BCM-FasTrack_T0202

Module 6: IP Telephony Solutions
Page 1
Table of Contents
MODULE 6: IP TELEPHONY SOLUTIONS .....................................................................................................3
INTRODUCTION............................................................................................................................................................3
LESSON OVERVIEW.....................................................................................................................................................3
MODULE OBJECTIVES.................................................................................................................................................3
REFERENCE ..................................................................................................................................................................4
LESSON #1: MEDIA PATH MANAGEMENT ...................................................................................................5
INTRODUCTION............................................................................................................................................................5
MPM OVERVIEW ........................................................................................................................................................5
IP Client to IP Client (Same BCM)....................................................................................................................5
IP Client to IP Client (Different BCM) .............................................................................................................6
IP Client Conferencing.........................................................................................................................................7
LESSON 2: MCDN OVER IP...................................................................................................................................9
INTRODUCTION............................................................................................................................................................9
MESSAGE WAITING INDICATOR................................................................................................................................9
MCDN OVERVIEW .....................................................................................................................................................9
MCDN CENTRALIZED MESSAGING COMPONENTS................................................................................................9
NCT: Network Call Transfer..............................................................................................................................9
NCRI: Network Call Redirection Information................................................................................................9
MWI: Message Waiting Indication .................................................................................................................10
MCDN CENTRALIZED TRUNKING COMPONENTS................................................................................................10
ICCL: ISDN Call Connection Limitation.......................................................................................................10
TRO: Trunk Route Optimization.....................................................................................................................10
TAT: Trunk Anti-Tromboning..........................................................................................................................10
MCDN CENTRALIZED ATTENDANT COMPONENTS.............................................................................................10
Camp-On ..............................................................................................................................................................10
Break-In................................................................................................................................................................11
LESSON 3: WEB ENABLED COMPUTER TELEPHONY..........................................................................13
INTRODUCTION..........................................................................................................................................................13
VOICE BUTTON OVERVIEW.....................................................................................................................................13
VOICE BUTTON CONFIGURATION ...........................................................................................................................13
EMBEDDED CONFIGURATION..................................................................................................................................14
VOICE BUTTON: CLICK TO TALK............................................................................................................................14
VOICE BUTTON EXAMPLE........................................................................................................................................14
COMPUTER TELEPHONY ENGINE (LAN CTE) ......................................................................................................15
LESSON 4: IP TELEPHONY..................................................................................................................................17
INTRODUCTION..........................................................................................................................................................17
IP TELEPHONY CLIENTS...........................................................................................................................................17
IP Client Configuration......................................................................................................................................17
IP Terminal Status..............................................................................................................................................19
Deregistering IP Clients....................................................................................................................................19
Telephony Features List.....................................................................................................................................19
Hot Desking..........................................................................................................................................................19
802.11 WIRELESS IP CLIENTS.................................................................................................................................20
H.323 Terminal Configuration.........................................................................................................................20
H.323 Gatekeeper Support................................................................................................................................21
LESSON 5: DATA NETWORKING FEATURES .............................................................................................23

Page 2 Lesson 1: Media Path Management
INTRODUCTION..........................................................................................................................................................23
MULTIPLE IP ADDRESSES........................................................................................................................................23
WINS SUPPORT .........................................................................................................................................................23
DHCP SERVICES .......................................................................................................................................................23
DHCP Global Options.......................................................................................................................................24
Remote Scope Support........................................................................................................................................24
Reserved Addresses.............................................................................................................................................24
IP Client Support.................................................................................................................................................24
VPN SUPPORT ...........................................................................................................................................................25
VPN Client Support............................................................................................................................................26
PPTP Configuration...........................................................................................................................................26
IPSec Configuration...........................................................................................................................................26
POLICY SUPPORT OVERVIEW..................................................................................................................................27
POLICY MANAGEMENT.............................................................................................................................................27
POLICY TYPES............................................................................................................................................................28
QUALITY OF SERVICE (QOS)...................................................................................................................................28

Page 3
Introduction
Business Communications Manager v3.0 is equipped with substantial Voice
Over IP (VoIP) capabilities. Such capabilities include wireless IP telephone
sets, IP trunking, MCDN over IP, and media path management. In this
Module you will learn about the multitude of VoIP features supported on
BCM 3.0 and how to configure each.
Lesson Overview
Lesson Description
1 Media Path Management
2 MCDN Over IP
3 Web Enabled Computer Telephony
4 IP Telephony Clients
5 Data Networking Features
Module Objectives
In this module you will learn the following:
• Understand Media Path Management and when it is used.
• List and describe the MCDN over IP features supported on BCM
3.0, and the requirements for implementing each.
• Describe the different Computer Telephony components, and
understand how BCM integrates with the World Wide Web.
• Understand, list and describe the different VoIP Client and Trunking
options supported on the BCM, including H.323 integration.
• Describe and configure the many of the data networking features
available on BCM v3.0

Reference
Document # Title
P0937663 IP Telephony Configuration Guide
P0939539 LAN CTE Configuration Guide
P0935737 Multimedia Call Center Set Up and Operation Guide
P0937241 Programming Operations Guide

Lesson 1: Media Path Management Page 5
Lesson #1:
Media Path Management
Introduction
Media path management (MPM) is a feature in BCM v3.0 that greatly
increases the efficiency of VoIP and reduces load on the BCM by passing
compression and packetization tasks out to the end devices. In this lesson
you will learn how media path management functions and when it is used by
the BCM.
MPM Overview
VoIP clients use two paths to communicate with other devices. The
signaling path, also called a signaling channel, is an always-on
communications pathway between the VoIP client and the BCM used to
send status updates between both parties and perform other administrative
functions. The media path, also referred to as a media channel, is the actual
packetized voice signal sent over the network. The signaling path is always
in use, however the media path is only in use when a call is in progress.
IP Client to IP Client (Same BCM)
Media channels and signaling channels are finite resources in the BCM; the
IP Gateway is designed to minimize the usage of these resources by
allowing i2004 IP telephones to maintain a call between each other without
the help of the BCM.
Suppose sets A & B are registered with the same BCM, and set A has called
set B. Both phones are on the same IP network, therefore the BCM sets up
the call between the two phones, maintains a signaling channel between
each, however the actual voice (media channel) travels from phone to phone
directly without intervention from the BCM.

Figure 1: IP Set to IP Set media path usage
IP Client to IP Client (Different BCM)
Suppose set A is registered to BCM A and set B is registered to BCM B.
Both BCMs are connected via an IP trunk. A call bound for set B is
received by BCM B. BCM B then signals set B to notify it that there is an
incoming call from set A. Set A and set B negotiate a direct connection
with each other, and the BCMs are removed from the call altogether, until
their services are requested by either set A or set B.

Lesson 1: Media Path Management Page 7
IP Client Conferencing
IP sets are not capable of handling higher functions such as conferencing.
Therefore, the BCM must use its conferencing bridge to make the
conference call happen. Once a third i2004 is conferenced in all media
paths go directly to the BCM, and each media path uses a media channel to
use the conference bridge on the MSC card. Three media channels are used
to handle the three media paths from each i2004 set involved in the
conference. The BCM is still limited to 3 party conference calls.
Figure 2: IP Telephone conference call media path usage

Lesson 2: MCDN Over IP Page 9
Lesson 2:
MCDN Over IP
Introduction
Meridian Customer Defined Networking (MCDN) is a robust set of
telephony networking features that can be implemented between two or
more MCDN capable devices. In BCM v3.0 MCDN can network multiple
supporting devices over VoIP trunks as opposed to PRI only. In this lesson
you will learn about the available MCDN over IP features supported by the
BCM, how they are implemented, and their requirements.
Message Waiting Indicator
In BCM 2.0 the new LED on the Business Series Terminals (BST’s) were
used for visual ring indication. BCM 3.0 now uses this as a message-
waiting indicator as well. The MWI LED will illuminate when there are
new voice mail messages waiting. MWI is supported on the new BST sets
and the i2004 sets.
MCDN Overview
Meridian Customer Defined Networking (MCDN) is the Nortel Networks
networking language used to communicate between Meridian 1’s. MCDN
is now available on the BCM 3.0 to increase the interoperability between the
M1 and the BCM. When linking the BCM 3.0 to a Meridian 1 system via
PRI or VoIP trunks, new features are made available. Keycodes are required
to implement these features. MCDN supports the ability to provide
Centralized Voice Mail, Trunking, and Attendant.
MCDN Centralized Messaging Components
NCT: Network Call Transfer
Network Call Transfer allows the transferee and the transfer destination to
have each other’s identification (name/number) when a call is transferred in
an MCDN network. NCRI: Network Call Redirection Information
Network Call Redirection Information (NCRI) adds the ability to redirect a
call across a private network and provide the necessary redirection
information to the endpoint.

