Cisco Hosted Unified Communication Services Provisioning Guide Release 7.1(a) - Provisioning NAT/PAT Support [Cisco Hosted Unified Communications Services]

Table Of Contents

Provisioning NAT/PAT Support

Support for NAT/PAT

Support for NAT/PAT Through Autoregistration of IP Phones

Supported Scenarios for DHCP Services

How IP Phone Autoregistration Provides NAT/PAT Support

Limitations in Support for NAT/PAT

Provisioning Unified CM to Support NAT/PAT

Auto-registration

Configuring Auto-registration

Provisioning USM to Support NAT/PAT

Configuring USM Webmin

Configuring DHCP Services on an External Server

USM DHCP Configuration

USM Provider Configuration

USM Customer Configuration

USM Location Administration

Provisioning NAT/PAT Support

This chapter describes the steps required to configure the Hosted UCS platform when a Cisco NAT/PAT router or firewall connects the IP phones and the VOSS USM server. This functionality was tested in Hosted UCS Release 5.1(b), Maintenance Release 1 (MR1). This chapter includes the following sections:

•Support for NAT/PAT

•Provisioning Unified CM to Support NAT/PAT

•Provisioning USM to Support NAT/PAT

Support for NAT/PAT

This section describes support for NAT/PAT through autoregistration of IP phones when VOSS USM and the DHCP server are connected by a Cisco router or firewall providing NAT/PAT services. It includes the following topics:

•Support for NAT/PAT Through Autoregistration of IP Phones

•Supported Scenarios for DHCP Services

•How IP Phone Autoregistration Provides NAT/PAT Support

•Limitations in Support for NAT/PAT

Support for NAT/PAT Through Autoregistration of IP Phones

In Hosted UCS deployments before Release 5.1(b), MR1, DHCP services were always managed directly by VOSS USM. USM depended on IP address information from the DHCP server to determine the location of phones, and this was a dependency for the USM AutoMove feature.

When USM manages DHCP services, Hosted UCS supports a centralized pool of DHCP servers for each customer. Two customer locations in different subnets connected to a common PAT router cannot be supported because USM associates every location with an IP address subnet. As a workaround, separate IP address pools can be created on the PAT router. However, if the DHCP server and USM server are separated by a NAT/PAT router, this scenario is not supported.

Note If two locations share the same subnet, phones cannot auto-register using the shared subnet. Configuration of shared subnets through the USM GUI is disabled in Release 5.1(b), MR1, but may still occur using bulk loaders.

Hosted UCS Release 5.1(b), MR1, now supports DHCP services that are not managed by USM. This allows the DHCP server to be separated from the USM server by a Cisco NAT/PAT device, such as a Cisco IOS software router, PIX firewall, or Adaptive Security Appliance (ASA). In this scenario, information required for the USM AutoMove feature is received through the syslog messages provided by the Unified CM Server.

Supported Scenarios for DHCP Services

USM now supports DHCP services in the following scenarios, using auto-registration provided by the Unified CM server:

•DHCP services managed by USM, running on the USM server

•DHCP services managed by USM, running on an external server

•DHCP services unmanaged by USM, running on an external server

•DHCP services unmanaged by USM, running on an external server separated by a Cisco NAT/PAT device (see Figure 1).

Scenarios that are still unsupported are described in "Limitations in Support for NAT/PAT" section.

Figure 1 Unmanaged DHCP with Support for NAT/PAT (IP Phone Autoregistration)

How IP Phone Autoregistration Provides NAT/PAT Support

As shown in Figure 1, when the USM server receives a syslog message from Unified CM, the AutoReg service picks it up from the log and triggers the AutoCCMNewPhone transaction in USM. This transaction performs the following steps:

1. The transaction looks up the MAC address in the phone inventory and if the phone is missing, adds the phone to the inventory at the provider level.

2. If USM has not identified a location for the phone, the transaction initiates an AutoMove transaction to move the phone to the correct location in an unregistered state.

3. If the IP address received in the syslog message from Unified CM does not match the IP address in USM, the transaction updates the USM database with the new IP address.

