Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

UC320W Multisite

Just strike my mind, since it support SIP Trunking..... how about I get one Linux base SIP server to let my brances UC320W to connect to my SIP server?

It is the possible way of building UC320W to support multisite?

16 REPLIES
Community Member

UC320W Multisite

Hi,

While this may work technically, the key pieces that will be missing that is expected from your customer is the private dialplan between sites, internal caller id, voicemail integrations, etc.  The UC500 series is the best bet for multisite at this time.

Chris

Community Member

UC320W Multisite

Hello Christopher,

Realise it is not the proper forum, however please allow me to pose a UC320W related question.

Since Installation of uc320w as  point of entry of all data comm to our remote office , it appears that certain ports are blocked. We opened the ports 6180-6188 on the port forwarding page of the UC320 to no avail. Also opened 5900 and 548, which are working fine. ISP swears it is not blocking the ports but have asked us to confirm with Cisco that these ports are open on the device when so programmed ..??

Many Thanks for your time.

Erick

Community Member

UC320W Multisite

Erick,

THe UC320 is not designed to be a firewall, you really need to place a firewall between the switch and your ISP router.

Community Member

UC320W Multisite

Hi jon,

Appreciate that, does that mean that it is therefore that some prts are open and some are not. A firewall upstream would facilitate that passage of port assigned packets to the right address? If so switching on the FW on the Modem should solve the problem?

many Thanks,

Erick

Community Member

UC320W Multisite

That depends on how you are routing your internet traffic. 

It should be as follows:

ISP ROUTER

to

FIREWALL

to

SWITCH

to

UC320W

With the firewall deciding what should be allowed in or out.  If you decide to use the basic firewall within your ISP router then you should have the switch connected to that and the 320 off the switch as with all other devices.

If you have the cabling as follows:  One cable from ISP router to 320 then using 320 as switch to provide your other devices that is not recommended.

Community Member

UC320W Multisite

It is the latter setup that I have, since it followed the instruction of the UC320 documentation ( or from what I understood it to be) - being recommended as the only DHCP server on the network. Would that still work as a DHCP server router if I connect a switch upstream?

Many thanks

Community Member

UC320W Multisite

Yes, a switch without VLANs works transparently across all ports so all devices on that switch see all other devices (assuming same subnet!).

Community Member

UC320W Multisite

Great I will try that. Still don't understand why the UC320 let's certain traffic through and not others. Support here in the Virgin Islands is fairly thin and the ISP is scratching their collective heads over this... Unfortunately I am not physically on site and fear that to do this remotely -with the help of a non trained assitant- would be asking for trouble....Many Thanks for your help.

Kind Regards

- Erick

Community Member

UC320W Multisite

Hi Erick,

There are several deployment options (network topologies) for the UC320W.  In the simplest network, the UC320W connects to the modem device (or WAN side firewall) and all phones & PCs are deployed LAN side of the UC320W.  In this case both the voice VLAN and data VLAN are NATed.  For a device on the internet to reach a PC or server on the LAN side a specific port forwarding rule must be added via the UC320W Confguration Utility.  As a general rule all ports are closed on the WAN side unless you have enabled a service (SIP trunk, remote access etc).

If your network topology has more advanced requirement VPN for PCs or more advanced DMZ/port forwarding etc, there is a document on deploying the UC320W in an existing network: 

http://www.cisco.com/web/partners/sell/smb/tools_and_resources/unified_communications_300.html

If you are deploying the UC320W with a Microsoft Small Business Server as the DHCP server for the network there is this document:

https://supportforums.cisco.com/docs/DOC-15378

Hope this helps!

Chris Edgeworth

Community Member

UC320W Multisite

Dear Chris,

Many thanks for taking your time to look into this.

The set up is indeed ADSL Modem (in and external static IP addres) to UC320W, as DHCP server to both voice and data VLAN.

Port forwarding through the UC320W works fine for ports 548 and 5900 to our MacOS Server (with Firewall enabled) and also to a Security DVR at 8076. However while ports 3283 6180-6188 are also opened in the UC320W they appear blocked from outside. Internal computers both with static as well as DHCP adresses talk fine to the server on the internal network provided by the UC320W.

I am unable to review the tools and resouces link as I have not enough privileges..

If you can think of anything or any body that could help with this-I would be greatful.

Many Thanks,

Erick Oeseburg

Cisco Employee

UC320W Multisite

Hello Erick,

Just to make sure that it is not the ISP who is blocking the ports, would it be possible to connect a PC to the WAN interface (may be during a downtime) and try accessing the ports? That will help us verify if the UC is allowing those ports or not.

Thanks,

Nagaraja

Community Member

UC320W Multisite

Hello Nagaraja,

I will do that, the ISP reps are adamant that these porst are not blocked, however I think they must be. They assigned me a new IP static address  XXX.XXX.XX.XX/30 and since that time these ports are blocked previously I had a single IP address and I had no such issues.. In any case I will try.

Many Thanks

Erick Oeseburg

Community Member

UC320W Multisite

Hi Erick,

If you are comfortable using Wireshark to look at packet captures, you could use a USB key in the UC320 and use the TCPdump tool found under Status -> Support Tools -> TCP dump.  First I would capture on the WAN port, generate your traffic on the ports you are trying to access, then load the capture in Wireshark and see if you see the incoming traffic on those ports.  If you see the traffic there, then the ISP is probably letting it through.  The next step if you see the traffic is to now capture on the Data VLAN and generate your traffic again.  This time look for the traffic to your forwarded address (and port).

If you aren't comfortable with the tool, a quick call into the Small Business Support Center and they should be able to help you look at the captures to see what is happening.

Hope this helps.

Chris

Community Member

UC320W Multisite

Thanks Chris,

I will do that, unfortunately I am traveling at the moment, will find a way to do it..

Thanks again,

Erick Oeseburg

735
Views
0
Helpful
16
Replies
CreatePlease to create content