Page 10 Lesson 2: MCDN Over IP
MWI: Message Waiting Indication
Message Waiting Indication (MWI) allows a Meridian 1 Voice Mail to give
message waiting indication to a BCM telephone using either PRI or IP.
MCDN Centralized Trunking Components
ICCL: ISDN Call Connection Limitation
The ICCL (ISDN Call Connection Limitation) feature limits the call
connections in the following conditions in an MCDN network:
In an MCDN network it is possible for a call to be routed through many
PBXs and create “loops”.
TRO: Trunk Route Optimization
Trunk Route Optimization (TRO) is an MCDN feature, which alleviates
unnecessary tandeming and tromboning of trunks by searching for better
call routes during the alerting phase of a call
TAT: Trunk Anti-Tromboning
Trunk Anti-Tromboning (TAT) is an MCDN feature that alleviates
unnecessary tandeming and tromboning of trunks by searching for better
call routes during a transfer on an active call.
MCDN Centralized Attendant Components
Camp-On
• Camp-On allows an attendant on the M1 to camp-on a call to a busy
user on the BCM.
• When the call is camped, the busy user is informed that another call
is waiting.
• The called busy party on BCM may accept the camped call by
clearing one of the already established calls.
• The called party may also reject the Camped-On call by using the
Feature Reject Code (F814) or the Do Not Disturb feature (F85).

Lesson 2: MCDN Over IP Page 11
Break-In
Break-In is a feature available to a centralized attendant in a network which
allows the centralized attendant to reach a person who is already on a call.
This feature is similar to the Priority Call feature on the BCM.

Lesson 3: Web Enabled Computer Telephony Page 13
Lesson 3:
Web Enabled Computer Telephony
Introduction
Business Communications Manager v3.0 incorporates many new features in
the Multi Media Call Center. These features include the ability to tie the
BCM into a website for the purposed of text chat or PSTN call initiation,
and a new Computer Telephony Engine that is not dependent on Microsoft
Networking. In this lesson you will learn about the new features of Multi
Media Call Center and the Computer Telephony Engine (CTE).
Voice Button Overview
Voice Button is a new feature of the Multi-Media Call Center package. This
feature allows customers to link their web pages to the BCM’s call center
via the Internet. Customers can initiate a text chat session or a PSTN call
with a properly configured call center agent. The call center agent can push
web pages out to the customer’s browser or pull the referring page from the
customer to discover what page they were browsing when they clicked on
the voice button icon. Pages can be pushed or pulled while interacting with
the customer via Text Chat or PSTN access.
The BCM contains a set of pre-built HTML pages for this feature. The
customer can edit these pages, however the BCM cannot be used to host
other websites. The Multi-Media Call Center package requires a keycode to
implement.
Voice Button Configuration
Agents must be configured via Call Pilot Manager to operate with the Voice
Button feature. Under the “Add Agents Form” the “Assigned Agents” pull-
down list allows you to program the types of calls an agent can accept; voice
calls, voice button calls, or both types of calls.
In addition, general answering of Voice Button calls and a default skillset
can be configured.
Voice Button calls may be routed using the CLID/DNIS information. This
information is taken from a preference web page the user must complete
before initiating the call. In this preferences page, customers must enter a
callback PSTN number. The number in this field is used to route the call.

Page 14 Lesson 3: Web Enabled Computer Telephony
Embedded Configuration
The Voice Button feature is highly customizable. Traffic can be routed
through the web page code. To customize the pre-built web pages on the
BCM a web developer must know the host & domain name of the BCM, the
account on the BCM to authorize the posting of updated pages, and ID
numbers associated with the skillsets.
By knowing the afore mentioned information, a developer can route
incoming Voice Button callers to any Skillset using example HTML code
provided in the BCM documentation.
Voice Button: Click to Talk
Once a Voice Button connection is established, the agent and caller can
communicate from their PCs via text chat or PSTN call and view the same
web pages simultaneously using the pre-built java applets stored on the
BCM.
Voice Button Example
A customer accesses the web page and has Internet access and PSTN access.
After browsing the website, the customer finds several products he or she
has questions about. A click on the Voice Button places them into the call
center skillset, and when an agent is available a call is established between
agent and customer via PSTN. The web browser can be used for text chat
and web page sharing.

Lesson 3: Web Enabled Computer Telephony Page 15
Computer Telephony Engine (LAN CTE)
With LAN CTE, the replacement for TAPI Service Provider, CTI
applications are now available in a non-Microsoft domain such as a peer-to-
peer network.
The previous architecture used the Microsoft TAPI service provider to
communicate to the TAPI server on the BCM. The CTE on the BCM would
communicate with the TAPI server to translate commands between BCM
and TAPI. This architecture required that the TAPI implementation be
bound by the rules of Microsoft’s implementation.
Figure 3: BCM v2.0 Computer Telephony Engine Architecture

Page 16 Lesson 3: Web Enabled Computer Telephony
Figure 4: BCM v3.0 Computer Telephony Engine Architecture
In the 3.0 architecture the Remote TAPI service provider is replaced by the
BCM TAPI service provider and LAN CTE components. By placing these
components on the client station as opposed to the server, the workstations
now communicate with the BCM in its own language. This allows BCM to
now run CTI applications without vendor restrictions such as the NT
Domain membership requirement.
A Microsoft domain is no longer required. All one needs is the IP address,
machine name, or domain/user account. Any one of the three can be used to
make an association between a DN and a CTI client.

Lesson 4: IP Telephony Page 17
Figure 5: Nortel IP Terminals "General" Menu
Lesson 4:
IP Telephony
Introduction
BCM 3.0 introduces a higher IP telephony client capacity, and support for a
large number of new features. In addition, IP trunking has been greatly
improved. In this lesson you will learn about the new IP telephony clients,
IP telephony trunk options and how to configure each.
IP Telephony Clients
Support has been added for IP clients, such as the NORTEL i2004 & i2002
sets and the i2050 soft client, for connectivity to a BCM system as if they
were a T7316 set. Since the client is essentially a T7316, all normal phone
features are supported.
IP Clients are keycode enabled and come in increments of: 1, 4, 8, 16, 32
and 64. The BCM will keep the terminals at the same firmware level by
automatically uploading the version of firmware it has stored, upon
registration. Up to 5 sets at a time can be updated simultaneously.
Additional sets are queued in order of request. In addition, a firmware
download can be forced if necessary.
IP Client Configuration
Registration & Password
Every i2004 and i2050 set must
register the first time they connect
to the BCM in order to receive a
DN. Installers will need the
registration password unless you
choose not to password restrict
registration. The registration
process records the MAC address
of the registering device upon registration. It uses this address to distinguish
the set. Unlike an IP address, MAC addresses are hardware set and cannot
be changed. The Registration option enables or disables registration.
Registration should only be enabled when new sets need to be registered
with the system

Page 18 Lesson 4: IP Telephony
Auto-Assign DN
Auto Assignment of DN can be used when activating a new IP set. The
system will assign the next available DN to the set and will make sure that
no existing DNs are duplicated. DNs can be entered manually as well.
The “Auto DN” feature chooses from any available DN in the system
starting from the biggest number including all B1 and B2 DNs. The Auto
DN tool will not use Voice Mail DNs, Call Center DNs, and Station Set
DNs, as well as other IP phone DNs as valid new IP phone DNs.
Note: When you enter a DN manually, unusual functionality may occur if you enter a Voice
Mail B2 DN.
Advertisement Logo
An advertisement logo is also supported. This feature allows you to
configure a 24-character string that will appear on the LCD screen of the IP
client telephone set.
Default Codecs
BCM will attempt to provide the best possible service with the least impact
on the network.
When the default codec is set to “AUTO” the BCM selects the best codec
based on the IP address of the client. If both endpoints of the call are
i2002/i2004/i2050 sets on the same IP subnet the BCM will choose G.711
codec for maximum voice quality. If the sets are on different IP subnets the
BCM will choose G.729 codec to minimize voice data packet size and
conserve bandwidth.
Default Jitter Buffer
The jitter buffer is a mechanism designed to prevent voice clipping and drop
out on a VoIP call. The jitter buffer will collect VoIP packets for a period of
time before decoding them. This is done to combat variable inter-packet
latency on wide area networks where link speed is significantly lower than
on local area networks.
The default jitter buffer has several settings. When configured for “AUTO,”
the BCM will select the best jitter buffer and adjust it dynamically for
optimal call quality. Additional settings are NONE, SMALL, MEDIUM, &
LARGE.