4. If the phone is not registered in the location and the Auto-register option is selected, the transaction registers the phone.

This completes the transaction and the phone is fully registered in USM with an allocated extension number.

USM performs all four steps when a new phone is added and Auto-register is turned on for the location. If the IP address for an existing phone is changed, only Step 3 occurs.

Limitations in Support for NAT/PAT

When the DHCP service runs on an external server and is managed by USM, the DHCP server and the USM server cannot be separated by a NAT/PAT device.

Currently, overlapping IP addresses are supported only if a separate DHCP server is used for each customer.

When USM manages the DHCP server, customer locations in different subnets connected to a common PAT router are not supported because USM associates every location with an IP address subnet. As a workaround, separate IP address pools can be created on the PAT router. However, if the DHCP server and USM server are separated by a NAT/PAT router, this scenario is not supported.

Provisioning Unified CM to Support NAT/PAT

This section describes the configuration required to provision the Unified CM server to support IP phones connected to the USM server through a Cisco NAT/PAT device. It includes the following topics:

•Auto-registration

•Configuring Auto-registration

Auto-registration

Auto-registration automatically assigns directory numbers to new devices as they connect to the IP telephony network. When auto-registration is enabled, a range of directory numbers is specified so that Cisco Unified CM can assign an unused number to each new phone that is connected to the network. As new phones connect to the network, Cisco Unified CM assigns the next available directory number in the specified range. After a directory number is assigned to an auto-registered phone, the phone is moved to a new location, and its directory number remains the same. This task is accomplished by sending the Unified CM syslog messages to the USM server. This automatically triggers a transaction that moves the phone to the location, as explained in the "How IP Phone Autoregistration Provides NAT/PAT Support" section.

Configuring Auto-registration

To configure auto-registration on the Unified CM server, complete the following steps:

Procedure

Step 1 Connect to the Unified CM server that you need to configure.

Step 2 Choose System > Cisco Unified CallManager.

Step 3 The system displays the screen shown in Figure 9-2.

Figure 9-2 Auto-registration - Unified CM Configuration

Step 4 Make sure that Auto-registration Disabled on this Cisco Unified CallManager is unchecked.

Perform this step for all the Unified CM servers.

Step 5 Choose System > Cisco Unified Call Manager Group.

Step 6 Enter the group used in the Name field and check Auto-registration Cisco Unified CallManager Group.

Step 7 Choose System > Enterprise Parameters Configuration screen.

Step 8 Choose the correct protocol (SIP or SCCP) from the Auto-registration Phone Control Protocol pull-down selection list.

Note Perform this step for Unified CM 5.1 and above. Unified CM 4.X supports only the SCCP protocol.

Step 9 To direct Unified CM Syslog Messages to the USM Server, select Cisco Unified CallManager > Alarm Configuration.

Step 10 In the Remote Syslogs section, type the IP address of the USM server in the Server Name field.

Step 11 Click Save.

Provisioning USM to Support NAT/PAT

This section describes the configuration required for the USM server when it is connected to IP phones by a Cisco NAT/PAT device. It includes the following topics:

•Configuring USM Webmin

•USM Provider Configuration

•USM Customer Configuration

•USM Location Administration

Configuring USM Webmin

To complete the configuration required using USM Webmin, complete the following steps:

Procedure

Step 1 Access USM Webmin.

Step 2 Choose VossManager Tools > VossManager configuration editor.

The system displays the screen shown in Figure 9-3.

Figure 9-3 USM Webmin Syslog Configuration

Step 3 Choose Yes from the Accept syslog events from external systems (like call Manager) pull-down selection list.

Step 4 Choose USM Tools > USM Auto Inventory and Move Phones.

Step 5 In the Logfile Path field, type the following path:
/data/intdhcp/allmessages
Step 6 Click Start and Auto-start.

Step 7 To reboot the USM server, select USM Tools > USM environment tuneup tool.

Note After making changes to the USM server configuration, you must reboot the server to enable the changes.

Step 8 Click Reboot.
The USM server reboots and the new configuration is enabled.

