Multi Site Deployment For Data and Voice For SBCS

Application Note
Multi Site Deployment for Data and Voice for SBCS
This application note provides guidelines and configuration instructions

for UC520 in a multi-site configuration using the Cisco IOS command-line
interface.
Small businesses that have multiple locations have a need to allow for data and voice networking
between sites. The UC520 supports such deployments and can securely network multiple sites
together for both data and voice traffic. The multi site deployment involves IPSEC VPN tunnels
between sites along with inter site dialing using VOIP. The UC520 at each site can go from 8 to 64
users depending on user count at each site.
The information in this document applies to CCA Version 1.8 and Cisco UC500 software pack
version 4.2.9.
Contents
Scope and Assumptions 2
Multi Site Deployment Guidelines 2
Inter Site Voice Features: 6
Customer Site Information required for UC520 Multi Site configuration 7
UC520 Multi Site Configuration 8
Advanced Voice Features 14
For More Information 15
Appendix A Changing the DATA IP subnet using CLI 15
© 2008 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 1 of 16
Application Note
UC520 Multi Site Deployment Guide for Data and Voice
Scope and Assumptions

The information in this application note is intended for use by Cisco SMB Select-certified VARs and
channel partners with a strong recommendation for Express Unified Communications
Specialization. It is assumed that users are familiar with configuration of voice and security features
on the Cisco Smart Business Communications System (SBCS) and are also familiar with the Cisco
IOS command-line interface. It is also assumed that users are familiar with fundamental data and
voice networking knowledge.
The scope of this application is limited to configuration of basic functionality for a multi site
deployment and is not intended to document configuration of additional or optional voice and
networking features.
The procedures in this application assume the following:

• Each site has been provisioned for WAN connection to the internet
• Each site has been provisioned for voice users and if required PSTN termination.
The information in this document applies to CCA Version 1.8 and Cisco UC500 software package
version 4.2.9.
Multi Site Deployment Guidelines

This section covers various aspects of a Multi Site Deployment
Remote Teleworker versus Multi Site
The guideline for Remote Teleworker deployments is as below:
● A maximum of 5 users are supported per Remote Teleworker site.

● A maximum of 10 Remote Teleworker sites are supported.
If the number of users per site exceeds 5, the recommendation is to deploy a UC520 at that site.
Each site in a multi site deployment can still support remote teleworkers per above assuming the
UC520 site has enough bandwidth to support remote teleworker and inter site traffic and the total
number of VPN tunnels on the UC520 is 10 or less (remote teleworker + intersite).
The maximum number of UC520 sites that can be networked together is 5. If the customer
requirement is to network more than 5 sites, then the recommendation would be to look at Cisco
Integrated Services Routers (ISRs) which require Express Unified Communications Specialization.
WAN Connectivity:
Each site should have its own broadband WAN connection to the internet. This WAN connection
can be any broadband medium such as DSL, PPPoE, Cable, T1, Ethernet etc. The guidelines for
the WAN connection are:
WAN IP Address – the WAN IP address for each site MUST be a publicly routable IP
address over the internet so that the VPN tunnels can be setup.
Dynamic versus Static IP Address – the WAN IP address can be either dynamic using
DHCP or static IP address. Static IP addresses allow for simpler configuration of the VPN
tunnels. However DHCP or dynamic IP addresses would work as well – there is a
requirement to use DDNS (Dynamic DNS) to map a site DNS name to each WAN IP
address.
Bandwidth requirements – The broadband connection must have enough bandwidth per
site to handle any of the below traffic per customer requirement. If there is insufficient
bandwidth, this may lead to poor voice quality for inter site calls as well as slow data
connectivity.
o Internet traffic in / out from that site
o Inter site data traffic

o Inter site VOIP call traffic (Each inter site call using G.711 takes up 112Kbps
© 2008 Cisco Systems, Inc. All rights reserved. This document is Cisco Proprietary Information. Page 2 of 16
Application Note
while using G.729 codec takes up 55Kbps)

o Remote teleworker traffic if any
o SIP Trunk calls if that is the PSTN trunk connection on that site
WAN - Public IP
Internet
Dynamic / Static WAN CPE
UC520
Recommended Approach – all sites with Static IP addresses & sufficient bandwidth to cover
the data & voice requirements per site
IPSEC VPN Options for Multi Site connections:
Inter site connections over the internet are secured by using IPSEC VPN between sites. The
recommendation is to use IPSEC VPNs for connecting multiple UC520 sites using direct
encapsulation method. Using this method allows for:
QOS classification for voice over data traffic
Support for VPN Tunnels regardless if WAN IP address is dynamic or static
Keepalive using IP SLAs to ensure remote IPSEC peer is reachable