IP Terminal Status
The IP Terminal Status tab will provide a current view of the registered IP
sets. A drop-down menu offers the ability to deregister a DN, download
firmware into an IP set, or modify the primary codec to be used for that
terminal.
The “Services/IP Telephony/Nortel IP Clients” menu displays the status of
the registered Nortel IP clients.
Deregistering IP Clients
The following codes can be entered to delete IP addresses of IP terminals in
the system. When a DN is deleted it forces a terminal to re-register and
frees up the DN.
• F**47335 # remove current sets. Use it from the IP set.
• F**47335 XXX# removes DN XXX from the system.
• The default password for these codes is 266344.
Telephony Features List
BCM v3.0 expands the functionality of the buttons on i2000 series phones.
Functionality has been given to the “Services” button, which allows a user
to access a list of available services. This list is a programmable menu of
feature codes.
BCM makes use of a large list of features each identified by a feature code.
Rather than expecting users to remember the feature code for call
forwarding, for example; the administrator can program the feature to
appear in the features list by name.
By pressing the services key, the user will see the list of pre-programmed
services. The “Telephony Features List” is the location within Unified
Manager where an administrator may add additional features to the list.
Hot Desking
Hot Desking is a new feature in v3.0 that solves a common problem of users
of multiple IP sets, such as those who have an i2004 set and an i2050 set for
use when traveling. When activated, Hot Desking allows that signaling and
media paths from one IP set to be mapped to another IP set registered to the
same BCM. So, when an i2004 user is out of the office, all calls can be
redirected to their i2050 set without having to set up call forwarding.

Page 20 Lesson 4: IP Telephony
Hot Desking can be invoked by pressing <FEATURE> *999 from the IP set
or by scrolling through the feature directory stored in the phone. Hot
Desking is password protected for each individual user.
When Hot Desking is activated, the buttons on the secondary IP set change
to match that of the primary IP set. For instance, if an i2002 user hot desks
to an i2004, only 4 soft keys can be used as opposed to the 6 that are
normally available on the i2004.
Hot Desking only works with Nortel i2002, i2004, & i2050 sets that are
registered and ACTIVE. The administrator must enable hot Desking on the
set, and sufficient keycodes must be present to support ALL registered sets.
For example, the registered primary IP set uses one IP Client Keycode, the
registered secondary IP set also uses one IP Client Keycode. Therefore, two
IP Client Keycodes are required to support one Hot Desking user.
802.11 Wireless IP Clients
BCM 3.0 provides support for standard H.323v2 clients like the e-mobility
802.11. These wireless devices function like an ATA and have access to the
same basic feature functionality.
802.11 is a standard for Ethernet over wireless. These 802.11 sets operate
similar to an i2004 in the respect that they are IP devices and access the
network using Ethernet. The primary difference is the medium used. The
advantage to this type of solution is that workstations equipped with 802.11
devices can use the same wireless access points that laptop computers use to
access the data network.
H.323 sets function as basic telephones and do not support the advanced
functionality offered by the Nortel IP terminals.
H.323 Terminal Configuration
Adding H.323 terminals is a simple process. Select the H.323 option, select
the Configuration menu, and choose add DN. From there, you simply
provide the desired Name, DN number, & password.
Handsets are identified by name and password. The name in the “Name”
field must be the username configured on the handset.
H.323 terminals will not work if there is a NAT device installed between the
handset and the BCM.

H.323 Gatekeeper Support
BCM v3.0 is equipped for
integration into an existing H.323
VoIP network through the use of
an H.323 gatekeeper. In networks
with large VoIP dialing plans or a
high number of BCMs, it becomes
inefficient to manage the dial plans
on each individual BCM.
BCM v3.0 supports two modes of
gatekeeper operation. They are Gatekeeper Routed and Gatekeeper
Resolved. These options can be found in the “Call Signaling” pull-down
menu. When configured as “Direct,” BCM resolves all remote gateways
internally and will not use a gatekeeper.
In a “Gatekeeper Resolved” configuration, BCM will obtain call route
information from an H.323 Gatekeeper. This option is used if a centralized
dial plan is needed. In this mode, new call routes only need to be added to
the gatekeeper and not every BCM or VoIP server in the network.
In a “Gatekeeper Routed” configuration, BCM will obtain call route
information and offload all H.323 signaling operations to the gatekeeper.
This mode of operation is used when centralized call accounting is needed.
By passing call control to the H.323 Gatekeeper, statistics on VoIP calls can
be tracked. This is not possible in a “Gatekeeper Resolved” configuration.
Figure 6: Local Gateway Configuration Screen

Lesson 5: Data Networking Features Page 23
Lesson 5:
Data Networking Features
Introduction
Business Communications Manager v3.0 incorporates a more robust set of
data networking features including Virtual Private Networking Support,
multiple IP addresses per network interface, quality of service, and DHCP
server enhancements. In this lesson you will learn about the data
networking features of the BCM v3.0 and how to configure each.
Multiple IP Addresses
The Unified Manager provides the ability to add additional IP addresses for
LAN and WAN interfaces. The LAN and WAN interfaces can have up to
five IP addresses per interface.
Many times a customer may have requirements for multiple IP addresses for
the LAN or WAN. For example, if the customer has a Website or server for
public Internet access (online catalog, customer support, etc), and they
desire to use the BCM 3.0 as the router for their network, it would require
multiple IP addresses.
This feature is supported by BCM v2.5 & v3.0.
WINS Support
Windows Internet Naming Service (WINS) is a Microsoft name resolution
service similar to DNS, however WINS performs name resolution through
NetBIOS over IP broadcasts.
WINS is implemented in many environments as a secondary name service to
compliment DNS. Support for WINS on the BCM was added in v2.5. The
WINS server address is easily assigned through Unified Manager by
selecting the desired LAN/WAN and entering the appropriate IP address
under the Primary Wins Address field.
DHCP Services
The DHCP Server on BCM v3.0 supports multiple features: remote scopes,
reserved addresses, and support for IP clients. These features allow the
BCM to operate better in different environments.

Page 24 Lesson 5: Data Networking Features
DHCP Global Options
In addition to IP Domain Name, WINS Node Type, and the IP Terminal
Information, BCM v3.0 adds support for VLAN IDs. The i2002/i2004
firmware on the BCM adds VLAN support, and this option allows those
VLAN IDs to be configured with the DHCP offering.
Remote Scope Support
Dynamic Host Configuration Protocol (DHCP) is the de facto standard for
dynamic IP address assignment. However, many enterprise
implementations of DHCP are centralized meaning that all IP addresses for
the entire network are assigned using a single or cluster of DHCP servers.
DHCP is a non-routable protocol and therefore cannot be passed over the
router. BCM 3.0 can now act as a DHCP relay device and forward DHCP
requests to a remote server. DHCP Remote Scope programming is
performed via Unified Manager by selecting the Remote Scope option and
entering the required fields for the remote location.
Support for IP clients adds an additional field to the end of a DHCP packet
containing the call server IP address and protocol port numbers. Without
this support every IP set would have to have this information configured
manually.
Reserved Addresses
The DHCP Server has the ability to reserve specific IP addresses for
individual MAC addresses. This option is commonly used to ensure that
DHCP devices, such as 802.11 H.323 sets, receive the same IP address each
time they boot up. This programming is accessed by selecting the
“Reserved Addresses” tab.
IP Client Support
The DHCP standard allows for extensions to the DHCP offering packet.
BCM v3.0 takes advantage of this by allowing the configuration of a several

extended fields that are required by Nortel IP sets. Settings such as primary
& secondary call server can be configured using a special syntax in the
provided field in Unified Manager.
VPN Support
Technically, what is a Virtual Private Network (VPN)? A VPN can be
defined as follows:
A VPN is a private communications network established over a shared
public network infrastructure.
The term has only been around since the mid 90’s, however VPNs date back
all the way to the 70’s. Frame Relay and ATM networks are examples of
VPNs. For example, in a frame relay network, a packet switched network is
provisioned by the selected carrier. The traffic from many other businesses
traverses the same Frame Relay switches, but each customer’s Frame Relay
traffic appears isolated. So, it appears as if the network is private. For all
intents and purposes it is virtually a private network.
Private data packets are encapsulated in an IP header that is addressed to
travel over the public network. The receiving device removes this IP header
and passes the data. BCM supports the two most common VPN protocols;
Point-to-Point Tunneling Protocol (PPTP) and Internet Protocol Secured
(IPSec).
Refer to p.613-652 in the Programming Operations Guide

Figure 7: IPSec Client Configuration Options
VPN Client Support
BCM v3.0 adds support for VPN clients.
The former v2.5 software only supported
branch office VPN tunnels (BCM to
BCM, or BCM to Contivity).
This new feature allows laptops,
connected to the Internet, to access the
private network. This increases
flexibility for end users who wish to
work from home or who travel
extensively. Using the VPN client the
end user can connect to the BCM and
register their i2050 soft phone.
PPTP Configuration
PPTP programming forces the
connecting client to match a pre-defined
IP address before connections can be
completed. If the PPTP is disabled, any
client can enter the LAN if they provide a valid NT server user name and
password.
IPSec Configuration
IPSec is the most popular VPN protocol in the industry. This is primarily
due to its Layer-2 independence. IPSec can run over any medium that can
transport IP packets.
In addition, IPSec supports a growing number of encryption algorithms.
BCM Supports the following Encryption:
• 128 Bit 3DES w/SHA1 or MD5 Integrity
• 56 Bit DES w/SHA1 or MD5 Integrity
• 40 Bit DES w/SHA1 or MD5 Integrity
• Authentication Only HMAC w/SHA1 or MD5 Integrity
BCM supports IPSec tunnels between BCM to BCM or BCM to Contivity
Extranet Switch.

