Nortel Networks 2212 User Manual

Title page

Nortel Communication Server 1000

Nortel Networks Communication Server 1000 Release 4.5

WLAN Handset 2212

Installation and Configuration for VPN

Document Number: 553-3001-229
Document Release: Standard 1.00
Date: November 2005

Year Publish FCC TM

Copyright © Nortel Networks Limited 2005
All Rights Reserved

Produced in Canada

Information is subject to change without notice. Nortel Networks reserves the right to make changes in design
or components as progress in engineering and manufacturing may warrant.

Nortel, Nortel (Logo), the Globemark, This is the Way, This is Nortel (Design mark), SL-1, Meridian 1, and
Succession are trademarks of Nortel Networks.

4

Page 3 of 62

Revision history

November 2005

Standard 1.00. This document is a new NTP issued to support
Communication Server 1000 Release 4.5.

WLAN Handset 2212 Installation and Configuration for VPN

Page 4 of 62

553-3001-229 Standard 1.00 November 2005

6

Page 5 of 62

Contents

List of procedures . . . . . . . . . . . . . . . . . . . . . . . . . . 7

How to get help . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9

About this document . . . . . . . . . . . . . . . . . . . . . . . 11

Subject .. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11

Applicable systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11

Intended audience . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13

Conventions .. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13

Related information .. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14

Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15

Contents .. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15

Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15

Code and key code requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16

Scope of this document . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16

Getting started . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19

Contents .. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19

Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19

Configuring the Contivity VPN router . . . . . . . . . . . . . . . . . . . . . . . . . 19

Installing the Licence Keys . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26

DHCP options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29

Contents .. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29

WLAN Handset 2212 Installation and Configuration for VPN

Page 6 of 62 Contents

Introduction .. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29

The DHCP server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29

Checking connectivity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30

DHCP relay .. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31

IP address pool configuration . . . . . . . . . . . . . . . . 33

Contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33

Introduction .. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33

IP address pools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33

Proxy ARP and tunnel-to-tunnel traffic . . . . . . . . . . . . . . . . . . . . . . . . 35

IPsec options and groups . . . . . . . . . . . . . . . . . . . 37

Contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37

Introduction .. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37

IPsec global variables . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37

WLAN Handset 2212 group definition . . . . . . . . . . . . . . . . . . . . . . . . 39

WLAN Handset 2212 group IPsec variables . . . . . . . . . . . . . . . . . . . . 40

Users, interface and firewall configuration . . . . . 45

Contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45

Introduction .. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45

User accounts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45

Second interface configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48

Firewall configuration .. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52

Handset configuration . . . . . . . . . . . . . . . . . . . . . . 57

Contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57

Introduction .. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57

Configuring the handset . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57

553-3001-229 Standard 1.00 November 2005

8

Page 7 of 62

List of procedures

Procedure 1

Configuring the VPN router . . . . . . . . . . . . . . . . . . . . . .19

Procedure 2

Installing licence keys . . . . . . . . . . . . . . . . . . . . . . . . . . 26

Procedure 3

Disabling the DHCP server . . . . . . . . . . . . . . . . . . . . . . . 29

Procedure 4

Enabling the DHCP relay . . . . . . . . . . . . . . . . . . . . . . . . 31

Procedure 5

Configuring an IP address pool . . . . . . . . . . . . . . . . . . . 33

Procedure 6

Enabling proxy ARP and tunnel-to-tunnel traffic . . . . . 35

Procedure 7

Setting IPsec global variables . . . . . . . . . . . . . . . . . . . .37

Procedure 8

Defining a WLAN Handset 2212 group . . . . . . . . . . . . .39

Procedure 9
Setting IPsec variables for a WLAN Handset 2212

group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40

Procedure 10

Adding a user account . . . . . . . . . . . . . . . . . . . . . . . . . .45

WLAN Handset 2212 Installation and Configuration for VPN

Page 8 of 62 List of procedures

Procedure 11

Configuring the second interface . . . . . . . . . . . . . . . . . 48

Procedure 12

Configuring the firewall . . . . . . . . . . . . . . . . . . . . . . . . . 52

Procedure 13
Configuring the WLAN Handset 2212 using the

cradle . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58

Procedure 14
Configuring the WLAN Handset 2212 using the

screen . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59

553-3001-229 Standard 1.00 November 2005

10

Page 9 of 62

How to get help

This section explains how to get help for Nortel products and services.

