This is another tutorial from the series of VOIP tutorials that describe building VOIP home lab based on Cisco Unified Communications Manager. A network topology is here.
So far we have finished configuration all of network devices, servers, Cisco IP phones and end-stations located in the Branch office LAN network. As a result, we can make phone call from Cisco IP Communicator - CIPC (extension 3000) to Cisco IP phone 7961G (extension 3001) and vice versa. Now it is time to connect the Branch office to Headquarters in order to perform phone calls between two remote sites. But first Headquarters network infrastructure and all devices connected to this network has to be configured. Fortunately this configuration is very similar to the configuration that we previously done for Branch office. So we will only discuss things which are new or slightly different and need further explanation. When we finish Headquarters configuration we will later focus on connecting Branch and Headquarters sites.
Let's assume that we successfully installed VMware Workstation on Fedora Linux, installed Windows 7 on virtual machines and Cisco IP Communicators on Windows. After that we continued with Open vSwitch installation and configuration and created new VM network interfaces. We paired assigned these interfaces with particular virtual machines according Headquarters network topology. Basically these are the same configuration tasks we did for Branch office but reflecting specific Headquarterss configuration.
From now Headquarters configuration is different as we are going to use Cisco router 2621XM instead of Cisco Catalyst 3550 switch to connect Headquarters to the rest of our network. Cisco 2621XM is connected to the laptop with installed Fedora Linux via its FastEthernet 0/1 interface. To allow routing between traffic from different VLANs router must be configured as what is called router-on-the-stick configuration. We have not done yet such as as configuration so the tutorial discuss it.
At the end of tutorial we will configure static routing on Belkin N+ router in order to teach Belkin how to reach Headquarters networks.
Cisco 2621XM Configuration
1. Restore Router to Factory Default Settings
a) Start a terminal emulation program - Minicom
$ sudo minicom
b) Erase startup-configuration file
Router>en
Router#erase startup-config
Reboot the router
Router#reload
2. Secure Switch Management
As we configure a network device that is part of our home lab network we will use a dictionary username admin and password cisco. Likewise we will set session timeout 0 for console and vty lines so session timeout never expires.
a) Configure the Hostname, enable secret password and create a new user
Router>en
Router#conf t
Router(config)#hostname 2621XM
2621XM(config)#enable secret cisco
2621XM(config)#username admin secret cisco
b) Restrict access to console port
2621XM(config)#line console 0
2621XM(config-line)#login local
2621XM(config-line)#exec-timeout 0
2621XM(config-line)#logging synchronous
c) Configure ssh version and generate RSA public and private keys
2621XM(config)#ip ssh version 2
2621XM(config)#ip domain-name homelab.net
2621XM(config)#crypto key generate rsa
d) Configure secure access to vty lines
2621XM(config)#line vty 0 15
2621XM(config-line)#login local
2621XM(config-line)#transport input ssh
2621XM(config-line)#exec-timeout 0
2621XM(config-line)#logging synchronous
3. Router-on-the-stick
a) Create virtual sub interfaces
22621XM(config)#interface fastEthernet 0/1
2621XM(config-if)#no shutdown
2621XM(config-if)#exit
2621XM(config)#interface fastEthernet 0/1.10
2621XM(config-subif)#description Link to Open vSwitch VLAN 110
2621XM(config-subif)#encapsulation dot1Q 110
2621XM(config-subif)#ip address 192.168.110.254 255.255.255.0
2621XM(config-subif)#no shutdown
2621XM(config-subif)#interface fa 0/1.11
2621XM(config-subif)#description Link to Open vSwitch VLAN 111
2621XM(config-subif)#encapsulation dot1Q 111
2621XM(config-subif)#ip address 192.168.111.254 255.255.255.0
2621XM(config-subif)#no shutdown
2621XM(config-subif)#interface fa 0/1.20
2621XM(config-subif)#description Link to Open vSwitch VLAN 200
2621XM(config-subif)#encapsulation dot1Q 200
2621XM(config-subif)#ip address 192.168.200.254 255.255.255.0
2621XM(config-subif)#no shutdown
2621XM(config-subif)#exit
b) Configure uplink interface to Belkin router
2621XM(config)#interface fastEthernet 0/0
2621XM(config-if)#description Link to Belkin
2621XM(config-if)#ip address 172.18.100.200 255.255.0.0
2621XM(config-if)#no shutdown
2621XM(config-if)#exit
4. Static default route, Name server, NTP server and DHCP server
a) Add a static default route to the router routing table
2621XM(config)#ip route 0.0.0.0 0.0.0.0 172.18.100.1
b) Configure router to use Belkin router as DNS server
2621XM(config)#ip name-server 172.18.100.1
c) Configure public NTP server
2621XM(config)#ntp server 0.sk.pool.ntp.org
d) Create a new timezone and configure offset
2621XM(config)#clock timezone UTC+1 -23
e) Create a new DHCP pool for voice subnet
2621XM(config)#ip dhcp pool Voice
2621XM(dhcp-config)#network 192.168.110.0 /24
2621XM(dhcp-config)#default-router 192.168.110.254
2621XM(dhcp-config)#dns-server 172.18.100.1
2621XM(dhcp-config)#option 150 ip 192.168.200.252
f) Create a new DHCP pool for data subnet
2621XM(config)#ip dhcp pool Data
2621XM(dhcp-config)#network 192.168.111.0 /24
2621XM(dhcp-config)#default-router 192.168.111.254
2621XM(dhcp-config)#dns-server 172.18.100.1
g) Create a new DHCP pool for management subnet
2621XM(config)#ip dhcp pool Management
2621XM(dhcp-config)#network 192.168.200.0 /24
2621XM(dhcp-config)#default-router 192.168.200.254
2621XM(dhcp-config)#dns-server 172.18.100.1
2621XM(dhcp-config)#do write
h) Configure IP address excluded ranges
The following IP address subnets will be excluded from DHCP offer.
2621XM(config)#ip dhcp excluded-address 192.168.110.240 192.168.110.254
2621XM(config)#ip dhcp excluded-address 192.168.111.240 192.168.111.254
2621XM(config)#ip dhcp excluded-address 192.168.200.240 192.168.200.254
2621XM(config)#do write
Belkin N+ Router Configuration
To make Headquarters subnets 192.168.110.0/24, 192.168.111.0/24 and 192.168.200.0/24 reachable from the subnet 172.18.0.0/16 the static routes pointing to these subnets must be added to Belkin routing table. The subnets will be reachable via IP address 172.18.100.200/16 configured on router 2621XM interface FastEthernet 0/0. Subnets 192.168.110.0/24 and 192.168.111.0/24 can be summarized with one subnet 192.168.110.0/23 and added to Belkin routing table.
Below is the complete Belkin static routes configuration. This configuration ensures full connectivity between Headquarters and Branch office networks.
Picture 1 - Static Routes Configured on Belkin Router
There’s definately a lot to learn about this topic. I love all the points you’ve made and describe all commands step by step.