The IPSec Tunnels are accessed by selecting IPSec, the Configuration
option, and add. Note there is no authentication checking for individual
users as there is in the PPTP programming.
Policy Support Overview
BCM supports Policy by using the DS Field, which contains the DS Code
Point (DSCP). The DS Field is an 8-bit field in the IP Header of a data
packet as defined by RFC 2474. An example of a DS Field is shown below:
Based on the DSCP value of a data packet the BCM places that IP traffic
into a queuing mechanism to assure quality of service. BCM 3.0 will remain
the same as BCM 2.0, where 9 queues are implemented.
Queue 0 - Serviced first for all its queued packets, ahead of the queued
packets of the other priority group.
Queue 1 to 8 – Serviced in a “Weighted Fair Queuing” fashion
Voice traffic, in difference to data traffic, is highly time sensitive. While a
data application can handle great amounts of delay, voice cannot. Any
delay in transmission greater than 200ms is noticeable by the end user. The
BCM Policy rules will place an IP user request into one of 9 queues based
on specific field (DS field) in the header of a data packet. This is to insure
the voice over IP traffic will get transmission priority over regular delay
tolerant data traffic.
Policy Management
Policy support is one issue, however policy management is quite another.
Depending on the size of the organization, different policy management
methods may be called for. The BCM Policy Support can be accomplished
via 3 different methods:
• Policy services can be locally configured on each BCM through the
Unified Manager administration tool.
• Optivity Policy Services or for multi-site customers which uses the
Common Open Policy Service Protocol (COPS) client on the BCM.

• Simple Network Management Protocol (SNMP) is a low bandwidth
open standard protocol used to send and receive device management
information and statistics. The public policy templates or policy
information bases (PIBs) are standard sets of policy attributes
defined in an SNMP database called a MIB (Management
Information Base). Both Policy-Framework-PIB or QOS-Policy-IP-
PIB are supported.
Policy Types
BCM 3.0 supports policy services in two modes: dynamic or static.
A static policy configuration is a configuration in which the policies are
configured on the BCM and those policies are enforced by the BCM.
In a dynamic policy configuration, the BCM only enforces polices it
receives from a policy server.
Quality of Service (QoS)
Quality of Service is very important to IP Clients. By default, BCM places
IP clients into its highest priority queue or premium queue. This queue is
guaranteed a certain percentage of bandwidth. The remaining queues are
serviced in a weighted-fair-queuing fashion based on transmit opportunities
rather than actual bandwidth.

Module 7: Data Networking Services
BCM 3.0 FasTrack Page 1
Table of Contents
MODULE 7: DATA NETWORKING SERVICES ..............................................................................................4
INTRODUCTION............................................................................................................................................................4
LESSON OVERVIEW.....................................................................................................................................................4
MODULE OBJECTIVES.................................................................................................................................................4
REFERENCE ..................................................................................................................................................................5
LESSON 1: DATA PLATFORM OVERVIEW ....................................................................................................7
INTRODUCTION............................................................................................................................................................7
DATA SERVICES IN A NUTSHELL...............................................................................................................................7
ROUTING PLATFORM ..................................................................................................................................................7
DATA INTERFACES......................................................................................................................................................8
DATA SERVICES CONFIGURATION............................................................................................................................8
LESSON 2: NETWORK CONFIGURATION MANAGER ..........................................................................11
INTRODUCTION..........................................................................................................................................................11
NCM OVERVIEW.......................................................................................................................................................11
NCM COMPONENTS..................................................................................................................................................11
NCM Server..........................................................................................................................................................11
NCM Client..........................................................................................................................................................12
NCM CAPABILITIES & FUNCTION..........................................................................................................................12
BCM Configuration Capabilities .....................................................................................................................12
Data Router Management..................................................................................................................................13
Database Functions............................................................................................................................................13
Additional Functionality....................................................................................................................................14
New NCM Wizards..............................................................................................................................................14
LESSON 3: CONFIGURING DHCP & DNS SERVICES...............................................................................17
INTRODUCTION..........................................................................................................................................................17
DHCP OVERVIEW.....................................................................................................................................................17
DHCP CONFIGURATION...........................................................................................................................................18
DHCP Summary ..................................................................................................................................................18
DHCP Service Mode ..........................................................................................................................................18
DHCP Global Options.......................................................................................................................................18
DHCP Scope Configuration..............................................................................................................................19
Configuring an Address Range.........................................................................................................................19
Configuring Excluded Addresses .....................................................................................................................19
Configuring Reserved Addresses......................................................................................................................19
Configuring a Remote Scope.............................................................................................................................19
Configuring BCM as a DHCP Relay Agent ...................................................................................................19
DNS PROXY SERVICE...............................................................................................................................................20
DNS CACHE MODE...................................................................................................................................................20
LESSON 4: CONFIGURING ROUTING SERVICES .....................................................................................21
INTRODUCTION..........................................................................................................................................................21
NETWORK INTERFACES............................................................................................................................................21
ROUTING & WAN PROTOCOLS...............................................................................................................................21
IP ROUTING................................................................................................................................................................22
Summary Screen..................................................................................................................................................22
RIP Global Options............................................................................................................................................22
OSPF Global Options........................................................................................................................................22
ROUTING PROTOCOL SELECTION............................................................................................................................22

Page 2 BCM 3.0 FasTrack
STATIC ROUTES.........................................................................................................................................................23
ROUTING WITH RIP..................................................................................................................................................23
ROUTING WITH OSPF..............................................................................................................................................23
Non-Broadcast Multi-Access (NBMA) Neighbors.........................................................................................24
LESSON 5: CONFIGURING ADDITIONAL DATA SERVICES ...............................................................25
INTRODUCTION..........................................................................................................................................................25
CONFIGURING SNMP SERVICES.............................................................................................................................25
SNMP Summary ..................................................................................................................................................25
SNMP Communities............................................................................................................................................25
SNMP Managers.................................................................................................................................................26
SNMP Traps.........................................................................................................................................................26
QUALITY OF SERVICE MONITOR.............................................................................................................................26
Mean Opinion Score...........................................................................................................................................27
WEB PROXY & WEB CACHING...............................................................................................................................27
NET LINK MANAGER SERVICE................................................................................................................................28
ALARM SERVICE........................................................................................................................................................29
NETWORK ADDRESS TRANSLATION.......................................................................................................................29
NAT Summary ......................................................................................................................................................30
NAT Rule Settings...............................................................................................................................................30
NAT Rule Order...................................................................................................................................................30
Nat Rule Examples..............................................................................................................................................31
NAT and IP Firewall filters...............................................................................................................................32
NETWORK TIME PROTOCOL.....................................................................................................................................32
LESSON 6: CONFIGURING VPN SERVICES .................................................................................................33
INTRODUCTION..........................................................................................................................................................33
VPN SERVICES OVERVIEW......................................................................................................................................33
PPTP CONFIGURATION............................................................................................................................................33
PPTP Overview ...................................................................................................................................................33
Adding PPTP Clients..........................................................................................................................................34
PPTP Tunnels......................................................................................................................................................34
PPTP Tunnel Summary......................................................................................................................................34
PPTP Link Parameters.......................................................................................................................................34
PPTP Authentication..........................................................................................................................................34
PPTP Destination Networks..............................................................................................................................34
IPSEC CONFIGURATION............................................................................................................................................35
IPSec Overview ...................................................................................................................................................35
IPSec Global Settings.........................................................................................................................................36
Adding an IPSec Tunnel.....................................................................................................................................36
LESSON 7: CONFIGURING POLICY SERVICES .........................................................................................37
INTRODUCTION..........................................................................................................................................................37
POLICY SERVICES OVERVIEW.................................................................................................................................37
Differentiated Services (DiffServ) ....................................................................................................................37
Multi-Protocol Label Switching (MPLS)........................................................................................................37
POLICY CONFIGURATION.........................................................................................................................................38
QoS Summary ......................................................................................................................................................38
Policy Group Tables...........................................................................................................................................38
Interface Queue Table........................................................................................................................................39
DSCP Queue Assignment...................................................................................................................................39
Policy Rules..........................................................................................................................................................39
Rule Groups.........................................................................................................................................................39
Actions...................................................................................................................................................................40
Creating Policies.................................................................................................................................................40
COMMON OPEN POLICY SERVICES (COPS)..........................................................................................................41

