Table Of Contents
UC500 and SR500 Secure Router Setup
Configuring the Cisco UC500
Configuring the Cisco SR500
Creating a Community
UC500 and SR500 Secure Router Setup
The Cisco SR500 provided asymmetric digital subscriber line (ADSL) or FastEthernet WAN termination and advanced security features for a Cisco Smart Business Communications System (SBCS) network. This document describes how to connect a Cisco UC500 behind a Cisco SR500 in secure router mode. It includes the following sections:
•
Configuring the Cisco UC500
•Configuring the Cisco SR500
•Creating a Community
Prerequisites:
•UC500 Series Router
•SR500 Series Router
•A PC with an operating system that supports Cisco Configuration Assistant: Windows Vista Ultimate, or Windows XP, Service Pack 1 or later
•Cisco Configuration Assistant with version 1.8 or higher installed
Connect your Cisco UC500 to a Windows PC, as shown in Figure 5-1.
Figure 5-1 Cisco UC500 Connection
Configuring the Cisco UC500
Network address translation (NAT) is not required on the UC500 in this configuration, because the SR500 manages NAT for the network. To configure the Cisco UC500 using CCA, do the following:
Step 1 Enter the Cisco UC500 LAN IP address in the Connect to field on the Connect window.
Step 2 Enter your Cisco UC500 administrator username and password.
Step 3 Go to Configure > Security > NAT.
Step 4 From the Outside Interface menu on the NAT window, select Delete Interface.
Step 5 Click Apply to disable NAT on the UC500. (The Cisco SR500 will NAT incoming and outgoing Internet traffic; the Cisco UC500 does not require that NAT is enabled.)
Step 6 Go to Configure > Security > Firewall and DMZ.
Step 7 Click Delete Firewall Settings.
Step 8 Click Yes to clear the warning message. This deletes the firewall settings from Cisco UC500. A firewall is not required on Cisco UC500, because the Cisco SR500 provides a firewall for the network.
Step 9 Go to Setup > Device Setup Wizard.
Step 10 Select UC500 from the menu and click Next.
Step 11 Click Next until device connectivity is verified. It might take 2-3 minutes to verify the device connectivity.
Step 12 Click Next.
Step 13 Enter your UC500 administrator username and password. The default username is cisco. The default password is cisco.
Step 14 Click Next.
Step 15 Verify that the Synchronize with PC checkbox is checked. This synchronizes the time and date settings on the UC500 with your PC and click Next.
Step 16 Select Fastethernet0/0 and click Modify.
Step 17 In the Internet IP Address field, enter 192.168.75.2.
Step 18 Choose Static IP.
Step 19 Enter the Primary DNS IP address and the Secondary DNS IP address that match the DNS server IP addresses used in your network and click OK.
Step 20 Click Next.
Step 21 Select your language from the Phone Language menu, and voicemail language.
Step 22 Select your language Voicemail Language menu.
Step 23 Click Next.
Step 24 Verify your settings. To make any changes, click Previous; otherwise, click Finish.
Step 25 Click Yes when the warning displays.
Note If you retained the VLAN 1 IP address of 192.168.10.1, Cisco Configuration Assistant does not lose connectivity to the Cisco UC500 and applies the configuration settings to the Cisco UC500. This process can take 8-10 minutes
Once the process is complete, you should see the following message.
Step 26 Click Close to exit the setup wizard.
Step 27 Go to Configure > Save Configuration and click Save.
Configuring the Cisco SR500
Connect your Cisco UC500, Cisco SR500, and Windows PC as shown in Figure 5-2.
Figure 5-2 Cisco UC500, Cisco SR500, and Windows PC Connection
Your Internet/WAN connection might be an ADSL or an Ethernet connection, depending on the Cisco SR500 chassis type.
Step 1 Enter the SR500 LAN IP address in the Connect to field in Cisco Configuration Assistant.
If your connection is rejected, it might be necessary to manually release and renew your DHCP lease to obtain an IP address from the Cisco SR500, by doing the following:
1. To open a Run window, select Start > Run.
2. Enter CMD in the Open field to launch a Windows Command window.
3. Enter ipconfig /release at the Windows command prompt.
4. Enter ipconfig /renew at the Windows command prompt. You should get an IP address that is in the 192.168.75.xxx network. For example:
C:\temp>ipconfig /renew
Windows IP Configuration
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . : cisco.com
IP Address. . . . . . . . . . . . : 192.168.75.11
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.75.1
Step 2 Go to Setup > Device Setup Wizard.
Step 3 From the Select a device menu, select SR500 and click Next.
Step 4 Click Next until device connectivity is verified. It might take 2-3 minutes to verify the device connectivity.
Step 5 Enter your Cisco SR500 administrator username and password. The default username is admin. The default password is admin.
Step 6 Verify that the Synchronize with PC checkbox is checked. This synchronizes the time and date settings on the UC500 with your PC and click Next.
Step 7 If you are using WAN FastEthernet, the following window displays:
Select Fastethernet4 and click Edit.
If you are using ADSL, the following window displays:
Select ATM0.1 and click Edit.
Step 8 Specify your Cisco SR500 Internet connection settings and click OK. These settings vary depending on which provider and what WAN type you are using to connect to the Internet. For example:
DHCP with FastEthernet
PPPoE with FastEthernet.
The username and password should match the account information provided by your Internet service provider.
PPPoE with ADSL.
The username and password should match the account information provided by your Internet service provider.
Step 9 Click Next. Verify your settings. To make any changes, click Previous; otherwise click Finish. After 1-2 minutes, the Summary message displays.
Step 10 Click Close.
The configuration of the Cisco SR500 is complete.
Creating a Community
To create a community that includes both the Cisco UC500 and the Cisco SR500, do the following:
Step 1 Start Configuration Assistant, and select Create community in the Connect window. Click Connect.
Step 2 In the Create Community window, enter a name for the community.
Step 3 Enter the Cisco SR500 IP address in the Seed IP Address field. Click Start.
Step 4 When prompted, enter the Cisco UC500 and the Cisco SR500 administrator usernames and passwords. Click OK.
Step 5 In Topology view, verify that the Cisco UC500 is connected behind the Cisco SR500.
Step 6 Go to Configure > Save Configuration.
Step 7 Select All Devices in the Hostname menu. Click Save.
The configuration is complete.
You can now connect your Cisco Configuration Assistant PC to any LAN port on the Cisco UC500 or Cisco SR500 to access the community you created, allowing you to monitor the network and modify the device configurations.
You should connect all LAN devices, such as PCs, IP phones, printers, switches, and access points, to the Cisco UC500 LAN ports to access the WAN or the Internet from the LAN devices. LAN devices connected to the UC500 have secure access to the WAN and the Internet, because they are protected by the security features you enabled on the Cisco SR500.
You might choose to connect DMZ devices, such as Web servers or email servers, to the Cisco SR500.
Feedback