Step 9 To verify correct syslog configuration for the USM server, establish an SSH session to the USM server using the administrator username/password.

Step 10 To display the messages received by the USM server, enter the following command:
cd /data/intdhcp/
tail -f allmessages
Step 11 To test the configuration, reset a phone on the Unified CM server, and renter the tail -f allmessages command.

Step 12 Verify that the syslog message generated after resetting the phone on the Unified CM server has been received by the USM server.

Configuring DHCP Services on an External Server

To configure DHCP services running on an external server, complete the following steps on the webmin of the external DHCP server:

Procedure

Step 1 Choose Voss ManagerTools > VossManager Configuration.

Step 2 Select IP Director + Telephony DHCP (Primary) from the Select functional role of this machine pull-down selection list.

Step 3 Click Save Configuration and Apply Configuration to save and apply the configuration.

Step 4 Choose USM Tools > USM Auto Inventory and Move Phones.

Step 5 In the USM URL or IP address, type the IP address or URL for the USM server.

Step 6 Click Save and Start to save the settings and start the AutoMove feature.

USM DHCP Configuration

The configuration for a DHCP server managed by USM is similar whether it runs on the USM server or on an external server. However, you use the IP address of the USM server if the DHCP service is running on the USM server machine. You use the IP address of the external server if the DHCP service is running on a different machine.

Figure 9-4 illustrates the screen used in the USM GUI to configure the DHCP service.

Figure 9-4 USM DHCP Configuration

Make sure, once the DHCP server is defined on USM, the server is Loaded and Synchronized.

USM Provider Configuration

To configure the USM server to receive Auto-register requests from the Unified CM server, complete the following steps:

Procedure

Step 1 Choose Setup Tools > Global Settings > AutoCCMNewPhoneProvider.

Step 2 Choose the provider to which the Auto-register daemon reports.

Step 3 Choose Setup Tools > Global Settings > PAT-IP-Reuse.

Step 4 Enable the Current Setting checkbox.

This setting is used when phones register with the same IP address (PAT).

Step 5 Choose Provider > Select a provider > Preferences > ProviderAllowAutoPhoneInventory.

Step 6 Enable the Current Setting checkbox.
This causes USM to automatically add phones discovered through Auto-registration to the Phone Inventory.

USM Customer Configuration

To complete the Customer configuration required on the USM server, complete the following steps:

Procedure

Step 1 Choose the customer for which you want to enable the AutoMoveCustomer option.

The system displays the screen shown in Figure 9-5.

Figure 9-5 Customer Management

Step 2 Click Preferences.

Step 3 Click AutoMoveCustomer.

Step 4 Enable the Current Setting checkbox.

Step 5 On the Preferences and Settings screen, click XML-PhoneAutoRegistration.

Step 6 Enable the Current Setting checkbox.

Step 7 On the Preferences and Settings screen, click ShowCorporateDir.

Step 8 Enable the Current Setting checkbox.

USM Location Administration

Step 1 Choose the Location for which you need to enable the AutoMove feature.

Step 2 Click Preferences and select the AutoFeatureLocation option from the Preferences and Settings: Location screen.

Step 3 Choose the appropriate feature group, such as COS1International24Hour.

Step 4 From the Preferences and Settings: Location screen, select the AutoMoveLocation option.

Step 5 Enable the Current Setting checkbox.

Step 6 From the Preferences and Settings: Location screen, select the AutoRegister option.

Step 7 Enable the Current Setting checkbox.

Step 8 From the Preferences and Settings: Location screen, select the AutoRegisterLowestLocation option.

Step 9 In the Current Setting field, type the starting phone extension number used on the Unified CM server.

Step 10 Save the configuration changes and reboot the USM server to enable the new configuration.