Inter site traffic is routed over IPSEC VPN allowing this to bypass the regular NAT &
Firewall as it is trusted traffic.
All VPN encryption on the UC520 is done using hardware based acceleration to prevent
overloading the CPU. However there is a slight processing overhead with IPSEC VPN in terms of
processor power and also IP packet overhead (increases bandwidth). There are 2 options to setup
IPSEC VPN tunnels between sites as shown below:
Full
Mesh Hub and Spoke
Site 1 Hub
Site 2 Spoke 1 Spoke 2

Site 3
Site 4 Site 5 Spoke 3 Spoke 4
Pros Cons
Full Mesh Redundancy/Alternate Paths Less VPN sessions for Remote Access
(EZVPN)
More complex configuration and routing
Application Note
Hub & More VPN sessions available for Remote Bandwidth requirements at the Hub site
Spoke Users Single point of failure
Simpler configuration Call Admission Control (CAC) issues
QoS issues for spoke to spoke calls
For more information on IPSEC VPN using direct encapsulation, please refer to:
http://www.cisco.com/application/pdf/en/us/guest/netsol/ns171/c649/ccmigration_09186a0080739e
7c.pdf
Recommended Approach – Full Mesh IPSEC VPN using direct encapsulation
Data Connectivity
To ensure data is transferred between sites, there is a mandatory requirement to have unique
data subnets at each site. Hence when planning out the deployment design, it would be good to
have a unique IP subnet (change from default subnet of 192.168.10.0 / 24) per site. For example,
the site1 data VLAN would be 192.168.10.x / 24, site2 would 192.168.20.x/24 and so on. With CCA
1.8, it is possible to change the data VLAN IP address in the CCA Device Setup Wizard assuming
the UC520 is at factory default configuration. If a UC520 has already been configured then it is
recommended to go into CLI to change different attributes (IP address on data VLAN interface,
DHCP scope information, access-lists for firewall and NAT) – Appendix A has step by step
guidelines to this.
PSTN Trunks:
The PSTN Trunks can be either analog lines (into FXO ports), ISDN BRI, analog DID lines, T1 / E1
PRI, T1 / E1 CAS or SIP or a mix of trunks types at various sites depending on each site’s needs.
PSTN Trunk PSTN Trunks at each site PSTN Trunks at Hub

Options site
VPN Tunnel Full Mesh Hub & Spoke OR Full

Setup Mesh
Incoming PSTN Inbound calls handled locally for the most part, with Inbound calls will need
Call Handling option to route calls to other sites using inter site to be routed to different
VOIP spoke sites using inter
site VOIP
Outgoing Call Outbound calls handled locally with option to send Outbound calls always
Handling tail end hop off (route specific area codes via go out the Hub site
intersite VOIP to local PSTN trunk at other sites) PSTN Trunks
which can provide cost savings. This option also
allows calls to the outside be sent via other sites if
PSTN trunks at a particular site are oversubscribed
Emergency Emergency calling will be locally handled at each All emergency calls will
Number site go out the Hub site
Considerations which may not provide
accurate location
information for spoke
sites
Recommended Approach: PSTN Trunks at each site
Site to Site Dialing:
Site to site calling can be done using VOIP instead of traditional PSTN interconnects thereby
leading to significant cost savings and the ability to use less than 7 - 10 digits to dial between sites.
Dialplan Options – It is very important to design the dialplan for inter site calls appropriately to allow
for future expansion and also overlapping extension ranges at each site (note extensions here
Application Note
covers not just phones but also hunt group pilot extensions, voicemail pilot extensions, call park
extensions, intercom extensions etc). There are 3 options
a) If the extensions at each site are unique (for example Site1 is 1xx, Site2 is 2xx and so on),
then the users could just dial the extensions at each site directly.
b) If the extensions at each site are unique (for example Site1 is 1xx, Site2 is 2xx and so on),
then the recommendation is to add an access code to signify intersite calls – for example
8 + 1xx to call Site1, 8 + 2xx to call Site2 and so on. This approach also allows to support
least cost PSTN routing where calls local to Site2 area can be routed via VOIP to Site2
instead of going out via the Site1 PSTN trunks.
c) If the extensions at each site are overlapping (for example all sites use extensions in the
2xx range), then the recommendation is to add an access code to signify intersite calls
plus a site prefix – for example 8 + 1 + 2xx to call Site1, 8 + 2 + 2xx to call Site2 and so
on. The site prefix makes the extensions unique across sites.
Using the third approach allows for simplicity as it can be applied to any install and allows for:
Dialplan changes when business expands

