’s Quality of Service (QoS) features, do not configure more than one LAN/DMZ segment. Using 4 LAN Ports lets you plug up to four devices directly into the SnapGear.
  • Page 9 Setting up SnapGear for VoIP Logging in and configuring Configuration window Actions Clicking the Backup/Restore menu option opens the Remote Configuration Backup/Restore page. Enter and confirm a backup Password, then click Save. Click the Save button in the File Download window and browse to the workstation file system to save the backup.
  • Page 10 Setting up SnapGear for VoIP Logging in and configuring Configuration window Actions You may also check the connection by selecting Network Setup from the Network Setup Menu. On the Network Setup page, click the Retry button labeled Retry unsuccessful connections, then recheck the data on the Diagnostics, Connections table.

  • Page 11: U S I N G Q O S T R A F F I C S H A P I N

    ISP. It works in conjunction with the ToS Packet Priority configuration. (See “Using the SnapGear VPN solution” on page 16.) To activate traffic shaping and control rules, do the following: 1 Under the Network Setup menu, select .
  • Page 12 4 Setting the inbound speed has a less pronounced effect on call quality because the SnapGear must begin processing everything it receives in the order it is received, even if it is at different prioritized rates. You may wish to...

  • Page 13: E N A B L I N G A N D C O N F I G U R I N G T O S P R I O R I T I Z A T I O

    5 Click Submit 6 The SnapGear unit can transmit ToS flagged packets according to ToS rules governed by VoIP service ports, source or destination address, or a combination of these factors. To set up rules, on the ToS Packet Priority tab, click the button.
  • Page 14 13 Services, sources, destinations, and groups of services, endpoints, or interfaces can also be defined from the Definitions menu. Once created, these objects appear in option lists throughout the SnapGear interface. To create these definitions, from the Firewall menu, select Definitions Note: Objects created with the New button will also be available.

  • Page 15: S E T T I N G T H E E T H E R N E T M T U F O R Q O

    Setting up SnapGear for VoIP Setting the Ethernet MTU for QoS Setting the To optimize traffic shaping performance for VoIP on slower connections, set the outgoing interface MTU to 600, overriding the default, by doing the fol- Ethernet MTU for...

  • Page 16: U S I N G T H E S N A P G E A R V P N S O L U T I O

    Enable IPSec 3 Leave the MTU setting blank. Click Submit The remainder of these steps assume a SnapGear-to- SnapGear VPN with fixed IP addresses on their Internet interfaces. Other configurations are pro- vided in the SnapGear Administration Guide found at: http://www.securecomputing.com/techpubs_download.cfm?id=2136...
  • Page 17 The remote party’s IP address using the Internet IP address of the far end SnapGear. Use IP addresses specific to your networks. Examples shown are for demo purposes only, and not part of a public test network. 9 Click the button next to the Local Network field.
  • Page 18 IP address. It is important to understand that the settings for a VPN tunnel are the same at both ends, but that the data for local and remote will change places for the far-end SnapGear. Figure 15: Reciprocal...
  • Page 19 The Connection Details and Negotiation State listings usually provide the best clues as to what is wrong. In Figure 17, the EVENT_RETRANSMIT in 2 s (seconds) indicates that the HQ SnapGear cannot reach the Branch27 SnapGear. Figure 18: Tunnel status...

  • Page 20: U P D A T I N G F I R M W A R

    Updating firmware Updating If your SnapGear unit has different screens than those described in this or another SnapGear guide, or if it is missing some features, you may check your firmware firmware version by selecting the option under the System menu.

  • Page 21: D O W N L O A D I N G A T S

    Downloading a It is a good practice to download a Technical Support Report (TSR) from your SnapGear, and send it to Secure Computing Technical Support if you contact them with a support issue. To download a TSR: 1 From the System menu, select the Help &...
  • Page 22 Product names used within are trademarks of their respective owners. Copyright © 2008 Secure Computing Corporation. All rights reserved.

Table of Contents