	Cisco Hosted Unified Communication Services Provisioning Guide Release 7.1(a)
	Provisioning NAT/PAT Support
Cisco Hosted Unified Communication Services Provisioning Guide Release 7.1(a) Preface Hosted UCS Call Routing and Dial Plans Hosted UCS Static Configuration Defining and Configuring Core Network Elements and Resources Managing Countries and Provider Resources Managing Legacy PBX Support Provisioning Movius VoiceMail and Auto Attendant Services Provisioning the Local PSTN Breakout Support Provisioning LBO Location with Cisco Emergency Responder Provisioning NAT/PAT Support Provisioning Other Hosted Unified Communications Services Features Provisioning Analog Gateway Provisioning Linked Locations Provisioning Single Number Reach Hosted Unified Communications Services Location Administration Hosted Unified Communications Services Division Administration Hosted Unified Communications Services Customer Administration Sample PGW, Unified CM, and IP Unity Transactions Local Gateway Supported Call Scenarios Legacy PBX Information Phone Details Local Gateway Configuration	Download this chapter Provisioning NAT/PAT Support Download the complete book Cisco Hosted Unified Communication Services Provisioning Guide Release 7.1a (PDF - 6 MB) Feedback Table Of Contents Provisioning NAT/PAT Support Support for NAT/PAT Support for NAT/PAT Through Autoregistration of IP Phones Supported Scenarios for DHCP Services How IP Phone Autoregistration Provides NAT/PAT Support Limitations in Support for NAT/PAT Provisioning Unified CM to Support NAT/PAT Auto-registration Configuring Auto-registration Provisioning USM to Support NAT/PAT Configuring USM Webmin Configuring DHCP Services on an External Server USM DHCP Configuration USM Provider Configuration USM Customer Configuration USM Location Administration Provisioning NAT/PAT Support This chapter describes the steps required to configure the Hosted UCS platform when a Cisco NAT/PAT router or firewall connects the IP phones and the VOSS USM server. This functionality was tested in Hosted UCS Release 5.1(b), Maintenance Release 1 (MR1). This chapter includes the following sections: •Support for NAT/PAT •Provisioning Unified CM to Support NAT/PAT •Provisioning USM to Support NAT/PAT Support for NAT/PAT This section describes support for NAT/PAT through autoregistration of IP phones when VOSS USM and the DHCP server are connected by a Cisco router or firewall providing NAT/PAT services. It includes the following topics: •Support for NAT/PAT Through Autoregistration of IP Phones •Supported Scenarios for DHCP Services •How IP Phone Autoregistration Provides NAT/PAT Support •Limitations in Support for NAT/PAT Support for NAT/PAT Through Autoregistration of IP Phones In Hosted UCS deployments before Release 5.1(b), MR1, DHCP services were always managed directly by VOSS USM. USM depended on IP address information from the DHCP server to determine the location of phones, and this was a dependency for the USM AutoMove feature. When USM manages DHCP services, Hosted UCS supports a centralized pool of DHCP servers for each customer. Two customer locations in different subnets connected to a common PAT router cannot be supported because USM associates every location with an IP address subnet. As a workaround, separate IP address pools can be created on the PAT router. However, if the DHCP server and USM server are separated by a NAT/PAT router, this scenario is not supported. Note If two locations share the same subnet, phones cannot auto-register using the shared subnet. Configuration of shared subnets through the USM GUI is disabled in Release 5.1(b), MR1, but may still occur using bulk loaders. Hosted UCS Release 5.1(b), MR1, now supports DHCP services that are not managed by USM. This allows the DHCP server to be separated from the USM server by a Cisco NAT/PAT device, such as a Cisco IOS software router, PIX firewall, or Adaptive Security Appliance (ASA). In this scenario, information required for the USM AutoMove feature is received through the syslog messages provided by the Unified CM Server. Supported Scenarios for DHCP Services USM now supports DHCP services in the following scenarios, using auto-registration provided by the Unified CM server: •DHCP services managed by USM, running on the USM server •DHCP services managed by USM, running on an external server •DHCP services unmanaged by USM, running on an external server •DHCP services unmanaged by USM, running on an external server separated by a Cisco NAT/PAT device (see Figure 1). Scenarios that are still unsupported are described in "Limitations in Support for NAT/PAT" section. Figure 1 Unmanaged DHCP with Support for NAT/PAT (IP Phone Autoregistration) How IP Phone Autoregistration Provides NAT/PAT Support As shown in Figure 1, when the USM server receives a syslog message from Unified CM, the AutoReg service picks it up from the log and triggers the AutoCCMNewPhone transaction in USM. This transaction performs the following steps: 1. The transaction looks up the MAC address in the phone inventory and if the phone is missing, adds the phone to the inventory at the provider level. 