COPS Client Configuration...............................................................................................................................41
COPS Status.........................................................................................................................................................41
COPS POLICY AGENT ..............................................................................................................................................42
Policy Agent Management.................................................................................................................................42
Agent Policy Server ............................................................................................................................................42
Policy Class Table..............................................................................................................................................42
Device Identification...........................................................................................................................................42
LESSON 8: CONFIGURING THE FIREWALL SERVICE..........................................................................45
INTRODUCTION..........................................................................................................................................................45
FIREWALL OVERVIEW..............................................................................................................................................45
CONFIGURING THE FIREWALL SERVICE.................................................................................................................45
Firewall Summary...............................................................................................................................................45
Firewall Logging.................................................................................................................................................46
Firewall Rules......................................................................................................................................................47
Rule Order............................................................................................................................................................47

Page 4 BCM 3.0 FasTrack
Module 7:
Data Networking Services
Introduction
Business Communications Manager v3.0 has a highly comprehensive set of
data features. These features allow BCM to perform functions that used to
take several pieces of data equipment to accomplish. In this module we will
cover the BCM Data capabilities, from routing options, Quality of Service,
Data Services, VPN, Policy capabilities, to typical applications. We will
discuss each of these in depth.
Lesson Overview
Lesson Description
1 Data Platform Overview
2 Configuring DHCP & DNS Services
3 Configuring BCM v3.0 Routing Services
4 Configuring Additional Data Services
5 Configuring VPN Services & Tunnels
6 Configuring Policy Services
7 Configuring the Stateful Firewall Service
Module Objectives
In this module you will learn the following:
• Understand the BCM v3.0 data services and their respective
components
• How to Configure the DHCP and DNS services
• How to Configure RIP and OSPF routing services
• Understand the concept of VPNs and how to configure them on the
BCM

• Understand and configure the additional data services supported on
the BCM and how to configure each
• How to configure policy services and policy management
• How to configure the stateful firewall service
Reference
NTP
Document
Title
P0993474 IP Telephony Configuration Guide
P0993211 Programming Operations Guide

Lesson 1: Data Platform Overview Page 7
Lesson 1:
Data Platform Overview
Introduction
This lesson is a general overview of the BCM v3.0 data platform of services.
In this lesson you will learn the different service categories, and the roles for
which they are designed. We will also discuss capacity and limitations.
Data Services in a Nutshell
The BCM v3.0 is targeted towards small- to- medium-sized businesses and
provides complete coverage for customer voice and data needs from a single
platform. It supports TDM- and IP-based telephony and provides
application support for Internet access, Voice Mail, and Call Center from a
web-based system management tool known as Unified Manager.
Routing Platform
The BCM IP routing platform is compatible with some of the industries’
most popular components and protocols, including Nortel Networks
Contivity and BayRS products. Web server and remote access are provided
by Apache Server, and WinNT RRAS.
Programming for the IP routing is performed through the Unified Manager
tool. Integral components of the BCM are the FastPath, which optimizes
data packet transfers between LAN-to-LAN interfaces, and the QoS driver,
which uses a DiffServ algorithm to prioritize and direct IP traffic.
The BCM 3.0 can be connected to a pure IP network and provide numerous
functionality such as:
• Dedicated Internet Access (direct connection over BCM WAN [T1
or Frame Relay] or LAN port [Cable/xDSL])
• Dial on Demand Internet Access over a PRI connected to the BCM
which is shared for voice and data
• Internet and Intranet access over an established external WAN
• A Corporate Network using VPN (either PPTP or IPSec)
• Client VPN tunnels via the Internet (IPSec)
• A Corporate IP Telephony Network over the established LAN/WAN

Page 8 Lesson 1: Data Platform Overview
The BCM 3.0 can also be connected into a legacy network using products
such as the Passport ARN, Passport 2430, or any Cisco series router.
Figure 1: BCM connected into a legacy network
Data Interfaces
The BCM v3.0 comes equipped with two twisted pair Ethernet LAN ports.
An optional WAN card with integrated CSU/DSU can be ordered
separately. In a pure IP network with one LAN and one WAN interface, the
following services can be provided by the BCM.
• Dedicated Internet Access
• Dial-on-Demand Internet Access
• Dedicated Intranet Access
• Internet and Intranet Access
• Corporate Network using VPN
• Corporate IP Telephony Network
The dual LAN card configuration is used either in Cable/DSL deployments
or when use of an external router is required to support legacy protocols.
Examples of such devices include:
• Passport ARN Router
• Passport 2430 Router
• Cisco 2000 & 7000 Series Routers
Data Services Configuration
Using Unified Manager, we can select the Services option and immediately
see a status, version, and description of all services (data and voice)
provided by the BCM. In this particular snapshot we see many of the data
services either Up, Enabled, or Disabled. This screen is very helpful when

Lesson 1: Data Platform Overview Page 9
troubleshooting the BCM. We will discuss each of these services in this
module.
Figure 2: Available Services Screen

Lesson 3: Configuring DHCP & DNS Services Page 11
Lesson 2:
Network Configuration Manager
Introduction
Business Communications Manager v3.0 introduces the addition of a new
configuration tool called the Network Configuration Manager or NCM.
Unified Manager is still the primary configuration interface for BCM,
however NCM allows multiple BCMs to be administered from a central
point. In this lesson you will learn about the different capabilities of NCM
and the requirements for implementing this time saving application.
NCM Overview
Unified Manager is an innovative configuration too that allows a BCM to be
configured from any Java enabled browser on the same data network. Each
BCM could be managed from a central location, however each BCM must
be managed individually. If the Auto Attendant greeting needed to be
changed on 20 BCMs, then each BCM must be configured individually.
The new Network Configuration Manager (NCM) eliminates the problem of
having to individually manage each BCM by storing configuration data on
all BCMs in a central database and allowing configuration changes to be
exported to a number of BCMs at one time.
The NCM is a client/server application. The server is responsible for
importing, exporting, and archiving BCM configuration information. The
client application provides GUI for administrators. Changes are made to a
BCM’s configuration via the client. Those changes are stored on the NCM
server, and pushed to a working BCM through the exporting process. Once
the configuration has been exported to the BCM, the server database is
synchronized with that BCM.
NCM Components
NCM Server
The NCM server runs on a Windows 2000 or NT 4.0 server or workstation
platform. The minimum hardware requirements for the NCM are as
follows:
• Intel Pentium III 700Mhz or higher
• 512 Megabytes of RAM

Page 12 Lesson 2: Network Configuration Manager
• 4 Gigabytes of Hard Disk Space
• Service Pack 2 (if on Windows 2000 Server or Workstation)
• Service Pack 6a (if on Windows NT 4.0 or Workstation)
The NCM database can utilize the silently installed, embedded Cloudscape
database provided that less than 2500 devices are being managed. Oracle
8.1.7 is a separately installed product that can be used if more than 2500
databases will be managed
NCM Client
The NCM client can be run on Windows 95, 98, 2000, XP, or Solaris. In
addition, any Java enabled browser on any platform can access the NCM
server and perform administration tasks.
The NCM client software comes with the NCM CD package. Should the
package not be available then the client can be installed from the Web Client
Main page.
To connect to the web client from a web browser, simply type in the fully
qualified domain name (FQDN) in the address field. For example, if the
server name is “ncmserver” and the domain name is “mydomain.com” then
you would type in “ncmserver.mydomain.com” in the address field.
NCM Capabilities & Function
The NCM has a large number of capabilities and functions that allow an
administrator to completely control any number of BCMs. Such functions
include:
BCM Configuration Capabilities
NCM allows you to import, export, archive, and compare BCM
configurations. To perform many of these functions SNMP must be enabled
on each BCM that NCM will manage.
Configurations can be retrieved from existing BCMs through a process
called importing. The import process uses SNMP to retrieve configuration
data from the BCM, and FTP to retrieve greeting files and other information
not attainable through SNMP.
Configurations can be pushed out to a BCM through the export process, or
via the included TFTP server. With exception of the TFTP process the same
process and protocols used in the import process are used.

