How to setup Login Banner on Cisco Devices(Router, Switch, ASA) ~ Example

Before being given the opportunity to logon to any Company Cisco network devices, users must be presented with a Login Banner that states whom should be using the system and that monitoring is possible.... it prompt when someone will login into the cisco devices by Telnet and Console that also could be a message for unauthorize accessing of your cisco router, switch and firewall as a notice. So I would like to share How to setup Login Banner, EXEC & MOTD Banner(s) on Cisco Devices(Router, Switch, ASA) including the example...

Banner Typical Use

• Message of the Day (MOTD)  Show before the login prompt. The MOTD banner is displayed on all terminals and is useful for sending messages that affect all users and for temporary messages that may change from time to time, such as “Router1 down for maintenance at midnight.”
• Login  Show before the login prompt but after the MOTD banner. For permanent messages such as “Unauthorized Access Prohibited.”
• Exec  Shown after the login prompt. Used to supply information that should be hidden from unauthorized users.

Let's see how to configure a login benner on Cisco Devices(Router, Switch, ASA)
Switch(config)#banner login {char} {banner text} {char}
For example
Switch(config)#banner login #
Enter TEXT message. End with the character '#'.
*****************************************************************************
WARNING TO UNAUTHORIZED USERS:
This system is for use by authorized users only. Any individual using this system, by such use,
acknowledges and consents to the right of the company to monitor, access, use, and disclose any
information generated, received, or stored on the systems...........
*****************************************************************************
#
Switch(config)#

This can be also used variables like:
|==========================================================|
 Hostname $(hostname)
 Domain $(domain)
 Line $(line)
|==========================================================|

Below are the example display the standard corporate login banner before a user attempts to log into a cisco switch, router and firewall.

Here are a cisco router, switch, ASA, etc.. login banner example, you can download and apply to your cisco devices and/or any other network devices:WARNING.txt, Network Security Team.txt, UNAUTHORIZED USERS.txt, Crimes.txt ...

Related Configuration Commands:
   - Standard Cisco Router Configuration
   - Standard Cisco Switch Configuration
   - Spanning Tree Protocol (STP) - Cisco Systems

Read More

First Hop Redundancy protocol comparison (HSRP,VRRP,GLBP) with the diagram

This time, I will talk about a First Hop Redundancy Protocol (FHRP) that i have already made it as a short note. I could pass CISCO exam because of this so i just would like to share. You can then compare your solution with a suggested solution and apply with your business. Accordingly, you can take advantage of a first-hop redundancy protocol. ... HSRP, VRRP and GLBP are the main three first hop redundancy protocols.

The following table provides difference HSRP, VRRP and GLBP protocols.

Property	HSRP	VRRP	GLBP
Administrative Distances	Hot Standby Router Protocol (HSRP)	Virtual Router Redundancy Protocol (VRRP)	Gateway Load Balancing Protocol (GLBP)
Concept	Provides default gateway redundancy using one active and one standby router; standardized but licensed by Cisco Systems	An open-standard alternative to Cisco's HSRP, providing the same functionality	Supports arbitrary load balancing in addition to redundancy across gateways; Cisco proprietary
Scope	Cisco Proprietary	IEEE Standard	Cisco Proprietary
Standard	RFC 2281	RFC 3768	none
Background	Created by Cisco, for Cisco in 1994	Created by the IETF in 1999	Created by Cisco, for Cisco in 2005
Load balancing	No	No	Yes
Transport	UDP/1985	IP/112	UDP/3222
Default Priority	100	100	100
Default Hello	3 sec	1 sec	3 sec
Timer	Hello 3 sec Hold 10 sec	Advertisement 1 sec Master Down interval 3*Advertisement + skew time	Hello 3 sec Hold 10 sec
Multicast Group	224.0.0.2	224.0.0.18	224.0.0.102
Mac Address	0000.0c07.acxx	0000.5e00.01xx	0007.b4xx.xxxx
IPV6 support	Yes	No	Yes
Interface States	Speak: Gateway election in progress Active: Active router/VG Standby: Backup router/VG Listen: Not the active router/VG	Master: Acting as the virtual router Backup: All non-master routers	Speak: Gateway election in progress Active: Active router/VG Standby: Backup router/VG Listen: Not the active router/VG
Advantages	• Easy to configure, the protocol does not affect the routing tables or hosts configuration. • The traffic increase caused by HSRP is minimal.	• Simplified network management: Deploying VRRP on multicast and broadcast LANs such as Ethernet, you can ensure that the system can still provide highly reliable default links without changing configurations (such as dynamic routing protocols or route discovery protocols) when a device fails, and prevent network interruption due to a single link failure. • High adaptability: A VRRP packet is encapsulated in an IP packet, and supports different kinds of upper layer protocols. • Low network overhead: VRRP defines only one packet type, VRRP advertisement, and only the master in a VRRP group can send VRRP advertisements.	• Efficient use of network resources: multiple paths upstream from the gateways can be utilized simultaneously. • Higher availability: GLBP offers enhanced redundancy eliminating single point of failure of the first-hop gateway. An enhanced object-tracking feature can be used with GLBP to ensure the redundancy implementation mirrors network capabilities. This same feature is also available for HSRP and VRRP. • Automatic load balancing: Off-net traffic is shared among available gateways on a per-host basis, according to the defined load-balancing algorithm. • Lower administration costs: Since all hosts on a subnet can use a common default gateway while load balancing is still achieved, administration of multiple groups and gateways is unnecessary. • Simpler Access-layer design: More efficient use of resources is now possible without configuring additional VLANs and subnets.
Disadvantages	• Three second recovery time is hardly acceptable for real time traffic, such as voice over IP traffic. • HSRP is a weak protocol from the security point of view (see Section 4.5.4). • HSRP is a Cisco proprietary protocol, while in a free patent protocol, further development is feasible.	No security is used, as the offered authentication method is weak.	• Cisco proprietary protocol. • Higher complexity on network management as a result of high number of configurable parameters to take into consideration

