Monday, August 24, 2015

VoIP-Cisco Unified Communications Manager Express (CUCME)


Introduction:

 In this lab, I will introduce you how to configure Cisco Unified Communications Manager Express (CUCME) in a basic two site topology. You'll learn how to create vlan, configure trunk ports and switch ports as well as provide power supply to the IP Phones using PoE on switches. Moreover, You'll also learn how to configure DHCP, enable VoIP service and create directory numbers (DNs) on each router. Especially, you will have an opportunity to learn how to configure site-to-site calling (H323 trunk) so we are able to make call between Site A and Site B.

Network Topology:


Figure 1: Lab Topology.
 Equipment List:

- Site A:
RouterA1: Cisco router 2811.
SwitchA1: Cisco switch 3560-24PS
IP phoneA1, and A2: Cisco IP Phone 7960
PC A1

- Site B:
RouterB1: Cisco router 2811.
SwitchB1: Cisco switch 2960-24T
IP phoneB1, and B2: Cisco IP Phone 7960
Home VoIPB1: Analog Telephone Adapter (ATA)
Analog PhoneB1: Cisco Analog phone.
PC B1

Configuration:

 Step 1: Build the lab Topology.
  Build the lab topology as the figure 1. Note that the IP Phones at site A will be receiving Power over Ethernet (PoE) from the Switch (3560) but the IP Phones at site B should be configured with Power Supply.

Step 2: Perform basic device configuration.
- On each router and switch:
•  Set the hostname as indicated on the topology diagram
•  Set the enable secret to class
•  Disable DNS lookups
•  Set a Telnet and Console password of cisco 
•  Set IP addresses as indicated on the above chart
- On each switch:
•  Create VLAN 10 with the name VOICE
•  Create VLAN 20 with the name DATA
•  Create VLAN 99 with the name MANAGEMENT
- On each PC:
•  Configure to receive IP address via DHCP

*  Site A configuration:
Switch 3560:
Switch(config)#hostname SwitchA1
SwitchA1(config)#no ip domain lookup
SwitchA1(config)#line console 0
SwitchA1(config-line)#password cisco
SwitchA1(config-line)#exec-timeout 0 0
SwitchA1(config-line)#exit
SwitchA1(config)#line vty 0 4
SwitchA1(config-line)#password cisco
SwitchA1(config-line)#login
SwitchA1(config-line)#exit
SwitchA1(config)#enable secret class 
SwitchA1(config)#vlan 10
SwitchA1(config-vlan)#name VOICE
SwitchA1(config-vlan)#vlan 20
SwitchA1(config-vlan)#name DATA
SwitchA1(config-vlan)#vlan 99
SwitchA1(config-vlan)#name MANAGEMENT
SwitchA1(config-vlan)#exit
SwitchA1(config)#int vlan 99
SwitchA1(config-if)#
%LINK-5-CHANGED: Interface Vlan99, changed state to up
SwitchA1(config-if)#ip address 172.16.99.2 255.255.255.0

 Router 2811:
Router#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#hostname RouterA1
RouterA1(config)#enable sec class
RouterA1(config)#no ip domain lookup
RouterA1(config)#line con 0
RouterA1(config-line)#pass cisco
RouterA1(config-line)#exec-timeout 0 0
RouterA1(config-line)#exit
RouterA1(config)#line vty 0 4
RouterA1(config-line)#pass cisco
RouterA1(config-line)#login
RouterA1(config-line)#exit
RouterA1(config)#int fa0/1
RouterA1(config-if)#ip address 10.0.0.1 255.255.255.0
RouterA1(config-if)#no shut
%LINK-5-CHANGED: Interface FastEthernet0/1, changed state to up
RouterA1(config-if)#int fa0/0
RouterA1(config-if)#no shut
%LINK-5-CHANGED: Interface FastEthernet0/0, changed state to up
RouterA1(config-if)#int fa0/0.10
%LINK-5-CHANGED: Interface FastEthernet0/0.10, changed state to up
RouterA1(config-subif)#encapsulation dot1Q 10
RouterA1(config-subif)#ip address 172.16.10.1 255.255.255.0
RouterA1(config-subif)#no shut
RouterA1(config-subif)#int fa0/0.20
%LINK-5-CHANGED: Interface FastEthernet0/0.20, changed state to up
RouterA1(config-subif)#encapsulation dot1Q 20
RouterA1(config-subif)#ip address 172.16.20.1 255.255.255.0
RouterA1(config-subif)#no shut
RouterA1(config-subif)#int fa0/0.99
%LINK-5-CHANGED: Interface FastEthernet0/0.99, changed state to up
RouterA1(config-subif)#encapsulation dot1Q 99 native
RouterA1(config-subif)#ip address 172.16.99.1 255.255.255.0
RouterA1(config-subif)#no shut

 Switch 2960 and router 2811 are configured similarly on site B.

