Manualshelf

HP Survivable Branch Communication zl Module powered by Microsoft Lync Planning and Design Guide 2011-02

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
161162163164165166167168169170
4-63
Example Solutions
Solution
You must enter the commands on each router interface:
[Seattle-A-MSR20-20] interface GigabitEthernet 0/0
[Seattle-A-MSR20-20-GigabitEthernet0/0] qos wfq dscp
queue-length 64 queue-number 256
[Seattle-A-MSR20-20-GigabitEthernet0/0] interface
Ethernet 1/0
[Seattle-A-MSR20-20-GigabitEthernet1/0] qos wfq dscp
queue-length 64 queue-number 256
Configure Firewalls
This solution features a firewall module that is installed in the branch office
HP zl switch. The firewall administrator must configure policies to allow this
traffic:
SIP traffic between your company’s voice VLANs:
TCP 5061 if you are using TLS
TCP 5060 if you are using TCP
Traffic from this branch’s voice VLAN to Lync Servers on TCP 444
Traffic from other sites’ voice VLANs to the SBM on TCP 444
Remote management traffic to the SBM (such as syslog and SNMP)
You must also enable the SIP ALG for the permitted SIP traffic. Such an ALG
typically protects against SIP attacks and also opens the correct RTP ports for
specific sessions. If your firewall does not have a SIP ALG that works with
Lync, you must plan how you will open the RTP ports. See “Adjusting Firewall
Policies” on page 2-33 of Chapter 2: “Design Considerations.”
Refer to your firewall’s documentation for instructions on creating the poli-
cies.
Install the SBM and Complete the Setup Wizard
The solution has now been prepared, and the SBMs can be installed at the
branch sites. The instructions outlined in this section should be completed by
the SBM technician assigned to install the devices.