Does not matter if each site uses overlapping extension ranges
Has well defined dialing rules.
This approach does however require extra digits to be dialed.
VOIP Protocol – The UC520 supports 2 standards based protocols for VOIP – H.323 (ITU-T
standard) and SIP (IETF standard). Both protocols are similar in terms of feature support on the
UC520 with the only key difference being support for video calls between sites only available for
H.323. More information on these protocols in terms of multi site deployments can be found at the
link below:
http://www.cisco.com/en/US/docs/voice_ip_comm/cucme/srnd/design/guide/multcme.html
Call Transfer & Forwarding between sites – The UC520 supports 2 options for call transfer /
forwarding between sites when using H.323 as the VOIP protocol
Call Transfer & Pros Cons

Forward Options
Hairpin call transfers - Overlapping - Higher bandwidth requirements and QOS

(Disable H.450.2 & extensions can be requirements as each transferred or forwarded
H.450.3) used at each site call will be anchored at all intermediate sites.
H.450.2 & H.450.3 - VoIP calls are not - Unique extensions for voicemail & AA pilot
based call transfer hairpinned across extensions at each site
and forwarding multiple sites - Additional config to route calls to voicemail &
AA pilot extensions at each site
Recommended Approach: Use prefix based dialing to call between sites with H.323 as the
VOIP protocol, disable H.450.2 & H.450.3 for hairpinning calls
Quality of Service (QoS):
For multi site deployments that involve inter site VOIP calling, QOS becomes a mandatory
requirement as the intersite data and VOIP traverse the same WAN link. The key requirements to
ensure appropriate QOS for the inter site calls are:
QoS guarantees: The Internet Service Provider (ISPs) needs to guarantee bandwidth for VoIP
calls to insure voice quality between sites. If the ISP does not support QoS and cannot guarantee
bandwidth for VoIP calls, then VPN alone will not guarantee voice quality. To support VoIP calls
between sites, the recommendation is to keep the round trip time for (RTT) for VoIP traffic between
sites under 150 msec – anything higher than that will likely cause delay and voice quality issues. As
Application Note
a way to estimate the RTT between two sites, you can initiate a ping from one UC520 to the remote
UC520 and look at the average response time. The smaller the RTT, lower are the chances of
having poor voice quality. Since inter site voice and data go over the same internet access circuit,
there is a chance that voice quality may suffer during peak data usage times.if there is no QoS
guarantees are available from the ISP.
Call Admission Control (CAC) – This method implies restricting the number of inter site VOIP
calls so that the WAN links are not oversubscribed leading to poor voice quality. It is strongly
recommended to work with the end user and come up with the max number of inter site calls per
location so that the appropriate bandwidth can be provisioned for such calls. If the PSTN Trunks
being used are SIP Trunks, then CAC must take those calls into consideration as well (These calls
will take less bandwidth as compared to calls going over the IPSEC VPN as the VPN overhead is
not there).
Bandwidth & Codec selection – The WAN bandwidth at every site MUST be sufficient to handle
all types of traffic discussed in the WAN Connectivity requirements. If the WAN link has already
been provisioned, make sure the CAC method is used to limit the number of calls to fit into the
bandwidth available. Codec selection for inter site VOIP calls is as below
Codec G.711 G.729

Type
Pros Better Quality Lower bandwidth per call (55Kbps)