The previous diagram illustrates Hot Standby Router Protocol (HSRP) diagram

The previous diagram illustrates the Virtual Router Redundancy Protocol (VRRP)

The previous diagram illustrates Gateway Load Balancing Protocol (GLBP)

Download Configuring HSRP, VRRP, and GLBP excel/pdf [FHRP_HSRP_VRRP_GLBP.pdf | Compare_FHRP_2013.xls]

Read More

Comparison of Routing Protocols EIGRP OSPF BGP with diagram

Now is as good a time to clarify the comparison of Routing Protocols (EIGRP, OSPF and BGP). All routing protocols have their strengths and weaknesses. Thus, to help you select the most appropriate routing protocol for your network. Let's see the comparison routing protocol and the diagram on each routing protocols...

Property	EIGRP	OSPF	BGP
Administrative Distances	Internal - 90 External 170	110	EBGP - 20 IBGP - 200
Method	Advanced distance vector	Link state	Path vector
Summarization	Auto and manual	Manual	Auto and Manual
VLSM	Yes	Yes	Yes
Convergence Speed	Very fast convergence	Fast	Slow
Timers: Update (hello/dead)	Triggered (LAN 5/15, WAN 60/180)	Triggered when network change occurs, send periodic update LSA refreshes every 30 minutes (NBMA 30/120, LAN 10/40)	Triggered (60/180)
Network Size	Large	Large	Very large
Mixed-Vendor Devices	No	Yes	Yes
Use multicast	224.0.0.10	224.0.0.5
Feature	- Partial updates conserve network bandwidth - Support for IP, AppleTalk, and IPX - Runs directly over IP, using protocol number 88 - Support for all Layer2 (data link layer) protocols and topologies - Load balancing across equal-and unequal-cost pathways - Multicast and unicast instead of broadcast address - Support for authentication - Manual summarization at any interface - 100% loop-free classless routing	- Minimizes the number of routing table entries - Contains LSA flooding to a reasonable area - Each routing device takes a copy of the LSA updates its LSDB and forward the LSA to all neighbor devices within area - Minimizes the impact of a topology change - Enforces the concept of a hierarchical network design	- BGP provides the routing betw these autonomouse systems. - BGP uses the concept of autonomous systems (AS). An autonomous system is a group of networks under a common administration. The Internet Assigned Numbers Authority (IANA) assigns AS numbers: 1 to 64511 are public AS numbers and 64512 to 65535 are private AS numbers. - IGP: A routing protocol that exchanges routing infor within AS. RIP, IGRP, OSPF, IS-IS and EIGRP are examples of IFPs. - EGP: A routing protocol that exchanges routing infor betw different AS. BGP is an example of an EGP. - The administrative distance for EBGP routes is 20. The administrative distance for IBGP routes is 200. - BGP neighbors are called peers and must be statically configured. - BGP uses TCP port 179. BGP peers exchange incremental, triggered route updates and periodic keepalives.
Operation	- IP EIGRP Neighbor Table - IP EIGRP Topology Table AD+FD - The IP Routing Table	Neighbor Table Topology Table LSDB Routing Table (LSA-> LSDB-> SPF algorithm-> SPF Tree-> Routing Table)
Function is controlled by	EIGRP’s function is controlled by 4 key technologies: - Neighbor discovery and maintenance: Periodic hello messages - The Reliable Transport Protocol (RTP): Controls sending, tracking, and acknowledging EIGRP messages - Diffusing Update Algorithm (DUAL): Determines the best loop-free route - Protocol-independent modules (PDM): Modules are “plug-ins” for IP, IPX, Novel Netware and AppleTalk versions of EIGRP	Following are several types of areas: - Backbone area: Area 0, which is attached to every other area. - Regular area: Nonbackbone area; its database contains both internal and external routes. - Stub area: It’s database contains only internal routes and a default route. - Totally Stubby Area: Cisco proprietary area designation. Its database contains routes only for its own area and a default route. - Not-so-stubby area (NSSA): Its database contains internal routes, routes redistributed from a connected routing process, and optionally a default route. - Totally NSSA: Cisco proprietary area designation. Its database contains only routes for its own area, routes redistributed from a connected routing process, and a default route.	BGP uses 3 databases. The first two listed are BGP-specific; the third is shared by all routing processes on the router: - Neighbor database: A list of all configured BGP neighbors. To view it, use the show ip bgp summary command. - BGP database, or RIB (Routing Information Base): A list of networks known by BGP, along with their paths and attributes. To view it, use the show ip bgp command. - Routing table: A list of the paths to each network used by the router, and the next hop for each network. To view it, use the show ip route command.
