ITC-2300 VoIP Labs Switch and Router Configurations
Notes
Don’t forget to modify for the information specific to your Pod:
-
Change the hostname of both the Router and Switch to include your Pod ID
-
Change the IP Address on the Router Fa0/0 interface to the correct IP for your pod
-
Change the extension numbers/phone numbers to those appropriate for your pod
-
Read through all lines in the configurations, especially comment lines starting with a !
You may want to make some additional changes for administration ease:
-
Set an enable secret
-
Setup a username and secret on both devices
-
Setup SSH on both devices
Basic Router Configuration
hostname PodX-Router ! ip dhcp excluded-address 192.168.10.1 192.168.10.20 ! ip dhcp pool internal-voip network 192.168.10.0 255.255.255.0 dns-server 172.17.139.11 default-router 192.168.10.1 ! Option 150 is used by Cisco phones to find the TFTP server where they get their configuration. ! We are running the TFTP server on our Asterisk server so we can use the IP of that server. option 150 ip 192.168.10.3 ! interface FastEthernet0/0 ! Rememeber to change the IP address on this interface to match the IP address assigned to your pod. ip address 172.17.144.XX 255.255.255.0 ip nat outside no shutdown ! interface FastEthernet0/1 no shutdown ! interface FastEthernet0/1.10 encapsulation dot1Q 10 ip address 192.168.10.1 255.255.255.0 ip nat inside no shutdown ! ip route 0.0.0.0 0.0.0.0 172.17.144.1 ! ip nat inside source list 1 interface FastEthernet0/0 overload ! access-list 1 permit 192.168.10.0 0.0.0.255
Basic Switch Configuration
hostname PodX-Switch ! vtp mode transparent ! vlan 10 ! spanning-tree portfast default ! ! interface GigabitEthernet1/0/1 description Lab PC switchport access vlan 10 switchport mode access spanning-tree portfast ! interface GigabitEthernet1/0/2 description VoIP Phone 1 switchport access vlan 10 switchport mode access switchport voice vlan 10 spanning-tree portfast ! interface GigabitEthernet1/0/3 description VoIP Phone 2 switchport access vlan 10 switchport mode access switchport voice vlan 10 spanning-tree portfast ! interface GigabitEthernet1/0/23 description Layer 2 connection to Asterisk server ens224 interface on internal 192.168.10.0/24 subnet switchport access vlan 10 switchport mode access no shutdown ! interface GigabitEthernet1/0/24 description Trunk Connection to Router switchport mode trunk no shutdown ! interface Vlan10 ip address 192.168.10.2 255.255.255.0 ! ip route 0.0.0.0 0.0.0.0 192.168.10.1 !
Adding ISDN <→ SIP Gateway Support to the Router
You will not need this configuration until you get to the T1 gateway lab. |
These additions to the configuration of your router allow it to act as a VoIP gateway which converts a digital ISDN PRI trunk from the Public Switched Telephone Network (PSTN) to a SIP trunk which Asterisk can send and receive calls on. This means that calls sent to the router (only from the IP of our Asterisk server thanks to the ACLs) are able to be sent to the PSTN over a T1 PRI voice trunk with guaranteed quality and calls coming from the PSTN can be converted into VoIP by the router and sent on to Asterisk.
! Put the T1/E1 card found in slot 0 , subslot 3 into T1 mode card type t1 0 3 ! ! Setup ISDN on the router to use signaling for PRI connections to a National ISDN switch isdn switch-type primary-ni ! ! Tell the router to synchronize the DSP clock to the card in WIC slot 3 network-clock-participate wic 3 ! ! Enable SIP VoIP capabilities on the router and set the router to use the IP outside network for SIP signalling because that is where Asterisk is voice service voip sip bind control source-interface FastEthernet0/1.10 bind media source-interface FastEthernet0/1.10 ! ! Configure the T1 settings on port 0 in subslot 3, slot 0 to use the correct modes for the ISDN switch and to use only the first 6 channels on the T1 PRI (due to limited DSP resources on our routers) controller T1 0/3/0 framing esf linecode b8zs clock source line pri-group timeslots 1-6 ! ! Prevent any connections to the router's SIP port from the outside network ip access-list extended block-sip-outside ! change the next two lines to have the correct outside IP address for your router deny tcp any host 172.17.144.XX eq 5060 deny udp any host 172.17.144.XX eq 5060 permit ip any any ! ! Prevent any connections to the router's SIP port from the inside EXCEPT from the Asterisk server ip access-list extended block-sip-inside permit udp host 192.168.10.3 host 192.168.10.1 eq 5060 deny tcp any host 192.168.10.1 eq 5060 deny udp any host 192.168.10.1 eq 5060 permit ip any any ! ! Apply the outside ACL interface FastEthernet0/0 ip access-group block-sip-outside in ! ! Apply the inside ACL interface FastEthernet0/1.10 ip access-group block-sip-inside in ! ! Send calls to any phone number received by the router (from Asterisk) to the PSTN over the T1. ! Note this is why we need the ACLs to only allow access from Asterisk, otherwise anyone could send a SIP call to the router out over our T1 which could cause us to be charged! dial-peer voice 1 pots description Calls from Asterisk to PSTN destination-pattern .T port 0/3/0:23 ! ! Send calls to 510555ZZ.. numbers to the Asterisk server using SIP to route further dial-peer voice 2 voip description Calls from PSTN to Asterisk ! change the two ZZs in the next line to match the incoming numbers for your pod (the last two characters should be periods to match any number) destination-pattern 510555ZZ.. session protocol sipv2 ! The IP in the next line should be the internal network IP of your Asterisk server session target ipv4:192.168.10.3:5060 incoming called-number .T dtmf-relay rtp-nte codec g711ulaw no vad ! dial-peer voice 3 pots description Passes inbound calls from PSTN on to dial peer 2 which will send them to Asterisk ! change the two ZZs in the next line to match the incoming numbers for your pod (the last two characters should be periods to match any number) incoming called-number 510555ZZ.. direct-inward-dial port 0/3/0:23 !
Document Build Time: 2024-10-30 23:55:41 UTC
Page Version: 2024.01
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License