No additional DSP
1
requirements
Cons Higher bandwidth per Lower Quality

call (112Kbps)
Requires additional transcoder at each UC520 to handle calls
to voicemail, Auto Attendant and conferencing between sites.
Not recommended on lower end SKUs (8 & 16 user) due to
limited DSP capacity
Note 1: Assumes the codec is G.711ULAW or PCMU

Recommended Approach – Enable CAC on the UC520s, ensure QoS for VOIP between sites
with ISP and use G.711 codec for best quality.
Inter Site Voice Features:

When UC520s are deployed in a multi site scenario with site to site calling, the call processing is
distributed – this implies that each site handles it own set of phones, voicemail, auto attendant,
PSTN trunks etc. The following table summarizes UC500 voice features that would work for Inter
Site calls:
Table 1. UC500 Voice Feature Support Summary
Voice Features Supported for InterSite
Basic Site to Site calls with abbreviated dialing

Yes
Transfer Calls between sites

Yes
Conference Calls between sites Yes
Application Note
Video Calls between sites Yes1
Paging & Call park across sites Yes2
Forward Voicemails between sites Yes (using VPIM) 3
4
Auto Attendant Partial
Fax between sites Yes
Hunt Groups across sites No5
Extension Mobility across sites No
Monitor extensions between sites No
Shared Directory across sites No4
Note 1 This requires H.323 as the VOIP protocol
Note 2 Call park retrieval is still possible only locally within each site, user can however transfer
calls from site 1 to site 2’s park slot.
Note 3 Please check the Advanced Features section for more information on VPIM
Note 4 Please check the Advanced Features section for more information on doing this with the
UCC Server
Note 5 With the UC500 7.0.2 EA SW Pack, it is possible to use blast or parallel hunt groups and
add users across sites
Customer Site Information required for UC520 Multi Site configuration

This section deals with an example that goes over setting up a Multi Site configuration for SBCS
using CCA and then IOS CLI.
Table 2. Customer Site Information for UC520 Multi Site configurations
Site Information Description/Notes Values used in this example
Number of sites Maximum of 5 3
Number of Phones Number of IP phones deployed at

or users per site 8 per site
each location
Business Class SDSL with

WAN Connection at Broadband connection which can be 2Mbps bandwidth (upstream &
each site DSL, Cable, T1, MetroE etc. downstream) with dynamic IP
Addresses
IPSEC VPN Site to Site VPN using IPSEC with

Full Mesh
direct encapsulation
Application Note
San Jose – 192.168.10.0 /24

Data VLAN subnet Each site must have a unique data
Irvine – 192.168.20.0 /24
VLAN subnet
Seattle – 192.168.30.0 /24
San Jose - 8 + 1 + 2xx

Irvine – 8 + 2 + 2xx
Site to Site Dialing Seattle – 8 + 3 + 2xx
Inter site VOIP calls with H.323
Using Site prefix as each site
uses the same 2xx extension
range
Call Admission Control & Codec

Maximum inter site 4 max calls with G711ulaw as
calls per Site selection based on available
codec
bandwidth
PSTN Trunks Analog lines, BRI, PRI, SIP etc Using 4 analog lines at each site
UC520 Multi Site Configuration
San Jose Irvine

PSTN
UC520 UC520
Internet
Seattle
UC520
Perform the procedures in this section to configure multi site for the UC520. CCA configuration can
be done locally by the installer on site or remotely using a VPN connection
1. Change DATA VLAN to be unique per UC520 site

Note: This section assumes that the UC520s at each site are at factory default state – if
the UC520s have already been previously configured, then please go to Appendix A for
changing the DATA VLAN IP address.
Launch CCA 1.8 and select Setup > Device Setup Wizard, then pick UC500 from
the drop down. Follow the steps in the wizard to ensure the data VLAN subnet is set to
192.168.xx.0 / 24 where xx is goes from 10 to 30. Once done, you will need to disconnect
Application Note
the CCA session, allow the PC to get the new IP address from the UC520 using DHCP
and then reconnect using the new data VLAN IP address – 192.168.xx.1 where xx goes
from 10 to 30.
2. Configure all single site features for each UC520 site

Setup each site for Voice, Wireless and Security using CCA as per customer
requirements.
3. Configure remote teleworkers at each UC520 site