Packet Types/BGP Message Types	EIGRP uses 5 packet types: - Hello: Identifies neighbors and serves as a keepalive mechanism sent multicast - Update: Reliably sends route information unicast to a specific router - Query: Reliably requests specific route information query packet multicast to its neighbors - Reply: Reliably responds to a query replies are unicast - ACK: Acknowledgment	The 5 OSPF packet types follow: - Hello: Identifies neighbors and serves as a keepalive. - Link State Request (LSR): Request for a Link State Update (LSU). Contains the type of LSU requested and the ID of the router requesting it. - Database Description (DBD): A summary of the LSDB, including the RID and sequence number of each LSA in the LSDB. - Link State Update (LSU): Contains a full LSA entry. An LSA includes topology information; for example, the RID of this router and the RID and cost to each neighbor. One LSU can contain multiple LSAs. - Link State Acknowledgment (LSAck): Acknowledges all other OSPF packets (except Hellos).	BGP has 4 types of messages: - Open: After a neighbor is configured, BGP sends an open message to try to establish peering with that neighbor. Includes information such as autonomous system number, router ID, and hold time. - Update: Message used to transfer routing information between peers. Includes new routes, withdrawn routes, and path attributes. - Keepalive: BGP peers exchange keepalive messages every 60 seconds by default. These keep the peering session active. - Notification: When a problem occurs that causes a router to end the BGP peering session, a notification message is sent to the BGP neighbor and the connection is closed.
Neighbor Discovery and Route Exchange	Neighbor Discovery and Route Exchange Step 1. Router A sends out a hello. Step 2. Router B sends back a hello and an update. The update contains routing information. Step 3. Router A acknowledges the update. Step 4. Router A sends its update. Step 5. Router B acknowledges.	Establishing Neighbors and Exchanging Routes Step 1. Down state: OSPF process not yet started, so no Hellos sent. Step 2. Init state: Router sends Hello packets out all OSPF interfaces. Step 3. Two-way state: Router receives a Hello from another router that contains its own router ID in the neighbor list. All other required elements match, so routers can become neighbors. Step 4. Exstart state: If routers become adjacent (exchange routes), they determine which one starts the exchange process. Step 5. Exchange state: Routers exchange DBDs listing the LSAs in their LSD by RID and sequence number. Step 6. Loading state: Each router compares the DBD received to the contents of its LS database. It then sends a LSR for missing or outdated LSAs. Each router responds to its neighbor’s LSR with a Link State Update. Each LSU is acknowledged. Step 7. Full state: The LSDB has been synchronized with the adjacent neighbor.	BGP Peering States The command show ip bgp neighbors shows a list of peers and the status of their peering session. This status can include the following states: - Idle: No peering; router is looking for neighbor. Idle (admin) means that the neighbor relationship has been administratively shut down. - Connect: TCP handshake completed. - OpenSent, or Active: An open message was sent to try to establish the peering. - OpenConfirm: Router has received a reply to the open message. - Established: Routers have a BGP peering session. This is the desired state.
Metric (Calculation)	Bandwidth+Delay	Cost= 100 Mbps/Bandwidth	IBGP – 0 Redistributed routes metric = IGP metric

The previous diagram illustrates the structure of OSPF network

The previous diagram illustrates the structure of EIGRP network

The previous diagram illustrates the structure of BGP network

Here is the datasheet/Camparison sheet of Dynamic Routing Protocols for EIGRP, OSPF and BGP (Download: Compare_Table_Routing.xls)

Read More

Cisco Unified IP Phones 6900 and 7900 series

Cisco Unified IP Phones offer the high-quality, reliable communications your business needs every day. They also add new capabilities that increase your ability to collaborate within the workplace. [Focus on Cisco Small Business Model]

Let's see the product catalog that can be used in both Cisco Small Business and Cisco Enterprise company: Cisco Unified IP Phones 6900 and 7900 Series 

CP-7975G • Graphical color touchscreen display • 8 lines • Power over Ethernet • 10/100/1000 Ethernet switch	CP-7965G • Graphical color display • 6 lines • Power over Ethernet • 10/100/1000 Ethernet switch
CP-7962G • Grayscale graphical display • 6 lines • Power over Ethernet • 10/100 Ethernet switch	CP-7945G • Grayscale graphical display • 2 lines • Power over Ethernet • 10/100/1000 Ethernet switch
CP-7942G • Grayscale graphical display • 2 lines • Power over Ethernet • 10/100 Ethernet switch	CP-7931G • Graphical monochrome display • 24 lines • Power over Ethernet • 10/100 Ethernet switch
CP-7911G • Graphical monochrome display • Single line • Power over Ethernet • 10/100 Ethernet switch	CP-7925G • Graphical color display • 6 lines • Wireless • Bluetooth capable
CP-7921G • Graphical color display • 6 lines • Wireless	CP-7937G • Backlit LCD display • Power over Ethernet • Support for external microphones
CP-7915= • Grayscale LCD display • 7962G, 7965G, and 7975G support • 2 modules supported per IP Phone	CP-7916= • Color LCD display • 7962G, 7965G, and 7975G support • 2 modules supported per IP phone
CP-6901-C-K9= CP-6901-CL-K9= CP-6901-W-K9= CP-6901-WL-K9= • Single line • Power over Ethernet	CP-6911-C-K9= CP-6911-CL-K9= CP-6911-W-K9= CP-6911-WL-K9= • Paper insert • Single line • Power over Ethernet • 10/100 Ethernet switch
CP-6921-CL-K9= CP-6921-W-K9= CP-6921-WL-K9= • Graphical monochrome display • 2 lines • Power over Ethernet • 10/100 Ethernet switch	CP-6941-C-K9= CP-6941-CL-K9= CP-6941-W-K9= CP-6941-WL-K9= • Graphical monochrome display • 4 lines • Power over Ethernet • 10/100 Ethernet switch
CP-6945-C-K9= CP-6945-CL-K9= CP-6945-W-K9= CP-6945-WL-K9= • Graphical monochrome display • 4 lines • Power over Ethernet • 10/100/1000 Ethernet switch	CP-6961-C-K9= CP-6961-CL-K9= CP-6961-W-K9= CP-6961-WL-K9= • Graphical monochrome display • 12 lines • Power over Ethernet • 10/100 Ethernet switch

Update the new one at Cisco.com: http://www.cisco.com/cisco/
Or Download Product Guide at Cisco Small Business Product Guide
Or Download Brochure at Cisco Unified IP Phone

Read More

Configuring Cisco IP Phone Extension Mobility in CME

The following is an explanation of Ciso VoIP Extension Mobility (Communications Manager Express) and describes features in Cisco Communications Manager Express (CME) that provide support for phone mobility for end users.

The network topology diagram shows a setup example (Cisco Extension Mobility)

Benefit of Cisco IP Phone Extension Mobility that serve a user login service allows phone users to temporarily access a physical phone other than their own phone and utilize their personal settings, such as directory number, speed-dial lists, and services, as if the phone is their own desk phone. The phone user can make and receive calls on that phone using the same personal directory number as is on their own desk phone.

How to Enable Extension Mobility by perform the following tasks to enable Extension Mobility in Cisco CME:
Before beginning, please note that serious damage can be caused by entering inappropriate commands. Please be careful when altering the configuration of any router.*

1. Set up and associate the physical phone.
   The easiest way to avoid searching through lines of configuration or hunting an automatically registered phone is to set up the phone association before plugging it in to a switchport on the network. In other words, give the router a "heads up" that the phone is about to be initialized.
THHQRV1-3845# configure terminal
THHQRV1-3845(config)# ephone 1                              #Configuration mode for ephone      
THHQRV1-3845(config-ephone)# mac-address 11aa.22bb.33cc   #The MAC address for the phone
THHQRV1-3845(config-ephone)# button 1:5                #Assign buttons to the phone by using the ephone-dn
THHQRV1-3845(config-ephone)# type 7962                #Set the phone type
THHQRV1-3845# show ephone ?                                  #Show a list of supported phone types.

2. Create Voice user profile for Extension Mobility   
    voice logout-profile To enter voice logout-profile configuration mode to create a logout profile and define the default appearance for a Cisco Unified IP phone enabled for Extension Mobility, use the voice logout-profile command in global configuration mode. To delete an logout profile, use the no form of this command:
THHQRV1-3845# configure terminal
THHQRV1-3845(config)# voice logout-profile 1               #Create logout profile
THHQRV1-3845(config-logout-profile)# pin 123456       #Set a PIN to be used by a phone user
THHQRV1-3845(config-logout-profile)# user logout password logout
       
     To configure a user profile for a phone user who logs into a Cisco IP phone that is enabled for Extension Mobility, perform the following steps:
THHQRV1-3845# configure terminal
THHQRV1-3845(config)# voice user-profile 1               
THHQRV1-3845(config-user-profile)# user 7222 password 45678 
THHQRV1-3845(config-user-profile)# number 7222 type normal
THHQRV1-3845(config-user-profile)# speed-dial 1 90892046844 label "On Call"  

3. Creating Directory Numbers
    Create an ephone-dn by using the following commands after logging into and enabling your router:
THHQRV1-3845# configure terminal
THHQRV1-3845(config)# ephone-dn  1  dual-line        
THHQRV1-3845(config-ephone-dn)# number 7222
THHQRV1-3845(config-ephone-dn)# pickup-group 10            
THHQRV1-3845(config-ephone-dn)# description Sumuscha T
THHQRV1-3845(config-ephone-dn)# name Sumuscha Teesr
THHQRV1-3845(config-ephone-dn)# call-forward busy 7111 
THHQRV1-3845(config-ephone-dn)# call-forward noan 90811711942 timeout 18     

4. Check your running configuration.
    You can check your running configuration (ephone-dn, ephone - and other things)
THHQRV1-3845#show running-config
THHQRV1-3845#show run | beg ephone

Download Sample Configurution VoIP Cisco IP Phone CME CUE visio, pdf documents

Read More

Configuration and Settings Cisco VoIP Tie Line

This article explains how to configure VoIP on Cisco router and composed of the following sections related to VOIP. I have shown following scenarios, configuration, diagrams (and Visio stencile) to make you understand and adapt it to your work.

The Cisco + PBX diagram illustrates the topology of this connection example.

Below are some of the VoIP traffic scenario;
     1. HQ Office -> any IP Telephony site: Since we are on VoIP, traffic will route to available link. In case there will be an outage on Verizon MPLS all traffic including voice will be routed to Brach Office VPN. This might impact a lot on the voice quality because Internet Link will not guaranteed or priority on VPN.

     2. Branch Office -> HQ Office site VoIP call: In case of link outage between two offices. Voice traffic will reroute to VPN -> MPLS before it reaches the HQ Office PBX. Again no guarantee on voice quality because of the path that it will take.

     3. Branch Office -> IP Telephony via HQ Office PBX routing: Outages on either E1 link between two office or Verizon MPLS will “Greatly” impact the quality of voice. Meaning if Branch Office call IP Telephony voice traffic will go to HQ Office, then HQ Office will route call to Branch Office again since MPLS is down, then route to VPN.

The following example shows  the configuration VoIP for Tie Line connection between 2 site with PABx  

hostname BRCM1-3845	hostname HQRV1-7206VXR
isdn switch-type primary-qsig voice-card 1 no dspfarm ! controller E1 1/1 pri-group timeslots 1-17 description --- QSIG Trunk to Nortel PBX ---	card type e1 2 ! isdn switch-type primary-net5 voice-card 0 no dspfarm ! controller E1 0/2/0 pri-group timeslots 1-17 description --- Inbound E1 interface --- ! controller E1 0/2/1 pri-group timeslots 1-17 description --- Outbound E1 interface --- ! controller E1 2/0 pri-group timeslots 1-31 description ISDN/PRI E1 - TelecomAsia vlan internal allocation policy ascending
interface Loopback0 description Loopback for BRCM1-3845 ip address 176.40.203.248 255.255.255.255 no ip redirects no ip unreachables no ip proxy-arp no ip mroute-cache	interface Loopback0 description Hostname:HQRV1-7206VXR ip address 176.40.203.222 255.255.255.255 no ip redirects no ip proxy-arp ip route-cache flow no ip route-cache cef no ip mroute-cache h323-gateway voip interface h323-gateway voip id SGDCGK1 ipaddr 176.44.1.252 1719 h323-gateway voip h323-id HQRV1-7206VXR h323-gateway voip tech-prefix 1# h323-gateway voip bind srcaddr 176.40.203.222
interface FastEthernet0/0 description Connected to LAN no ip address no ip redirects no ip unreachables no ip proxy-arp ip nbar protocol-discovery ip pim sparse-dense-mode no ip route-cache cef no ip route-cache no ip mroute-cache speed 100 full-duplex	interface FastEthernet0/0 description *** OFFICE ETHERNET SEGMENT, THAILAND*** ip address 176.40.200.210 255.255.255.252 no ip proxy-arp ip pim sparse-dense-mode no ip route-cache no ip mroute-cache ip policy route-map Offshore duplex full no mop enabled
interface Serial1/1:15 no ip address encapsulation hdlc isdn switch-type primary-qsig isdn incoming-voice voice no cdp enable	interface Serial0/2/0:15 no ip address encapsulation hdlc isdn switch-type primary-net5 isdn protocol-emulate network isdn incoming-voice voice no cdp enable ! interface Serial0/2/1:15 no ip address encapsulation hdlc isdn switch-type primary-net5 isdn incoming-voice voice no cdp enable
voice-port 1/1:15 cptone TH	voice-port 0/2/0:15 ! voice-port 0/2/1:15
dial-peer cor custom ! dial-peer voice 1000 pots destination-pattern 8596[2-5]... progress_ind setup enable 3 progress_ind alert enable 8 direct-inward-dial port 1/1:15 forward-digits 7 ! dial-peer voice 10001 voip destination-pattern 8T session target ipv4:176.40.203.230 dtmf-relay h245-alphanumeric ip qos dscp ef signaling no vad	dial-peer voice 1000 pots description --- IPT Inbound to Loop --- preference 1 destination-pattern 8[2-9]...... progress_ind setup enable 3 progress_ind alert enable 8 direct-inward-dial port 0/2/0:15 forward-digits 7 ! dial-peer voice 2000 pots description --- IPT Outbound from Loop --- preference 2 incoming called-number . direct-inward-dial port 0/2/1:15 ! dial-peer voice 5127 voip description --- IPT Peer to HQ via HQRV1 --- huntstop preference 3 destination-pattern 512[6-7]... session target ipv4:176.40.203.222 dtmf-relay h245-alphanumeric ip qos dscp ef signaling no vad ! gateway timer receive-rtp 1200

To download the Visio Stencils, sample full configuration go here icons, configuration

Read More

Cisco VoIP Networking Design/IP Telephony

Most of worldwide companies has begun using new telephone sets on a system based on VoIP, Internet Protocol Telephony (IPT), a method for sending voice over the data network instead of through a separate phone network.

This new technology, already adopted by a majority of Fortune 500 companies, offers numerous benefits in terms of cost savings, productivity increases and accommodation of future business growth. In the giant companies especially global companies, VoIP [IP Telephony] is expected to provide a solution to many current telephony challenges including; capacity limitations, voicemail reliability issues, aging equipment and increasing scarcity of vendor expertise in earlier technologies like PBX.

I would like to show you the VoIP system as a diagram that would be benefit for your business.

Use the mouse over the icon (SAP, Mail, Internet, other..) then click you will see the packet flow or download file

The previous diagram illustrates the digital-to-digital scenario

 

The previous diagram illustrates the digital-to-analog scenario

 

 

An end-to-end simple VoIP network architecture

 

You can use it to adapt with your companies in order to gain more utilization in term of current technology as much as you can

Download Sample Enterprise Network Diagram with FLASH PRESENTATION here CiscoVoiceTraffic
 

Read More

Cisco IP Phone User Guide

In this user guide you will find detailed information on using your Cisco IP phone. Your Cisco IP phone 7941G, 7942G, 7945G, 7961G, 7962G, 7965G, 7970 is a full-featured, multi-line telephone replacing the traditional analog phone.

1. Line Appearance Buttons - Indicates your extension number(s).
2. Foot Stand Button - Adjusts the angle of your phone base.
3. Display button - Awakens the touchscreen from sleep mode or disables it for cleaning.
4. Messages Button – Allows you to use the voice message system.
5. Directories Button - Opens/Closes the Directories menu which allows you to see missed calls, received call, placed calls, and faculty/staff directories.
6. Help Button – Allows you to use the Help Menu.
7. Settings Button – Allows you to change telephone settings such as contrast and ringer sound, network configuration, and status information.
8. Services Button - Provides access to telephone services if available.
9. Volume Button - Increases or decreases the volume of the handset or headset, speakerphone, and the ringer volume.
10. Speaker Button - Toggles the speaker on or off for conference calls in your office.
11. Mute Button – Turns the mute feature on or off.
12. Headset Button – Turns the headset on or off for those who use a headset.
13. Navigation Button - Allows you to scroll through menus, highlight items and with the soft key activate the highlighted items.
14. Keypad - Allows you to dial telephone numbers, enter letters, and close menu items.
15. Soft Key Buttons - Each activates the item (soft key) listed above on a menu.
16. Handset Light Strip - Indicates that you have an incoming call and/or a new voice message.
17. Phone Screen – Gives you the time, date, your phone number, caller ID, and other features like redial, new call, etc.

Phone Features
Muting a Call:
     1. Press the MUTE button
             a. To end the mute feature, press the MUTE button again

Placing a Call on Hold
     1. Press the Hold soft key.
             a. To return to the call, press the Resume soft key.
         Tip: If multiple calls are on hold, Scroll with the arrows to select the desired call before you press the Resume key.

Transferring a Call to another telephone:
      1. Press the Transfer soft key
             a. This places the call on hold
      2. Dial the number to which you want to transfer the call
      3. When the number rings, press Transfer again; or when the party answers announce the call and then press Transfer
      4. Hang up if the call is accepted.
      Note: If the party refuses to accept the call, return to the original call by pressing the Resume soft key.

Transferring a Call Directly to a Voice Mailbox
       1. Press the Transfer soft key.
       2. This places the call on hold.
       3. Press the * and Dial the extension to which you want to transfer the call
       4. When the voicemail box answers, press Transfer again

Call Forwarding
   To forward your calls:
       1. Press the CFwdAll soft key.
       2. When the beep tone is heard, enter the number to which you wish to forward.
                a. Forwarding to Voicemail: Press the * and Dial the extension to which you want to transfer the call
                b. Forwarding to on-campus extension: Dial the 4-digit extension
                c. Forwarding to off-campus number: Dial 8 - 1 - area code - phone number
        3. When finished, verify Forwarded to xxxxxxxx is displayed above the LCD screen.
   To cancel call forwarding:
         1. press the CFwdAll soft key.

Placing a Conference Call
   To turn a call into a conference call:
         1. During a call, press the more option and then you should choose the Confrn soft key. (This allows you to place the party on hold while you contact others.)
         2. Place a call to another number to include others on the conference call.
         3. When the call connects, press Confrn again to add the other party to the conference call.
            Notes:
                 a. To place a conference call on hold - Press Hold.
                       i The other parties cannot talk among themselves.
                       ii To avoid disrupting the other callers, consider muting the call instead.
                              -To mute the call - Press Mute.
                 b. To place a conference call on the speakerphone - press Speaker.
                       i Press the Mute button to mute the speakerphone. The conference parties cannot hear you but you can hear them.

The previous diagram illustrates the Cisco Conference Call Scenario.

The previous manual illustrates the IP Phone Manual Guide.

Cisco IP Phone Manual 7940/7960 Models download the pdf file here

Read More

Standard Cisco Switch Configuration

I would like to share Standard Cisco Switch Configuration in order to give readers understand best practices for Standard Cisco Switch Configuration. This concept like previos post "Standard Cisco Router Configuration"

Keep in mind again that the output you are about to see might not exactly match to the following. The output basically varies; it highly depends on your cisco switch models and features activated or used. However in general, it should look something like this.. let us see...

! Standard Cisco Switch Configuartion
!
!
service nagle
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
!
hostname <<Country_Code>>SL1
!
boot-start-marker
boot-end-marker
!
!
logging buffered 128000
!
!
no aaa new-model
clock timezone PST -8
clock summer-time PDT recurring
system mtu routing 1500
vtp domain <<Facility_Code_ALL_CAPS>>
vtp mode transparent
udld aggressive
!
ip subnet-zero
no ip source-route
ip routing
ip domain-name <<Country_Code>>.domain.net
ip name-server 172.26.20.24
ip name-server 172.27.26.36
ip dhcp relay information trust-all
ip multicast-routing distributed
!
!
! DHCP SNOOPING: Prevents rogue DHCP servers from affecting PCs on the VLAN
! IMPORTANT: You MUST put 'ip dhcp snooping trust' on all Layer 2 uplinks, if any,
! for DHCP Snooping to work!
!
! IMPORTANT: Add additional VLANs here if necessary:
ip dhcp snooping vlan <<Data_VLAN_Number>>,<<Voice_VLAN_Number>>
ip dhcp snooping
!
!
errdisable recovery cause udld
!
spanning-tree mode rapid-pvst
spanning-tree portfast default ! Enable PortFast on all ports by default
spanning-tree portfast bpduguard default
spanning-tree etherchannel guard misconfig
spanning-tree extend system-id
spanning-tree backbonefast
!
vlan internal allocation policy ascending
!
!
vlan <<Data_VLAN_Number>>
 name <<Data_Subnet_CIDR_Notation>>_DATA
!
!
vlan <<Voice_VLAN_Number>>
 name <<Voice_Subnet_CIDR_Notation>>_VOICE
!
! Add additional VLANs here if necessary
!
!
vlan 999
 name Unused_Native_VLAN
!
!
ip tcp path-mtu-discovery
ip telnet source-interface Loopback0
ip ftp source-interface Loopback0
ip tftp source-interface Loopback0
!
!
interface Loopback0
 ip address <<Loopback0_Address>> 255.255.255.255
 no ip proxy-arp
!
! L3 uplink port configuration
interface GigabitEthernet1/0/1
 description Uplink to ISR
 no switchport
 ip address <<Uplink_Interface_Address>> <<Uplink_Interface_Mask>>
 no ip redirects
 no ip proxy-arp
 ip pim sparse-mode
 ip cgmp
 load-interval 30
!
!
!
interface range GigabitEthernet1/0/2-24
 auto qos voip cisco-phone
!
!
interface range GigabitEthernet1/0/2-24
 switchport access vlan <<Data_VLAN_Number>>
 switchport mode access
 switchport nonegotiate
 switchport voice vlan <<Voice_VLAN_Number>>
 no logging event link-status
 load-interval 30
 no snmp trap link-status
!
! Shutdown unused access ports
interface range GigabitEthernet1/0/25-28
 shutdown
!
! Shutdown unused uplinks
interface range TenGigabitEthernet1/0/1-2
 shutdown
!
! Shutdown VLAN 1
interface Vlan1
 no ip address
 no ip route-cache
 no ip mroute-cache
 shutdown
!
router eigrp 109
 passive-interface default
 no passive-interface GigabitEthernet1/0/1 ! Specify different port if needed
 no auto-summary
 network <<Loopback0_Address>>
 network <<Uplink_Interface_Address>>
 network <<Data_VLAN_Interface_Address>>
! Add any additional networks to EIGRP here
!
ip classless
no ip forward-protocol nd
no ip forward-protocol udp tftp
no ip forward-protocol udp nameserver
no ip forward-protocol udp domain
no ip forward-protocol udp time
no ip forward-protocol udp netbios-ns
no ip forward-protocol udp netbios-dgm
no ip forward-protocol udp tacacs
no ip http server
no ip http secure-server
ip pim rp-address 139.65.245.226 mcast-rp-sparse-wan override
ip pim spt-threshold 32
ip pim register-rate-limit 48
ip pim register-source Loopback0
ip tacacs source-interface Loopback0
banner login @
****************************************************
WARNING TO UNAUTHORIZED USERS:
This system is for use by authorized users only.
Any individual using this system, by such use,
acknowledges and consents to the right of the
company to monitor, access, use, and disclose any
information generated, received, or stored on the
systems, and waives any right of privacy or
expectation of privacy on the part of that
individual in connection with his or her use of
this system. Unauthorized and/or improper use of
this system, as delineated by corporate policies,
is not tolerated and the company may take formal
action against such individuals.
****************************************************
@
!
!
!
!
line con 0
 timeout login response 15
 access-class 20 in
 password cisco
 logging synchronous
 login
 transport preferred none
line vty 0 4
 timeout login response 15
 access-class 20 in
 password cisco
 logging synchronous
 login
 transport preferred none
line vty 5 15
 timeout login response 15
 access-class 20 in
 password cisco
 logging synchronous
 login
 transport preferred none

To download the Standard Cisco Switch Configuartion go here; Switch_Config.xlsx

Read More