Figure 10-2 Two Sv9100 Systems Connected Via The Wan - NEC Univerge SV9100 Manual

10-6

Figure 10-2 Two SV9100 Systems Connected Via the WAN

systems. One on the corporate local LAN and one on a Remote network
connected via the WAN. The remote site cannot call the MAIN site, therefore, it is
not working.
Figure 10-2 Two SV9100 Systems Connected Via the WAN
Headquarters
Local LAN
Firewall
The green arrow in Figure 10-2 Two SV9100 Systems Connected Via the WAN
represents the data packets leaving the REMOTE IPLE card destined for the
SV91000 on the Headquarters LAN. The firewall on the Headquarters network is
not configured to recognize the TCP/UDP ports utilized by the NEC equipment,
thus blocking them resulting in registration failure. To solve this issue the ports
used by the NEC VoIP equipment must be opened in the firewall allowing the
NEC traffic to pass through onto the SV9100.
The ports, 58000 and 58002 (TCP) for signaling and the voice ports, are required
to be open at each location. This depends on how many IPLE ports are installed.
IPLE 256 Open UDP Ports 10020~10531

VPN
Another common feature is to use the Internet as the WAN between customer
locations. When this is done VPNs are typically used between the locations. A
VPN (Virtual Private Network) is a private data network that maintains privacy
through the use of tunneling protocols and security features over the public
internet. This allows remote networks (with private addresses), residing behind
NAT routers and/or firewalls, to communicate freely with each other. When
building the VPN tunnels, throughout the network, they must be assigned as a
fully meshed network. This means that every network is allowed direct connection
to each and every other network in the topology.
shows two SV9100
WAN
Remote Network
Firewall
SV9100 NetLink
Issue 2.0