Use the Configure > Security > VPN Server option on CCA to setup the remote
teleworkers at each site. The requirement for now is to do this before adding any multi site
configuration below to prevent any configuration conflicts.
4. Save Configuration
Save the configuration on the UC520s after this has been done by going to Configure >
Save Configuration in CCA.
5. Logon to each UC520 using CLI

This process is documented at the VOD http://www.cisco.com/cgi-
bin/front.x/wwtraining/PELC/main.cgi?URL=2019933304845%2E1644. It is important that
the CLI used is as close to the below steps to ensure that the configuration is inline with
the CCA Out Of Band configuration guidelines. All CLI configurations in steps 5 to 8 are to
be done in config mode on the UC520s.
6. Setup site to site VPN using direct encapsulation IPSEC between the sites
Follow the below CLI steps (the bold text signifies the unique config per site)
San Jose
! Define the site to site traffic for VPN using the data subnets
access-list 192 permit ip 192.168.10.0 0.0.0.255 192.168.20.0 0.0.0.255
! Define unique HOSTNAME
hostname SANJOSE-UC520
! Configure crypto settings
crypto isakmp policy 1
encr 3des
hash md5
authentication pre-share
group 2
lifetime 1800
crypto isakmp key cisco123 address 0.0.0.0 0.0.0.0
crypto isakmp identity hostname
!
crypto ipsec transform-set multisite esp-3des esp-sha-hmac
! Configure crypto-map for each site
crypto map multisite 2 ipsec-isakmp
set peer IRVINE-UC520.dyndns.org dynamic
set transform-set multisite
qos pre-classify
match address 192
Application Note

set peer SEATTLE-UC520.dyndns.org dynamic
qos pre-classify
match address 193
Irvine

!
hostname IRVINE-UC520
!
crypto isakmp policy 1
encr 3des
hash md5
authentication pre-share
group 2
lifetime 1800
crypto isakmp key cisco123 address 0.0.0.0 0.0.0.0
crypto isakmp identity hostname
!
crypto ipsec transform-set multisite esp-3des esp-sha-hmac
!
set peer SANJOSE-UC520.dyndns.org dynamic
qos pre-classify
match address 191
set peer SEATTLE-UC520.dyndns.org dynamic
qos pre-classify
match address 193
Configuration for the Seattle site will be on similar lines and is omitted for brevity. The IPsec Direct
Encapsulation VPN Design Guide can provide additional information for reference.
7. Configure Dynamic DNS and WAN interface settings
This configuration assumes DSL as the WAN connection with FastEthernet 0/0 being the WAN
interface on each UC520. Also, the NAT configuration is identified in the CLI to be the below and
that is what is changed to prevent site to site traffic from being translated.
SANJOSE-UC520#sh run | section include SDM_RMAP_1

ip nat inside source route-map SDM_RMAP_1 interface FastEthernet0/0 overload
!
route-map SDM_RMAP_1 permit 1
match ip address 105
The WAN IP address assignment is assumed to be dynamic which is why Dynamic DNS is used to
map a hostname to the dynamic IP address using a service from http://dyndns.org (this does
require the partner to register with this website and sign up for DDNS service). More information on
Application Note
Dynamic DNS is at:

http://www.cisco.com/en/US/docs/ios/ipaddr/configuration/guide/iad_ddns_ps6441_TSD_Products_
Configuration_Guide_Chapter.html
San Jose
! Define the DDNS global settings