The NCM can also perform backups and store multiple BCM
configurations. This process is called archiving and essentially executes the
BRU utility on each BCM. The configuration information is stored on the
NCM server. The archive process can be performed using FTP or TFTP
protocols. It is important to note that TFTP is an unreliable data transport.
Although, it is IP based, it utilizes the UDP protocol as a data transport.
Should packets be lost in the transfer, TFTP has no way to recover. FTP is a
connection oriented transport and can queue a resend if data does not arrive
or is corrupted.
In addition to importing, exporting, and archiving, the NCM allows you to
check a BCMs configuration against what is stored on the NCM through a
process called compare. This permits an NCM administrator to ensure that
a BCM is synchronized with the NCM’s database.
Data Router Management
The following data/router management operations can be performed from
the NCM:
View and Modify
• DHCP
• IP Router
• Network Address Translation (NAT)
• Simple Network Management Protocol (SNMP)
• Firewall Filters
• NetLink Manager
• Domain Naming Service (DNS)
• Network Time Protocol (NTP)
• VPN Clients and Tunnels
• Policy & QoS
Database Functions
The NCM allows you to organize BCM configurations in a tree-like system
using folders and domains. This is of particular interest in large
installations.
You can provide the NCM with a list of IP addresses to check and it will
automate the process of populating the database. This can save time if there
are many BCM configurations to import. The process is completely

Page 14 Lesson 2: Network Configuration Manager
automated so an administrator does not have to sit by the server and import
configurations one at a time.
Database inventory can be generated and posted in HTML format.
Additionally, an administration can search the database on any number of
parameters to locate a specific BCM if it cannot be quickly found through
the navigation windows. Searches may also be saved as shortcuts.
Additional Functionality
The following functions are also provided:
• System Inventory
o View & print system inventory report
o View telephone set & user inventory
o View line & trunk inventory
• Licensing
o View & apply keycodes
• Management Tools
o Launch Unified Manager
o Launch Desktop Assistant Pro
o Launch Telnet session
• System Security
o Bulk password changes
o SNMP community string changes
• Voice Applications
o Copy complete voice application data to multiple systems via
the file management restore operation
o Copy greetings & greeting tables to multiple systems
o Copy CCR trees to multiple systems
• Call routing management (routes, destination codes, etc…)
New NCM Wizards
Ten new wizards are included with the NCM:
• Add/Change Users
• Auto Attendant Company Greeting
• Multi-System Call Routing
• Keycode Updates
• Report Generator
• H.323 Remote Gateway

• IVR Application
• SNMP Alarm Management
• Restriction Filters
• Bulk Password Change
• Software Maintenance

Lesson 3:
Configuring DHCP & DNS Services
Introduction
In the last module we learned about the new additions to the Dynamic Host
Configuration Protocol (DHCP) service. In this lesson we will take a closer
look at the DHCP service and configure it for use in an IP network.
DHCP Overview
The BCM provides Dynamic Host Configuration Protocol (DHCP) service
to branch office clients. This service dynamically assigns IP addresses to
branch office clients and IP telephones, so you do not need to manually
assign them.
In addition, BCM v3.0 DHCP services can communicate other pertinent IP
parameters to clients such as the default gateway (router), primary and
secondary DNS server addresses, WINS server address, NetBIOS node type,
VLAN ID, and IP Terminal information (i.e. primary and secondary call
server address & port information). The amount of time an IP station can
use an address before renewing, or Lease Time, can also be configured in
seconds.
DHCP features for BCM v3.0 include:
• DHCP Remote Scope (a remote network that uses the BCM DHCP
server to get IP addresses.)
• DHCP Relay Service (service that relays non-routable DHCP
requests to a DHCP server configured to handle remote scopes)
• Reserved Addresses (allows you to assign IP addresses to specific
DHCP clients)
• Nortel IP Clients Support (Communicates primary and secondary
call server IP address and port information to IP clients such as the
i2050 and i2004).
• VLAN ID (Communicates the VLAN number that stations will be
placed on)

Page 18 Lesson 3: Configuring DHCP & DNS Services
DHCP Configuration
DHCP Summary
To access the DHCP programming, select the DHCP option under the
Services menu. The DHCP summary tab displays the service description,
service version, and status of the service.
DHCP Service Mode
The DHCP Mode tab menu allows you to set the function of the DHCP
service. Possible settings are DHCPServeror DHCPRelayAgent.
When the BCM is set to server mode it is capable of providing IP addresses
to both locally attached and remote networks. Directly attached and remote
workstations may obtain IP addresses and other configuration information
from the BCM.
If the BCM is set to RelayAgent mode it monitors the local interfaces for
any DHCP requests. It will capture any seen requests and forward them on
to the IP address of the remote DHCP server. The BCM will attach the
subnetwork address that the request was captured from as well as its own
address to the DHCPRelay packet. This is done so the remote DHCP server
knows what scope to assign an address from and which server to send it
back to for transmission on to the requesting client station.
Refer to p.539 in the Programming Operations Guide
DHCP Global Options
The global options portion of DHCP configuration is where changes that
affect the DHCP service are made.
Figure 3: DHCP Global Options Menu
All settings on this screen affect all configured local and remote DHCP
scopes. These values are passed with every DHCP address offering.

DHCP Scope Configuration
If the BCM is set to act as a DHCP server then an Address Scope must be
defined in the BCM. The address scope is a range of IP addresses the
DHCP server will assign and the additional configuration parameters it will
communicate to requesting clients.
The Scope Specific Options tab menu located under Services/DHCP/Local
Scope/LAN1. Each LAN interface can have only one local IP address
scope defined. If your BCM has two LAN interfaces, then you will see
LAN1 and LAN 2 under the Local Scope heading. In this configuration
menu you can set the additional IP configuration parameters (i.e. default
gateway, DNS, WINS, etc…) that are sent to the client along with the IP
address.
Note: The BCM automatically assigns these addresses for you based on the
IP address for the interface. You should not need to change these values.
Lease Time for address expiration can be configured in seconds. The
default value equates to 72 hours.
Scope Status permits the enabling and disabling of the Scope.
Configuring an Address Range
Configuring Excluded Addresses
Configuring Reserved Addresses
Configuring a Remote Scope
Configuring BCM as a DHCP Relay Agent

Page 20 Lesson 3: Configuring DHCP & DNS Services
DNS Proxy Service
When BCM receives DNS requests from clients, it first checks its local
cache for the name. If the name is found locally, Business Communications
Manager immediately returns that information to the client. Otherwise, the
BCM creates a new DNS request to the remote Primary or Secondary DNS
servers on behalf of the client. If the remote DNS server responds with the
requested records, they are forwarded to clients and cached in Business
Communications Manager.
For security reasons, the DNS Proxy hides the internal client’s IP addresses
from the network.
DNS Cache Mode
In addition to the proxy function, BCM will also cache the DNS response
locally. The next time a name resolution request for the cached DNS name
is received by the BCM, it will pull the IP address from its local cache as
opposed to sending a DNS proxy request to the primary or secondary DNS
servers. This function improves response time and reduces load on the
network and the primary and secondary DNS servers.
F
i
g
u
r
e
4
:
D
Figure 5: DNS Summary Screen

Lesson 4: Configuring Routing Services Page 21
Lesson 4:
Configuring Routing Services
Introduction
The BCM can function as a router running RIP 1, RIP II, or OSPF. In this
lesson you will learn about the different routing interfaces and protocols
available on the BCM, and how to configure each.
Network Interfaces
The BCM comes equipped with two embedded 10/100Base-T Ethernet LAN
interfaces. An additional WAN card must be purchased separately.
WAN interface card — a network interface card with a T1 interface and
sync port that connects the Business Communications Manager system to
the wide area network (WAN). The WAN card connects to a T1 PSTN line
with an integrated T1 DSU/CSUs (North American). The WAN card can
also connect to a T1 PSTN line with an X.21 or V.35 interface (Europe,
Middle East, Africa (EMEA)) using an external CSU/DSU.
Up to 8 ISDN channels (PRI or BRI) and the V.90 modem can be used for
WAN dial up and backup purposes.
The V.90 modem, ISDN dial up, and the LAN interfaces can be used to
manage the system.
Routing & WAN Protocols
The BCM provides a Fast Forwarding function for LAN-to-LAN data
connections that significantly increase data transfer performance between
LAN ports. To do this, traffic bound for the opposite LAN interface
bypasses NAT, IP Firewall Filters, IPSec tunnels, and Quality of Service
(QoS) processes. Each of these services would normally view the traffic
and pass it on to the next process. By circumventing these processes the
LAN-to-LAN interface high routing performance can be achieved.
However, this feature cannot be used if any of the afore mentioned services
are in use.
• Fast forwarding function (LAN to LAN)
• Routing Protocols
o RIP
o RIP2