2. If USM has not identified a location for the phone, the transaction initiates an AutoMove transaction to move the phone to the correct location in an unregistered state. 3. If the IP address received in the syslog message from Unified CM does not match the IP address in USM, the transaction updates the USM database with the new IP address. 4. If the phone is not registered in the location and the Auto-register option is selected, the transaction registers the phone. This completes the transaction and the phone is fully registered in USM with an allocated extension number. USM performs all four steps when a new phone is added and Auto-register is turned on for the location. If the IP address for an existing phone is changed, only Step 3 occurs. Limitations in Support for NAT/PAT When the DHCP service runs on an external server and is managed by USM, the DHCP server and the USM server cannot be separated by a NAT/PAT device. Currently, overlapping IP addresses are supported only if a separate DHCP server is used for each customer. When USM manages the DHCP server, customer locations in different subnets connected to a common PAT router are not supported because USM associates every location with an IP address subnet. As a workaround, separate IP address pools can be created on the PAT router. However, if the DHCP server and USM server are separated by a NAT/PAT router, this scenario is not supported. Provisioning Unified CM to Support NAT/PAT This section describes the configuration required to provision the Unified CM server to support IP phones connected to the USM server through a Cisco NAT/PAT device. It includes the following topics: •Auto-registration •Configuring Auto-registration Auto-registration Auto-registration automatically assigns directory numbers to new devices as they connect to the IP telephony network. When auto-registration is enabled, a range of directory numbers is specified so that Cisco Unified CM can assign an unused number to each new phone that is connected to the network. As new phones connect to the network, Cisco Unified CM assigns the next available directory number in the specified range. After a directory number is assigned to an auto-registered phone, the phone is moved to a new location, and its directory number remains the same. This task is accomplished by sending the Unified CM syslog messages to the USM server. This automatically triggers a transaction that moves the phone to the location, as explained in the "How IP Phone Autoregistration Provides NAT/PAT Support" section. Configuring Auto-registration To configure auto-registration on the Unified CM server, complete the following steps: Procedure Step 1 Connect to the Unified CM server that you need to configure. Step 2 Choose System > Cisco Unified CallManager. Step 3 The system displays the screen shown in Figure 9-2. Figure 9-2 Auto-registration - Unified CM Configuration Step 4 Make sure that Auto-registration Disabled on this Cisco Unified CallManager is unchecked. Perform this step for all the Unified CM servers. Step 5 Choose System > Cisco Unified Call Manager Group. Step 6 Enter the group used in the Name field and check Auto-registration Cisco Unified CallManager Group. Step 7 Choose System > Enterprise Parameters Configuration screen. Step 8 Choose the correct protocol (SIP or SCCP) from the Auto-registration Phone Control Protocol pull-down selection list. Note Perform this step for Unified CM 5.1 and above. Unified CM 4.X supports only the SCCP protocol. Step 9 To direct Unified CM Syslog Messages to the USM Server, select Cisco Unified CallManager > Alarm Configuration. Step 10 In the Remote Syslogs section, type the IP address of the USM server in the Server Name field. Step 11 Click Save. Provisioning USM to Support NAT/PAT This section describes the configuration required for the USM server when it is connected to IP phones by a Cisco NAT/PAT device. It includes the following topics: •Configuring USM Webmin •USM Provider Configuration •USM Customer Configuration •USM Location Administration Configuring USM Webmin To complete the configuration required using USM Webmin, complete the following steps: Procedure Step 1 Access USM Webmin. Step 2 Choose VossManager Tools > VossManager configuration editor. The system displays the screen shown