ip domain lookup source-interface FastEthernet0/0
ip domain name dyndns.org
!
ip ddns update method method1
http
add
! As there is a “?” in the CLI – there will be an error if you copy / paste this line as is. You need to
! first paste the CLI before the “?”, then hit “Ctrl +V”, type ? and then paste the rest of the CLI
http://uc520multi:cisco123@members.dyndns.org/nic/update?system=dyndns&hostname=<h>&myi
p=<a>
interval maximum 2 0 0 0
interval minimum 1 0 0 0
! Configure WAN interface for DDNS and VPN
interface FastEthernet0/0
description $FW_OUTSIDE$
ip dhcp client update dns
ip ddns update hostname SANJOSE-UC520.dyndns.org
ip ddns update method1
ip address dhcp
ip access-group 104 in
ip nat outside
ip inspect SDM_HIGH out
ip virtual-reassembly
duplex auto
speed auto
crypto map multisite
! Define the NAT settings to prevent site to site traffic from being NATTED
! The access-list 105 is used in this case based on configuration done previously
ip access-list extended 105
1 deny ip 192.168.10.0 0.0.0.255 192.168.20.0 0.0.0.255
2 deny ip 192.168.10.0 0.0.0.255 192.168.30.0 0.0.0.255
Irvine
ip domain lookup source-interface FastEthernet0/0
ip domain name dyndns.org
!
ip ddns update method method1
http
add
http://uc520multi:cisco123@members.dyndns.org/nic/update?system=dyndns&hostname=<h>&myi
p=<a>
interval maximum 2 0 0 0
interval minimum 1 0 0 0
! Configure WAN interface for DDNS and VPN
interface FastEthernet0/0
description $FW_OUTSIDE$
ip dhcp client update dns
ip ddns update hostname IRVINE-UC520.dyndns.org
ip ddns update method1
ip address dhcp
ip nat outside
ip inspect SDM_HIGH out
ip virtual-reassembly
Application Note
duplex auto
speed auto
crypto map multisite
! Define the NAT settings to prevent site to site traffic from being NATTED
! The access-list 105 is used in this case based on configuration done previously
ip access-list extended 105
1 deny ip 192.168.20.0 0.0.0.255 192.168.10.0 0.0.0.255
2 deny ip 192.168.20.0 0.0.0.255 192.168.30.0 0.0.0.255
Similar configuration would apply to Seattle.
8. Configure QOS & Call Admission control
This covers the QOS that is applied at each UC520. It does not guarantee against voice quality
issues for inter site calls but does provide all required QoS at the UC520. There does need to be
sufficient bandwidth on the WAN link provisioned for all traffic types at each site and if possible
push the Service Provider to give priority to VOIP traffic. The below configuration can be applied to
all sites as is – no site specific config is required. The recommendation for bandwidth allocation is
50% for VOIP media traffic and 5% for VOIP signaling traffic of the total WAN bandwidth.
! Classify IP traffic
class-map match-any media
match ip dscp ef
!
class-map match-any signaling
match ip dscp cs3
match ip dscp af31
! Define queuing
policy-map queue
class media
priority percent 50
class signaling
bandwidth percent 5
class class-default
fair-queue
! Define shaping to max WAN bandwidth – 2Mbps in this case
policy-map shape
class class-default
shape average 2000000
service-policy queue
! Apply QOS policy on the WAN interface
interface FastEthernet 0/0
service-policy output shape
! Apply Call Admission control for max of 4 inter site VOIP calls at each site
call threshold interface FastEthernet 0/0 int-calls low 4 high 4
9. Configure site to site dialplan using H.323 as the VOIP protocol:
This goes over the CLI required to setup inter site VOIP calls at each site with previously
mentioned dialplan.
SAN JOSE
! Global VOIP settings
voice service voip
allow-connections h323 to h323
allow-connections h323 to sip
allow-connections sip to h323
allow-connections sip to sip
no supplementary-service h450.2
supplementary-service h450.12
no supplementary-service sip moved-temporarily
Application Note
no supplementary-service sip refer

! Translation of inter site dial strings to extensions
voice translation-rule 81200
rule 1 /^81$…$/ /\1/
!
voice translation-profile intersite
translate called 81200
! Force intersite VOIP traffic using the Data VLAN interface, for UC520s that support integrated
wireless, the Data VLAN interface would be BVI1 instead of VLAN1.
interface VLAN 1
h323-gateway voip bind srcaddr 192.168.10.1
! CALL ROUTING
dial-peer voice 81200 voip
description INCOMING INTERSITE CALLS
incoming called-number 81...
translation-profile incoming intersite
codec g711ulaw
dtmf-relay h245-alphanumeric
no vad
!
description INTERSITE CALLS TO IRVINE
destination-pattern 82...
codec g711ulaw
session target ipv4:192.168.20.1
no vad
!
description INTERSITE CALLS TO SEATTLE
codec g711ulaw
no vad
IRVINE
!
voice service voip
allow-connections h323 to h323
allow-connections h323 to sip
allow-connections sip to h323
allow-connections sip to sip
supplementary-service h450.12
no supplementary-service sip moved-temporarily
no supplementary-service sip refer
!
voice translation-rule 82200
rule 1 /^82$…$/ /\1/
!
voice translation-profile intersite
translate called 82200
!
interface VLAN1
h323-gateway voip bind srcaddr 192.168.20.1
!
description INCOMING INTERSITE CALLS
Application Note
incoming called-number 82...

translation-profile incoming intersite
codec g711ulaw
no vad
!
description INTERSITE CALLS TO SAN JOSE
codec g711ulaw
no vad
!
description INTERSITE CALLS TO SEATTLE
codec g711ulaw
no vad
Config on Seattle UC520 would be on similar lines.