Step 3: Configure DHCP service on the Routers.
  The VoIP devices and PCs need to receive IP addressing information by DHCP. Each router will need to act as the DHCP server for its location. We will be separating the voice and data networks at each location so we will need two DHCP pools. The special DHCP option 150 is used to send the CUCME address to the VoIP devices so they can register and receive configuration information. Even though this option is only required on the Voice VLAN we have included it on the Data VLAN in case soft-phones are ever used on the PCs. 
  The commands to setup the DHCP pools on RouterA1 are given below. You will have to modify them as appropriate for RouterB1 and apply them there as well.

RouterA1(config)#ip dhcp pool VOICE
RouterA1(dhcp-config)#network 172.16.10.0 255.255.255.0
RouterA1(dhcp-config)#default-router 172.16.10.1
RouterA1(dhcp-config)#option 150 ip 172.16.10.1
RouterA1(dhcp-config)#exit
RouterA1(config)#ip dhcp pool DATA
RouterA1(dhcp-config)#network 172.16.20.0 255.255.255.0
RouterA1(dhcp-config)#default-router 172.16.20.1
RouterA1(dhcp-config)#option 150 ip 172.16.10.1

Step 4: Enable basic VoIP service on each router:
 The DHCP option 150 instructs the VoIP devices receiving addresses to contact the router for registration and configuration information. We must next configure the router to provide voice service to those devices. Enable the VoIP service and set the maximum number of VoIP devices and directory numbers to 5 on each router. We will also allow phones to self-register and get an extension number automatically from directory numbers 1-5. Finally, the outgoing IP and port number for VoIP traffic from the router must be selected. The example configuration commands for RouterA1 are given below. Modify and apply to router B1 as well. 

RouterA1(config)#telephony-service
RouterA1(config-telephony)#max-ephones 5
RouterA1(config-telephony)#max-dn 5
RouterA1(config-telephony)#auto-reg-ephone
RouterA1(config-telephony)#auto assign 1 to 5
RouterA1(config-telephony)#ip source-address 172.16.10.1 port 2000

Step 5: Configure the pool of directory numbers on each router. 
  Each site will have a unique pool of directory (extension) numbers for each phone. On physical equipment it is possible to have overlapping dial plans (the same extension numbers duplicated at both sites) and then use a special prefix to dial between sites, but this is not supported by Cisco Packet Tracer simulation tool. We will need to ensure that each phone in the topology has a unique number. The numbers at site A will all start with 4xxx and at site B they should all start with 5xxx. Below is the configuration for one of the directory numbers at site A. Create enough (correctly numbered) directory numbers at each site to support all of the VoIP devices at that site.

RouterA1(config)#ephone-dn 1
RouterA1(config-ephone-dn)#%LINK-3-UPDOWN: Interface ephone_dsp DN 1.1, changed state to up
RouterA1(config-ephone-dn)#number 4001
RouterA1(config-ephone-dn)#ephone-dn 2
RouterA1(config-ephone-dn)#%LINK-3-UPDOWN: Interface ephone_dsp DN 2.1, changed state to up
RouterA1(config-ephone-dn)#number 4002

Step 6: Configure switch interfaces. 
 Trunk Ports: 
Configure an 802.1Q trunk link from FastEthernet 0/1 on each switch to the router. 
Access Ports: 
 All of the remaining ports on each switch should be configured as access ports in the DATA VLAN and should have PortFast enabled. The ports should all be shutdown for security reasons unless they have a device plugged into them. Enter this configuration as you normally would on the switches at both sites. Remember that there are shortcuts to configuring multiple interfaces on a switch the same way. Because we want to have our IP phones on a different VLAN than our PCs we need to perform a special configuration on all the access switch ports to turn them into two VLAN trunks when IP phones are identified by CDP. Leave the ports in switchport mode access but add a special second VLAN to them for voice traffic.

SwitchA1(config)#int fa0/1
SwitchA1(config-if)#switchport trunk encapsulation dot1q
SwitchA1(config-if)#switchport mode trunk
SwitchA1(config-if)#int range fa0/2-24
SwitchA1(config-if-range)#switchport access vlan 20
SwitchA1(config-if-range)#switchport mode access
SwitchA1(config-if-range)#switchport voice vlan 10
SwitchA1(config-if-range)#spanning-tree portfast
%Warning: portfast should only be enabled on ports connected to a single
host. Connecting hubs, concentrators, switches, bridges, etc... to this
interface when portfast is enabled, can cause temporary bridging loops.
Use with CAUTION
%Portfast will be configured in 23 interfaces due to the range command
but will only have effect when the interfaces are in a non-trunking mode.
SwitchA1(config-if-range)#
  At site A we also need to provide power to the IP phones using PoE:

SwitchA1(config-if-range)#power inline auto
 Because SwitchA1 does not support port-security so I couldn't configure this feature on this switch. However, you can do it on SwitchB1 as below:

SwitchB1(config)#int rang fa0/2-24
SwitchB1(config-if-range)#switchport port-security 