Page 22 Lesson 4: Configuring Routing Services
o OSPF
o IPX Routing Protocols: RIP and SAP
• WAN Protocols
o Frame Relay
o PPP
o MLPPP (Multi-Link PPP)
o PPP over Ethernet (PPPoE)
IP Routing
The “Services/IP Routing” tab in the Unified Manager is the location where
global IP routing service and protocol parameters are stored and configured.
Summary Screen
RIP Global Options
OSPF Global Options
Routing Protocol Selection
After you configured the IP Routing Global Settings, you must configure
each available network interface to use the routing protocol of your choice
or static routes.
Note: You must use the same routing protocol on all interfaces. For
example, you cannot configure your LAN1 interface to use RIP and your
WAN1 interface to use OSPF.
Routing Protocol choices for each interface are RIP, OSPF, or None (if you
are going to use Static Routes)

Lesson 4: Configuring Routing Services Page 23
Static Routes
You can add Static Routes to the Business Communications Manager
routing table. Static routes added to the routing table take precedence
over dynamic routes.
To add a Static Route, click the Configurationoption and select Add Static
Route.
Static Route (SR#) - Assign a number to the static route. For example, the
valid static route number for the first static route is SR1. The function of the
static route number is to uniquely identify a route. If you add more than one
static route, use sequential numbers. If you use the number of an existing
static route, the system modifies the existing static route. If you use non-
sequential, numbers the system automatically reassigns sequential numbers.
When you modify a static route, you cannot change the Static Route
number.
Destination address -Enter the IP address of the destination network or
host.
Destination mask -Enter the subnet mask corresponding to the destination
address.
Next Hop Router -Enter the IP address of next hop router.
Metric Value -Enter the metric value associated with the interface. The
system adds the metric to the hop count of the routes received through the
interface.
Routing With RIP
Beneath the Services/IP Routing header we find headings for LAN1,
WAN1, and WAN2. The summary tab menu displayed when one of these
headers is selected is where the routing protocol to be used is set. Once you
choose a routing protocol, if you need to change it later, you must select
None the choose the new routing protocol.
Routing With OSPF
If you chose OSPF as the Routing Protocol, you must define the OSPF
parameters by clicking the OSPF Parameters tab.

Page 24 Lesson 4: Configuring Routing Services
Non-Broadcast Multi-Access (NBMA) Neighbors
Frame Relay on Business Communications Manager is a Non Broadcast
Multiple Access (NBMA) network. NBMA is a network that can connect
two or more routers, but has no hardware broadcast capability. For
OSPF to function properly on an NBMA network, you must configure
OSPF to unicast to the IP addresses of the routers on the network. The OSPF
NBMA Neighbors screen allows you to enter IP addresses of the NBMA
Neighbors.
To add the OSPF NMBA Neighbors, click Configuration and select Add
OSPF Neighbor.

Lesson 5: Configuring Additional Data Services Page 25
Lesson 5:
Configuring Additional Data Services
Introduction
Business Communications Manager v3.0 has many new additional data
services. In this lesson you will learn how to configure the following
additional data services:
• Simple Network Management Protocol
• Quality of Service (QoS) Monitor
• Net Link Manager
• Web Cache & Web Proxy
• Network Address Translation
Configuring SNMP Services
SNMP Summary
The SNMP service in BCM responds to requests from management stations,
generates SNMP traps corresponding to events and reports to trap subscriber
stations.
The Summary tab reflects the Description, Version, and Status (Up,
Disabled, Enabled) of the SNMP service. Authentication Failure Traps
(Enabled or Disabled) are traps sent when a login attempt to access SNMP
services fails.
SNMP Communities
To add Communities, click Configuration and select Add Community. A
new screen will pop up and require a Community List Number (number
must be preceded by “C”), Community Name, and Access Permission.
The community name allows you to specify the name of the community that
the individual managers use to interact with this agent. The name is case
sensitive.
• The default community names are Public and Private.

Page 26 Lesson 5: Configuring Additional Data Services
• If there are no community names listed, then all community names
are accepted.
• All the community names are global to the agent. In other words,
you cannot associate a specific community name with a single
management station.
• You can set read-only and read-write community names.
SNMP Managers
You can set a list of permitted managers. When set, the agent responds to
SNMP manager’s requests from those IP hosts only.
To set the list, click Configuration and select Add Manager. A screen will
pop up and require a Manager List # (number must be preceded by “M”)
and the Manager IP address.
An empty list of permitted managers implies that the agent responds to
requests from anyone.
SNMP Traps
You can set trap communities. Each trap entry identifies the community
name that must be used and the manager addresses.
To set Trap Communities, click Configuration and select Add Trap
Community.
A screen will pop up that requires the Trap Community Number (number
must be preceded by “T”), Community Name, and Manager IP address.
Quality of Service Monitor
The BCM IP telephony Quality-of-Service (QoS) Monitor periodically
monitors the delay and jitter of IP networks between two peer gateways. The
Business Communications Manager QoS Monitor uses the same method as
the Meridian 1 ITG.
The main objective of the QoS Monitor is to allow new IP telephony calls to
fall back to the PSTN if the IP network quality falls to an unacceptable
level. Unacceptable does not mean the IP network is down, but it does
mean that, based on the thresholds configured, the IP network cannot
support VoIP calls at that time.
Clicking the QoS Monitor option provides a Summary menu that gives the
description, version, and Status (Up, Enabled, Disabled).

Refer to p.102 in the IP Telephony Configuration Guide
Mean Opinion Score
If you configure or create remote gateways, the mean opinion scores of the
connections to these remote gateways are displayed in the screen. The mean
opinion scores are a measure of the quality of the voice link, while using
an IP trunk, for each codec type. Each configured gateway appears on a
separate row.
Each row consists of the fields for the name of the remote gateway, its IP
address, the status of the QoS monitoring for the connection, and the mean
opinion scores for each allowed voice codec type and for each direction.
If the QoS Monitor setting for the remote gateway entry is Disabled, the
MOS values for the remote gateway appear as N/A. If the QoS Monitor
service is disabled or down for any reason, all MOS values appear as N/A.
Also, if no MOS reports are received from a remote gateway, the MOS
values in the Received (Recv) direction appear as N/A.
In addition, the BCM v3.0 incorporates a new “QoS Indicator” field in the
QoS Monitor screen. This translates call quality into plain English.
Also, BCM v3.0 adds a logging function to the QoS monitor for
troubleshooting purposes. Should call quality degrade and an administrator
is not available, the logs can be checked at a later time to help ascertain
what the cause of the problem was.
Web Proxy & Web Caching
When BCM is configured as a web proxy with web caching:
• Previously downloaded information is stored for future use by all
workstations on the LAN, therefore, workstations can have shorter
download times.
• BCM retrieves information from the Internet only if it is not already
cached or if the cached file is out of date compared to the
information on the Internet. This not only avoids unnecessary
download time but also reduces the potential for introducing delay
time sensitive ( i. e. voice) traffic transiting the WAN link.
• The web proxy also provides extra security since it hides all of the
internal browsers’ IP addresses from external web servers. External
web servers see only the BCM’s IP address.

• When you use BCM as a web proxy, BCM can store, or cache,
information downloaded from the Internet. A proxy is a server that
acts on behalf of another. Web caching allows LAN workstations to
share common information downloaded from the Internet.
• The web proxy also provides security features similar to the DNS
proxy. It hides all of the IP internal browsers’ addresses from
external web servers. External web servers see only the BCM IP
address.
Click the Web Cache option to configure the settings.
Net Link Manager Service
Net Link Manager is a Business Communications Manager service that
provides constant primary link status monitoring. Net Link Manager is also
where you select your WAN primary and backup interfaces, and the default
route for the BCM.
When Net Link Manager detects a primary WAN link failure, Net Link
Manager automatically establishes a backup WAN connection, if one is
configured. Net Link Manager monitors the WAN primary link by
performing multiple tests. When a predetermined number of tests fails, Net
Link Manager establishes the backup connection. In the event of a failure,
Net Link Manager moves all static routes and the default route to the backup
interface. Once the link is back up, all routes are restored to normal.
The Summary tab provides a description, version, and Status (Up, Enabled,
Disabled).
To configure the Net Link Manager service you must first define the
Primary WAN connection mode as either Permanent or Dialup. It is
recommended that Dial Up be used solely as a backup means.
After selecting the Primary WAN connection, you must define the attributes
for the connection.