10. Save the configuration on each UC520 in enable mode
SANJOSE-UC520#copy running-config startup-config
Advanced Voice Features

This section goes over some of the more advanced features that can be configured in a UC520
multi site setup and maybe required.
1. Unified Call Connector Server for Presence

With a single UCC server, it is possible to have a “shared directory” across all sites for
users to dial and also use presence. The below white paper details the steps needed to
set this up:
ftp://ftpeng.cisco.com/sbcs/doc/CiscoUnifiedCallConnectorServerTechnicalWhitePaper-
SBCSver1.pdf
2. Networking voicemail across sites

It is possible to network voicemail across multiple sites which allows users:
- To receive, send, and forward messages between sites
- To reply to a remote message received from another user.
This is done using the Voice Profile for Internet Mail (VPIM) protocol. VPIM requires each
CUE to have an unique address or hostname. By default all CUE ship with the same IP
address for CUE. So the CUE address would have to be changed to an unique address at
each site, with changes to everything routed to CUE: I.E. the interface IP address, static
routes, dial-peers etc. More details on VPIM networking are at below:
http://www.cisco.com/en/US/docs/voice_ip_comm/unity_exp/rel3_2/administrator/voicemai
l/9netwk.html
3. Tail End Hop Off

If the different UC520 sites are in different geographical locations (different states or
countries), there maybe significant cost savings achieved if all external (or PSTN) calls
local to Site 1 from other sites would use the VOIP trunk instead of the traditional PSTN
trunks at each location. This obviously implies that the appropriate bandwidth
Application Note
requirements are taken care off at each site to support these additional calls over the
VOIP trunks. A sample configuration based on the example above where all calls to local
area code for San Jose (408) are routed to SANJOSE-UC520 using VOIP trunks from the
Irvine UC520
4. Using the same IP Phone at multiple sites:

This is possible but the the "roaming" IP phone will be statically configured to register to its
home site even if it is physically moved to a remote site. The roaming IP phone will
receive all its services, including PSTN, voicemail & emergency services (such as for 911
calls in the US) from its home site, essentially making it a remote teleworker phone.
For More Information

For more information multi site deployment solutions, visit the SBCS Small Business Support
Community at the following URL:
http://www.myciscocommunity.com/community/smallbizsupport?view=overview
Appendix A Changing the DATA IP subnet using CLI

1. Connect the laptop or PC into one of the UC520 switch ports & launch a telnet session to
get into the UC520 CLI as shown in Step 5 from above.
2. Get into config mode on the UC520 by typing “config terminal” in enable mode
3. Change the DHCP settings for the Data subnet – in this example the data subnet is being
changed from 192.168.10.x (default) to 192.168.20.x:
no ip dhcp excluded-address 192.168.10.1 192.168.10.10
ip dhcp excluded-address 192.168.20.1 192.168.20.10
!
ip dhcp pool data
no network 192.168.10.0 255.255.255.0
no default-router 192.168.10.1
network 192.168.20.0 255.255.255.0
default-router 192.168.20.1
4. Change the interface IP address for the Data subnet – in case of UC520 Wireless SKUs
the interface is BVI1 while for all other SKUs the interface is VLAN1
interface Vlan1
ip address 192.168.20.1 255.255.255.0
5. At this point, the PC will loose IP connectivity to the UC520. You need to request a new IP
address on your PC for the new subnet. This can be doing by going to Start > Run on your
PC and typing in cmd. Then type in “ipconfig /renew” and you should see the new subnet
IP address show up on the PC
6. Launch a new telnet session as shown in Step A-1 & A-2 with the only difference being
the IP address of the UC520 will be 192.168.20.1 (or whatever was configured in step 4).
Once connected, go into config mode and add the below:
interface Loopback0
no ip access-group 101 in
!
interface Vlan100
no ip access-group 103 in
!
Application Note
no access-list 1
access-list 1 remark SDM_ACL Category=2
access-list 1 permit 10.1.1.0 0.0.0.255
!
no access-list 101
access-list 101 remark auto generated by SDM firewall configuration##NO_ACES_7##
access-list 101 permit tcp 10.1.1.0 0.0.0.255 eq 2000 any
access-list 101 permit udp 10.1.1.0 0.0.0.255 eq 2000 any
access-list 101 deny ip 192.168.20.0 0.0.0.255 any
access-list 101 deny ip host 255.255.255.255 any
access-list 101 permit ip any any
!
no access-list 103
access-list 103 remark auto generated by SDM firewall configuration##NO_ACES_8##
access-list 103 permit tcp 10.1.10.0 0.0.0.3 any eq 2000
access-list 103 permit udp 10.1.10.0 0.0.0.3 any eq 2000
access-list 103 deny ip host 255.255.255.255 any
access-list 103 permit ip any any
!
interface Loopback0
!
interface Vlan100

