Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4714
Views
0
Helpful
4
Replies

UC560 Setup with NAT and firewall disabled

brauscher
Level 1
Level 1

‎03-17-2010 12:00 PM - edited ‎03-21-2019 02:19 AM

I'm new to the UC560 world and am trying to get my NFR box setup on my network without removing my current firewall.  I've gone through the attached guide and removed firewall and NAT configs.  Right now I have the WAN port configured for an IP on my LAN and am managing through it. How do I tell the UC to communicate with phones through the WAN port?  or do I need to configure a different port?

Any advise from those out there not using their UC as firewall?

thanks!

Labels:
Preview file
450 KB
0 Helpful
4 Replies 4

Steven DiStefano
VIP Alumni
VIP Alumni

‎03-17-2010 12:27 PM

I would leave the Voice VLAN as it is on the UC500 and add the following routes to the FW Router which sites in front of the UC560, with its WAN IP a static IP on your FW Routers data vlan...

10.1.10.0  255.255.255.0 

10.1.1.0  255.255.255.0

If you wanted to leave the UC560 data vlan in tact, you can add a route for it too:

192.168.10.0 255.255.255.0

The default route for the UC500 will be the Router FW router.

Is this what you are looking for?

Steve

0 Helpful

brauscher
Level 1
Level 1
In response to Steven DiStefano

‎03-17-2010 07:08 PM

Makes sense on the VLANs, thanks.  So I am fine having only the WAN port on my UC plugged up to my network?

Can't seem to get the phones to find the Voice VLAN DHCP server running from the UC560 and I was worried it was being broadcast over a different port.  Must be having a VLAN config issue if thats not the case...

0 Helpful

Steven DiStefano
VIP Alumni
VIP Alumni
In response to brauscher

‎03-18-2010 05:33 AM

We posted a doc on placing an SA 500 (security router) in front of the UC 500 and did it with the one WAN connection to the SR 500, but I suppose if I wanted route diversity, I could have implemented dual WAN on the SA 500.  But UC 00 has only 1 WAN link (FE 0/0) supported.

Lab # 6 on this link: https://supportforums.cisco.com/docs/DOC-9836

Would you like to share your design to be review?   We have a "PDS" support you can  try.

https://supportforums.cisco.com/community/netpro/small-business/partnerzone/pds

(PM me if you use it and I'll assist)

So the phones would be plugged into the UC560 switch, plugged into one if its expansion slots, and they (phones) should get 10.1.1.0/24 addresses in the Voice Vlan 100 on the UC560.  Data clients would get 192.168.10.0/24 IPs from Data VLAN 1on the UC560.

0 Helpful

bjames
Level 5
Level 5
In response to brauscher

‎03-18-2010 05:43 AM

If you are behind the firewall don't use the WAN port, it's the easiest way. Just use the expansion port to other switches and trunk. You don't need NAT or a firewall and the Voice and Data VLANs will work fine.

I forgot you will also need to add teh route to the 10.x.x.x network (for phone) pointing to the Data IP of the UC if you have another router in play.

Bob

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents