Hi, I'm designing a network for ISP, and I would like to know if a 7600 or 12000 router can handle NAT/PAT for 50000 clients. The thing is that we want to save public IP addresses, so we assign private addresses to the residential routers, and we will translate them in the Internet Gateway. I would like to know if one of those routers can handle such traffic and NAT/PAT sessions.
... View more
Hi, thanks for your suggestions. I can provide the answers for your questions. How many users are on the network total? 13300 How many users total per site(8) 1660 Actually this is a small project for triple-Play services...so I must decide how many VLANs I should provide per DSLAM. According to the text I've read it would be a good practice to have 1 VLAN per service and I would be answering my own question :=) but I don't know if I should consider more variables..for example if additionally I need a VLAN per site?? thanks in advance, have a nice day. Orlando
... View more
Thanks for your help Waleed if I have a network infrastructure to provide triple-play services and I want to separate traffic using vlan per service. There will be DSLAM for example to concentrate users at the access Layer, and then it will route traffic to the Agregation layer. The question is if I want a VLAN per service (3 in this case) I will need just 3 vlans? or I should take any other variables in order to know the total number of vlans that I need ? maybe if you know a useful link. I really appreciate your help, Have a nice day, Orlando
... View more
Hi folks, If I want to design an infrastructure for voice, video and data like NGN, which one is the best practice: * VLAN per service? * VLAN per user? How do I assing the ID for those VLANs? Where can I find more information about it? Lots of questions (sorry) and thanks in advance for your help. Orlando.
... View more
Hi, thanks a lot 4 your reply. I was out of the office, and now i'm back to this case. I'll try, and let you know if it works 4 me. Have a nice day. Orlando
... View more
The thing is that we do not use any SIP connection through internet. It's just the CCME in the LAN that has been accesed from Internet...somehow. That CCME do not have any voice/data traffic from/to Internet, and even that, it happened. The CCME only has dial-peers to connect to the local PSTN. We don't have dial-peers to any other system/PBX. Regards, Orlando
... View more
I'm pasting some info collected about it. And take a look to the following IP address: 203.121.71.211. The following phone calls are made from somewhere in Internet taking advantage of some vulnerability. Regards, Orlando. ************* WGIRtr01#sho voice call active voice compact A/O FAX T Codec type Peer Address IP R : Total call-legs: 8 513 ANS T6 g729r8 VOIP P10101010101 203.121.71.211:18188 514 ORG T6 g729r8 TELE P9001095367356257 515 ANS T6 g729r8 VOIP P10101010101 203.121.71.211:18196 516 ORG T6 g729r8 TELE P90010951534883 517 ANS T4 g729r8 VOIP P10101010101 203.121.71.211:18204 518 ORG T4 g729r8 TELE P9001021260860325 519 ANS T5 g729r8 VOIP P10101010101 203.121.71.211:18212 520 ORG T5 g729r8 TELE P9001095015569
... View more
Hi. Thanks 4 your reply. The thing is that behind the ADSL modem we have a pix and a router with CCME in the LAN that is the local PBX(With SCCP phones, there are no H323/SIP trunks). So the attack was made from internet and they reached the LAN to make phone calls (Toll Fraud) using the IP PBX in the LAN through the COs connected to that router. Do you know about any bug, or vulnerability? Thanks once again! Regards, ORlando
... View more
Hi folks, I don't know if you have been going through this problem. Many clients that have acces to Internet through ADSL service are having their phone/voice lines busy because an external user through Internet takes their lines to make world wide phone calls, charging this cost to the ADSL user. The fraud is related to the way the hacker takes the gateway that belongs to another user in another country and provides phone services. PLease let me know if you have heard about this. Is there any vulnerability? Thanks in advance. Orlando
... View more
Hi, I'm reisntalling a publisher CCM due to a hardware problem with the HD. The thing is what should I do first, because I dont't have a backup of the DB, can I get it from the Subscriber and restore in the publisher? Thanks in advance 4 your help. Orlando
... View more
Hi folks, This is the case. The main site has two routers, A and B. There is one remote location and its router is C. C has two links, one connected to A, and the other one to B. The traffic was not balanced, so we decided to connect both links to router A. So between router C and A would be 2 links. The thing is that just one link gets up, the other one gets down. If we disconnect the one that is up, the other link that was down then is up. I'm using 12.4(7d) in router A (3725) and 12.3(22) (1760). Is there any issue related to eigrp? this is the eigrp configuration. router eigrp 99 variance 2 traffic-share min across-interfaces network 1.0.0.0 auto-summary no eigrp log-neighbor-changes neighbor 1.16.1.2 FastEthernet0/0 Any ideas? thanks in advance for your help.
... View more
Hi, In the ACL of the firewall yoou can set up h323 ports, but the problem is that there is a huge range of UDP ports for RTP packets, if I'm not wrong from 16384 to 32000 something. AS the RTP packets are no enabled you can't hear the voice. Other point is that then the destination address is the remote phone, so you can try to do PAT or No NAT in the Firewall. ORlando
... View more