Multi Site Deployment For Data and Voice For SBCS

Caricato da

Informazioni sul documento

Descrizione originale:

Titolo originale

Copyright

Formati disponibili

Condividi questo documento

Condividi o incorpora il documento

Opzioni di condivisione

Hai trovato utile questo documento?

Questo contenuto è inappropriato?

Copyright:

Formati disponibili

Multi Site Deployment For Data and Voice For SBCS

Caricato da

Copyright:

Formati disponibili

Application Note

Multi Site Deployment for Data and Voice for SBCS

This application note provides guidelines and configuration instructions

Scope and Assumptions 2

Multi Site Deployment Guidelines 2

Inter Site Voice Features: 6

Customer Site Information required for UC520 Multi Site configuration 7

UC520 Multi Site Configuration 8

Advanced Voice Features 14

For More Information 15

Appendix A Changing the DATA IP subnet using CLI 15

Scope and Assumptions

The procedures in this application assume the following:

Multi Site Deployment Guidelines

The guideline for Remote Teleworker deployments is as below:

● A maximum of 5 users are supported per Remote Teleworker site.

o Inter site data traffic

while using G.729 codec takes up 55Kbps)

Keepalive using IP SLAs to ensure remote IPSEC peer is reachable

Site 2 Spoke 1 Spoke 2

Site 4 Site 5 Spoke 3 Spoke 4

PSTN Trunk PSTN Trunks at each site PSTN Trunks at Hub

VPN Tunnel Full Mesh Hub & Spoke OR Full

Recommended Approach: PSTN Trunks at each site

Site to Site Dialing:

Dialplan changes when business expands

Call Transfer & Pros Cons

Hairpin call transfers - Overlapping - Higher bandwidth requirements and QOS

Codec G.711 G.729

Pros Better Quality Lower bandwidth per call (55Kbps)

Cons Higher bandwidth per Lower Quality

Note 1: Assumes the codec is G.711ULAW or PCMU

Inter Site Voice Features:

Table 1. UC500 Voice Feature Support Summary

Voice Features Supported for InterSite

Basic Site to Site calls with abbreviated dialing

Transfer Calls between sites

Conference Calls between sites Yes

Video Calls between sites Yes1

Paging & Call park across sites Yes2

Forward Voicemails between sites Yes (using VPIM) 3

Fax between sites Yes

Hunt Groups across sites No5

Extension Mobility across sites No

Monitor extensions between sites No

Shared Directory across sites No4

Note 1 This requires H.323 as the VOIP protocol

Customer Site Information required for UC520 Multi Site configuration

Table 2. Customer Site Information for UC520 Multi Site configurations

Site Information Description/Notes Values used in this example

Number of sites Maximum of 5 3

Number of Phones Number of IP phones deployed at

Business Class SDSL with

IPSEC VPN Site to Site VPN using IPSEC with

San Jose – 192.168.10.0 /24

San Jose - 8 + 1 + 2xx

Call Admission Control & Codec

UC520 Multi Site Configuration

San Jose Irvine

1. Change DATA VLAN to be unique per UC520 site

2. Configure all single site features for each UC520 site

3. Configure remote teleworkers at each UC520 site