Step 7: Test the configuration.
 At this point you should have enough configuration done for communications within each site to be working so this is a good place to stop and test your work. The first thing to check is to ensure all your devices have IP addresses in the appropriate subnets. Note that after you enable all the ports it will take some time for all the devices to attempt requesting a DHCP address again so if you don’t see addresses right away wait a couple minutes and check again. You can easily check the addresses of IP phones and PCs by hovering your mouse over the device in PT (Packet Tracer) and checking the listed IP and gateway addresses. You can further check connectivity by pinging one of the interfaces on the router at the same site from each PC. Once your IP phones have IP addresses they should automatically contact the CUCME software running on the router (using the option 150 address), register, and get an extension number. You can verify the extension number of each IP phone by hovering your mouse over the phone and looking for a Line Number or by opening the phone and checking on the upper right of the display on the GUI tab. Note that the Analog Telephone Adapter (ATA) at site B does not use DHCP option 150 to find the CUCME server. You will have to enter the correct server address on the Config tab of the ATA before the analog phone will receive an extension number. Once all your devices have extension numbers you can try placing a call between devices at the same site. Click on one of the IP phones and switch to the GUI tab. Open up the same window for another IP phone at the same site and place it next to the first window so you can see both phones at the same time. Enter the extension number of the other phone on the dial pad of one phone and click on the receiver to place the call. The other phone should indicate that it is ringing and the number of the extension which is calling should appear on the display. Click the receiver on this phone to answer the call. The display should now show the phones are Connected. If you look to the upper right of each phone (you may have to scroll over to the right) you should see Do, Re, Mi buttons. Pressing one of these simulates talking into the phone. If you press one you should see a message above the phone you are connected to like Playing ‘Do’… for a short while after you press it. This indicates the connection between the phones is working properly.
 Now, I will try to make a local call on site A from IP Phone with ext. 4001 to the IP Phone with ext. 4002.


Then, off-hook the phone with ext. 4002


Step 8: Configure site-to-site calling (H323 trunk).
 To enable site-to-site dialing we must make each of the two CUCME systems aware of the other so that they can facilitate a connection between phones. Even though the CUCME systems manage the connection the voice traffic is not required to flow through them (though it does in this topology when a call is being made site-to-site). Because of this the first thing we need to do is make sure that every device at each site will be able to reach all of the devices at the other site. Add the appropriate routes to each router to enable routing between the sites. The most best way to do this is with a single /16 summary route on each of the routers to manually summarize the addresses found at the other site. Once you have the appropriate routes installed and have tested by successfully pinging from the PC at one site to the PC at the other site we need to setup VoIP call routing between sites. This link is made by what is called a dial-peer which identifies specific destination extensions and directs them to another CUCME server in much the same way a routing table works for IP traffic. We must also identify what extension numbers to direct to the other server, something done with a destination-pattern. Examine the dial-peer configuration given for RouterA1 below and then enter it into RouterA1.

RouterA1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
RouterA1(config)#router rip
RouterA1(config-router)#version 2
RouterA1(config-router)#network 172.16.0.0
RouterA1(config-router)#network 10.0.0.0
RouterA1(config-router)#no auto
RouterA1(config-router)#dial-peer voice 1 voip
RouterA1(config-dial-peer)#destination-pattern 5...
RouterA1(config-dial-peer)#session target ipv4:10.0.0.2

  This will identify all extensions which start with a 5 followed by three other digits and direct them to the CUCME server running on RouterB1. Make the appropriate changes to this configuration and then apply it to RouterB1 to allow the VoIP devices at site B to call site A as well.
 Test your configuration by calling from site A to site B and from site B to site A.
 Now, I will try to make a remote call from IP Phone with ext. 4001 on site A to the IP Phone with ext. 5001 on site B.


Then, off-hook the phone with ext. 5001.


Now, I will try to make a remote call from IP Phone with ext. 5002 on site B to the IP Phone with ext. 4002 on site A.


Then, off-hook the phone with ext. 4002.


Well-done! Now, I want to challenge you by making some or all of these modifications to what you have done so far: 
•  Add another VoIP device (IP phone or ATA) to site A 
•  Setup specific devices to receive specific extension (directory) numbers. For example, make sure that IP Phone A1 always receives extension 4001 and IP ATA B1 always receives extension 5003 
instead of allowing devices to auto register. Hint: Exploring your running configurations on the routers after you have everything working should provide some hints about how to do this. 
•  Setup a multiuser Packet Tracer configuration and enable calling between your two sites and a 
partner’s two sites 
•  Add a third site and enable calling between all three sites 
•  Add quality of service (QoS) to the network to prioritize voice traffic over data traffic 

Conclusions:
 In this lab, you've learned how to build a lab to make call from site to site by using function CUCME on Cisco router. Specifically, you learned how to create vlan, configure trunk ports and switch ports as well as provide power supply to the IP Phones using PoE on switches. Moreover, you also learned how to configure DHCP, enable VoIP service and create directory numbers (DNs) on each router. Finally, you learned how to configure dynamic routing protocol RIPv2 and dial-peer on each router so we can make call from site to site by using H323 trunk.

1 comment:

  1. I appreciate you posting this. I have been trying to figure out how the system works for some time now. My company uses VoIP and I think I am the person who is most thrilled about it. I guess that is why I should have gone into IT rather than human resources. I like what I do, but sometimes wonder.

    Raymond Wood @ Datastream Communications, LLC

    ReplyDelete