Deployment of UCX in a Network

  • Printer-friendly version
  • EPUB version

Network Parameters

UCX Server is a network device that will be connected to your local area network (LAN). You must select a fully qualified domain name (FQDN) for this device and an IP address that will be used by the device. You should also prepare network configuration parameters that will be used for the configuration of the UCX Server's network adapter.

UCX Server can be configured to act as a DHCP client (thus obtaining the IP address and network configuration parameters from the DHCP server on your LAN). If you want to use the DHCP client configuration, you would have to ensure that all telephones will be able to locate the UCX system. This can be achieved in several ways (for example by using your DHCP server to provide the server address for telephones or by using the UCX system's domain name in the configuration of telephones). For certain types of telephones the IP address of the server is required (the server name is not accepted).

To simplify the configuration of telephones, we recommend either the use of a static IP address for your UCX Server or using an association of the MAC address of the UCX Server with a specific IP address from the IP address pool of your DHCP server. Both of these options ensure that the IP address of your UCX Server will not change and reconfiguration/reboots of telephones will not be required.

The remote access server assigns virtual IP addresses ranging from 10.80.0.0 to 10.95.255.255 for remote systems. To avoid IP address conflicts, do not use IP addresses in the same range for your UCX system.


The following table provides a list of network configuration parameters that you should prepare:

Parameter

Default Value

Selected Value

Host name

localhost.localdomain

___________________________ (FQDN)

IP address type

Static

Static / DHCP

Static IP address

192.168.1.200

_____.____.____._____

Subnet mask

255.255.255.0

_____.____.____._____

Gateway IP address

192.168.1.1

_____.____.____._____

Primary DNS Server

 

_____.____.____._____

Secondary DNS Server

 

_____.____.____._____

If you have a UCX20, UCX50 or UCX250, the Front Panel Display (FPD) will show the assigned IP address. If "No IP Address" is displayed, this is an indication that there is an IP address conflict or DHCP mode is selected and there is no DHCP server.

See Using the FPD to reset network configuration for details on how to reset your UCX Server's network configuration back to factory default.

Other Network Considerations

The UCX software supports multiple ethernet network interfaces. Typically, for UCX-Virtualizion and UCX-Cloud deployments, only a single network interface is assigned to the instance, in which case all telepehony and management traffic will use that single interface, which will be designated as Ethernet 0 in the UCX Wed-based Configuration Utility.
 

Galaxy hardware platforms are equipped with either two or three ethernet network interfaces that are identified as Ethernet 0Ethernet 1, and Ethernet 2 (when available). Any of these interfaces can be used for telephony communication, including voice and signaling traffic for other Galaxy peripherals such as digital phone traffic via a DSM16, PRI, FXO or FXS ports on gateway hardware or IP Phones as well as management-related traffic. Therefore, even with multiple network interfaces ports available, just a single interface can be configured and connected tot he customer's LAN infrastructure. In most cases the UCX documentation is based on using Ethernet 0 configured to connect to the customer LAN which in turn connects to the customers' connection to the public internet.

In scenarios when there is a requirement to connect Ethernet 1 or Ethernet 2 to the customer LAN and public internet, then that interface should be configured prior to configuring Ethernet 0, pointing the Default Gateway, DNS servers, and IP address as appropriate for that connection. You can verify the connection by activating the Remote Addccess for VPN and downloading software updates from the E-MetroTel repository. Once configured, you may configure the Ethernet 0 interface to connect to your Telephony LAN. Note, however, that the distinction is merely the physical connection point to the network. All other functionality remains the same.

Separate Voice LAN
The following diagram shows how UCX can be deployed in a network with a separate LAN for voice traffic. In the following diagram the Galaxy i5 (v2) or 2930 processor card has been connected to the Management LAN (192.168.10.200) using the front Ethernet interface on the processor card itself.  Ethernet 0 (192.168.1.200) on the backplane of the processor card is used for the connection to the Telephony LAN which includes any telephony cards in the Galaxy chassis. The actual physical connection to the rest of the Telephony LAN devices is via either of the ethernet switch ports on the SFS card.

The advantages of having a separate voice network is improved voice quality and reliability, better security and problem isolation. See Configure a Second Network Port for configuration instructions.
Telephony LAN.png

Adding Local Subnets to Do Not Block list

The UCX feature IP Block List is a security application that monitors the UCX system and temporarily blocks IP addresses that attempt to break into your system. If the UCX detects unauthorized attempts to connect to the system using the Web Server, Secure Shell, or Telephony interfaces, it will block all connections from the subnet of the source IP Address. For example, if a user on one of the local subnets attempts to log into the UCX Web-based Configuration Utility and reaches the threshold set for invalid connection attempts, then all users on that subnet will be blocked until the block timer has expired. Similarly, if a user or service provider SIP account is configured with the wrong password the subnet entire subnet will be blocked when the number of invalid connection attempts is reached. Therefore, it is advisable that you add either the specific IP addresses of local devices that you wish to communicate with the UCX or that you add the entire subnet(s) to the feature's Do Not Block settings as part of your initial setup.

Disable SIP ALG

On the network that routes UCX voice (SIP) traffic, we require SIP ALG be disabled. Most commercial routers have SIP ALG enabled by default. Please check the manufacturer's handbook for your device on how to disable SIP ALG. (See Unexpected call failures and registration problems for details.)