in Figure 9-3. Figure 9-3 USM Webmin Syslog Configuration Step 3 Choose Yes from the Accept syslog events from external systems (like call Manager) pull-down selection list. Step 4 Choose USM Tools > USM Auto Inventory and Move Phones. Step 5 In the Logfile Path field, type the following path: /data/intdhcp/allmessages Step 6 Click Start and Auto-start. Step 7 To reboot the USM server, select USM Tools > USM environment tuneup tool. Note After making changes to the USM server configuration, you must reboot the server to enable the changes. Step 8 Click Reboot. The USM server reboots and the new configuration is enabled. Step 9 To verify correct syslog configuration for the USM server, establish an SSH session to the USM server using the administrator username/password. Step 10 To display the messages received by the USM server, enter the following command: cd /data/intdhcp/ tail -f allmessages Step 11 To test the configuration, reset a phone on the Unified CM server, and renter the tail -f allmessages command. Step 12 Verify that the syslog message generated after resetting the phone on the Unified CM server has been received by the USM server. Configuring DHCP Services on an External Server To configure DHCP services running on an external server, complete the following steps on the webmin of the external DHCP server: Procedure Step 1 Choose Voss ManagerTools > VossManager Configuration. Step 2 Select IP Director + Telephony DHCP (Primary) from the Select functional role of this machine pull-down selection list. Step 3 Click Save Configuration and Apply Configuration to save and apply the configuration. Step 4 Choose USM Tools > USM Auto Inventory and Move Phones. Step 5 In the USM URL or IP address, type the IP address or URL for the USM server. Step 6 Click Save and Start to save the settings and start the AutoMove feature. USM DHCP Configuration The configuration for a DHCP server managed by USM is similar whether it runs on the USM server or on an external server. However, you use the IP address of the USM server if the DHCP service is running on the USM server machine. You use the IP address of the external server if the DHCP service is running on a different machine. Figure 9-4 illustrates the screen used in the USM GUI to configure the DHCP service. Figure 9-4 USM DHCP Configuration Make sure, once the DHCP server is defined on USM, the server is Loaded and Synchronized. USM Provider Configuration To configure the USM server to receive Auto-register requests from the Unified CM server, complete the following steps: Procedure Step 1 Choose Setup Tools > Global Settings > AutoCCMNewPhoneProvider. Step 2 Choose the provider to which the Auto-register daemon reports. Step 3 Choose Setup Tools > Global Settings > PAT-IP-Reuse. Step 4 Enable the Current Setting checkbox. This setting is used when phones register with the same IP address (PAT). Step 5 Choose Provider > Select a provider > Preferences > ProviderAllowAutoPhoneInventory. Step 6 Enable the Current Setting checkbox. This causes USM to automatically add phones discovered through Auto-registration to the Phone Inventory. USM Customer Configuration To complete the Customer configuration required on the USM server, complete the following steps: Procedure Step 1 Choose the customer for which you want to enable the AutoMoveCustomer option. The system displays the screen shown in Figure 9-5. Figure 9-5 Customer Management Step 2 Click Preferences. Step 3 Click AutoMoveCustomer. Step 4 Enable the Current Setting checkbox. Step 5 On the Preferences and Settings screen, click XML-PhoneAutoRegistration. Step 6 Enable the Current Setting checkbox. Step 7 On the Preferences and Settings screen, click ShowCorporateDir. Step 8 Enable the Current Setting checkbox. USM Location Administration Step 1 Choose the Location for which you need to enable the AutoMove feature. Step 2 Click Preferences and select the AutoFeatureLocation option from the Preferences and Settings: Location screen. Step 3 Choose the appropriate feature group, such as COS1International24Hour. Step 4 From the Preferences and Settings: Location screen, select the AutoMoveLocation option. Step 5 Enable the Current Setting checkbox. Step 6 From the Preferences and Settings: Location screen, select the AutoRegister option. Step 7 Enable the Current Setting checkbox. Step 8 From the Preferences and Settings: Location screen, select the AutoRegisterLowestLocation option. Step 9 In the Current Setting field, type the starting phone extension number used on the Unified CM server. Step 10 Save the configuration changes and reboot the USM server to enable the new configuration.
	Terms & Conditions \| Privacy Statement \| Cookie Policy \| Trademarks