Alarm Service
Business Communications Manager Alarm Service performs the following
functions:
• Monitors Windows NT event logs for incoming events.
• Synchronizes Windows NT logs with Business Communications
Manager alarm database.
• Receives events (alarms) from other Business Communications
Manager applications through its API and logs the events in the
Business Communications Manager database.
• Archives alarm history based on the criteria defined in Alarm
Manager.
• Monitors the alarm configuration changes and updates SNMP trap
agent and Alarm Service.
Refer to p.707 in the Programming Operations Manual
Network Address Translation
BCM provides security and firewall features to protect your private data
resources from outsiders. The Network Address Translation feature is a
network security feature that translates IP addresses used within your private
network to different IP addresses known to Internet users outside your
private network.
NAT can also perform Port Address Translation. This feature is used when
performing Many-to-One address translation; a scheme in which many
private IP addresses are translated to a single public IP address. Using Port
Address Translation, the BCM associates a private IP address with a TCP or
UDP port number. The private IP/port association is removed after a
specific inactivity timeout period.
Static NAT
Static NAT is the one-to-one mapping of an IP address on your private
network to an IP address from outside your network. Inbound rules must
have external IP addresses mapped to specific internal IP addresses.
Dynamic NAT
Dynamic NAT is the mapping between a private network and the outside
network, of one address to a pool of addresses, a pool of addresses to one

address or a pool of addresses to another. The mappings are made in a
translation table and remain there until the table is cleared or until an entry
times out.
NAT Summary
The Summary tab provides a description, version, and Status (Enabled,
Disabled) of the Network Address Translation service.
NAT Rule Settings
NAT is configured through the creation of rules that govern the handling of
network traffic. The NAT settings can be set on any or all of the LAN and
WAN connections.
To add a Rule, click Configuration and select Add Rule.
NAT Rule Order
If you choose Enabled for the Default Rules, two default rules are set. One
is for TCP/UDP and the other for IP. Both default rules are outbound. These
rules allow all outbound traffic to pass and stop all inbound traffic. The IP
address for the Public address is the IP address of the interface you
configure. The system automatically fills in the rule order. If you choose to
add additional rules, the default rules still remain. If you choose Disabled,
the Default Rules are removed.
Note: The default rules are only for traffic initiated in the outbound
direction. You must add rules for inbound traffic or packets will pass in
without translation.
Note: Before you can specify the Rule Order you must first add the Rules.
After the Rules have been added, you can define to order to be followed by
entering the Rule numbers, each separated by a comma.

Nat Rule Examples
Figure 6: Rule translating IP Phone Traffic Figure 8 (Above): Rule translating all
outbound TCP/UDP traffic to a legal Internet
IP Address. (Port Address Translation)
Figure 9 (Left): Rule translating all outbound
IP traffic to a legal Internet IP address.

NAT and IP Firewall filters
When you use NAT and IP Firewall filters, there are two interactions you
need to be aware of.
• On inbound traffic, the NAT rules are applied before the IP Firewall
Filter rules.
• On outbound traffic, the IP Firewall Filter rules are applied before
the NAT rules.
Network Time Protocol
Network Time Protocol (NTP) is an IP protocol that allows you to
synchronize the time on your network devices. The NTP Client allows you
to synchronize the time on your Business Communications Manager system
with an NTP Server on your network or on the Internet.
NTP Server Address -Enter the IP address of the NTP Server to which you
are synchronizing the Business Communications Manager time.
Maximum Time Adjustment -Enter the maximum time adjustment in
seconds.
Exit After Setting Time Once -Select whether the NTP Client exits after a
time adjustment.
Set Time Every -Enter the number of seconds between time updates.
Minimum Time Adjustment -Enter the time difference that must exist
between the Business Communications Manager and the NTP Server before
a time adjustment is made.
NTP Client Service Start Type -Select whether the NTP Client Service
starts automatically.

Lesson 6: Configuring VPN Services Page 33
Lesson 6:
Configuring VPN Services
Introduction
Business Communications Manager v3.0 incorporates support for Virtual
Private Networking using Point-to-Point Tunneling Protocol (PPTP) or IP
Security Protocol (IPSec). In this lesson you will learn how to configure
VPN services on the BCM.
VPN Services Overview
When connecting two branch offices, the use of a VPN over the public data
network is very efficient if the connection is required only intermittently or
a dedicated point-to-point link is considered too expensive. Also, with the
advent of business-to-business solutions, VPNs can be deployed to provide
secure connections between corporations.
For Virtual Private Networks (VPN), BCM uses the Internet and tunneling
protocols to create secure extranets. These secure extranets require a
protocol for safe transport from the BCM to another device through the
Public Data Network (PDN). BCM uses the PPTP and IPSec tunneling
protocols to accomplish this.
PPTP Configuration
PPTP Overview
PPTP (Point to Point Tunneling Protocol) tunnels are used when a using the
IPX network protocol. Of the two protocols BCM supports (PPTP &
IPSec), PPTP is the only one that can encapsulate and pass IPX traffic.
The BCM PPTP capabilities support:
• Multiple Authentication schemes
• IP Address translation using encapsulation
• IPX tunneling
• RC4 Encryption (56-bit or 128-bit)
• Data packet compression

Page 34 Lesson 6: Configuring VPN Services
• 64 PPTP tunnels can be configured.
Note: Tunnels can only be configured from BCM to BCM or from BCM to
Contivity Extranet Switches.
PPTP Summary
Selecting the Services/VPN/PPTP heading opens up the PPTP Summary
page. This screen controls the PPTP global options.
Adding PPTP Clients
A PPTP Client is a remote Business Communications Manager, Contivity
Extranet Switch or other similar PPTP capable device (not a client PC) that
you allow to connect to this BCM to establish a PPTP tunnel.
To add a PPTP Client, click Configuration and select Add to Client IP
List.
PPTP Tunnels
You can create a PPTP tunnel from a BCM system to another BCM system
or from a BCM system to a Contivity Extranet Switch.
Note: When you create a PPTP tunnel, a user profile is created for the
tunnel. This user profile is the profile a PPTP device uses when it connects
to BCM using this tunnel. The user name for the profile created is the same
as the interface name for the PPTP tunnel.
PPTP Tunnel Summary
After you have added the PPTP tunnel you need to configure the PPTP
settings for that tunnel. Click on the added PPTP tunnel name to program
the Tunnel Summary attributes.
PPTP Link Parameters
The “Link Parameters” tab contains the settings that configure the VPN link
between the BCM and the remote host.
PPTP Authentication
The “PPTP Authentication” tab contains settings for tunnel authorization.
PPTP Destination Networks

Lesson 6: Configuring VPN Services Page 35
A destination network is a remote network on the other side of the tunnel.
The VPN software looks at the destination address of the incoming packets.
If the network portion of the destination address matches a network in the
destination network table then the packet is encapsulated and sent through
the tunnel. If no match is found, the packet is passed on to other internal
services for additional processing.
To add a Destination Network, click Configuration and select Add
Destination Network. Each Destination Network number must be
preceded by the letter “N”.
IPSec Configuration
IPSec Overview
The IPSec is a set of security protocols that authenticate IP connections and
add confidentiality and integrity to IP packets through encryption and
various other checksum mechanisms. IPSec can only encapsulate and
transmit IP traffic. It does not support IPX. Use IPSec when stronger
security for the tunnel is required.
Note: Using higher-level encryption, such as Triple DES, requires more
system resources and increases packet latency. You need to consider this
when designing your overall network.
Other features include:
• Header (AH) protocols
• Encryption can be set for 128-bit 3DES, 56-bit DES or 40-bit DES
• Authentication can be either Secure Hash Algorithm (SHA1) or
Message Digest 5 (MD5)
• Supports NAT, Firewall and Firewall Filters
• Allows up to 20 secure tunnels between BCM and Contivity and/or
BCM to BCM

Page 36 Lesson 6: Configuring VPN Services
IPSec Global Settings
Selecting the Services/VPN/IPSec heading reveals the IPSec Global
Settings tab menu. The IPSec Global Settings must be defined before you
can configure the tunnels.
Adding an IPSec Tunnel

BCM-FasTrack_T0202

Recommended

Recommended

More Related Content

What's hot

What's hot (19)

Similar to BCM-FasTrack_T0202

Similar to BCM-FasTrack_T0202 (20)

BCM-FasTrack_T0202