Getting Help from the Nortel Web site

The best way to get technical support for Nortel products is from the Nortel
Technical Support Web site:

www.nortel.com/support

This site provides quick access to software, documentation, bulletins, and
tools to address issues with Nortel products. More specifically, the site
enables you to:

• download software, documentation, and product bulletins

• search the Technical Support Web site and the Nortel Knowledge Base
for answers to technical issues

• sign up for automatic notification of new software and documentation for
Nortel equipment

• open and manage technical support cases

Getting Help over the phone from a Nortel Solutions Center

If you don’t find the information you require on the Nortel Technical Support
Web site, and have a Nortel support contract, you can also get help over the
phone from a Nortel Solutions Center.

In North America, call 1-800-4NORTEL (1-800-466-7835).

WLAN Handset 2212 Installation and Configuration for VPN

Page 10 of 62 How to get help

Outside North America, go to the following Web site to obtain the phone
number for your region:

www.nortel.com/callus

Getting Help from a specialist by using an Express Routing Code

To access some Nortel Technical Solutions Centers, you can use an Express
Routing Code (ERC) to quickly route your call to a specialist in your Nortel
product or service. To locate the ERC for your product or service, go to:

www.nortel.com/erc

Getting Help through a Nortel distributor or reseller

If you purchased a service contract for your Nortel product from a distributor
or authorized reseller, contact the technical support staff for that distributor
or reseller.

553-3001-229 Standard 1.00 November 2005

14

Page 11 of 62

About this document

This document is a global document. Contact your system supplier or your
Nortel representative to verify that the hardware and software described are
supported in your area.

Subject

This document describes the installation and configuration of a WLAN
Handset 2212 on a Virtual Private Network.

Note on legacy products and releases

This NTP contains information about systems, components, and features that
are compatible with Nortel Communication Server 1000 Release 4.5
software. For more information on legacy products and releases, click the
Technical Documentation link under Support & Training on the Nortel
home page:

www.nortel.com

Applicable systems

This document applies to the following systems:

• Communication Server 1000S (CS 1000S)

• Communication Server 1000M Chassis (CS 1000M CH)

• Communication Server 1000M Cabinet (CS 1000M CA)

• Communication Server 1000M Half Group (CS 1000M HG)

• Communication Server 1000M Single Group (CS 1000M SG)

WLAN Handset 2212 Installation and Configuration for VPN

Page 12 of 62 About this document

• Communication Server 1000M Multi Group (CS 1000M MG)

• Communication Server 1000E (CS 1000E)

• Meridian 1 PBX 11C Chassis

• Meridian 1 PBX 11C Cabinet

• Meridian 1 PBX 51C

• Meridian 1 PBX 61C

•Meridian1 PBX81

• Meridian 1 PBX 81C

Note: When upgrading software, memory upgrades may be required on
the Signaling Server, the Call Server, or both.

System migration

When particular Meridian 1 systems are upgraded to run CS 1000
Release 4.5 software and configured to include a Signaling Server, they
become CS 1000M systems. Table 1 lists each Meridian 1 system that
supports an upgrade path to a CS 1000M system.

Table 1
Meridian 1 systems to CS 1000M systems

This Meridian 1 system... Maps to this CS 1000M system

Meridian 1 PBX 11C CH CS 1000M CH

Meridian 1 PBX 11C CA CS 1000M CA

Meridian 1 PBX 51C CS 1000M Half Group

Meridian 1 PBX 61C CS 1000M Single Group

Meridian 1 PBX 81 CS 1000M Multi Group

Meridian 1 PBX 81C CS 1000M Multi Group

For more information, see one or more of the following NTPs:

• Communication Server 1000M and Meridian 1: Small System Upgrade
Procedures (553-3011-258)

553-3001-229 Standard 1.00 November 2005

• Communication Server 1000M and Meridian 1: Large System Upgrade
Procedures (553-3021-258)

• Communication Server 1000S: Upgrade Procedures (553-3031-258)

• Communication Server 1000E: Upgrade Procedures (553-3041-258)

Intended audience

This document is intended for individuals responsible for installing,
configuring, operating, and maintaining the WLAN Handset 2212.

Conventions

Terminology

In this document, the following systems are referred to generically as
“system”:

• Communication Server 1000M (CS 1000M)

• Communication Server 1000E (CS 1000E)

• Communication Server 1000S (CS 1000S)

About this document Page 13 of 62

•Meridian1

The following systems are referred to generically as “Small System”:

• Communication Server 1000M Chassis (CS 1000M CH)

• Communication Server 1000M Cabinet (CS 1000M CA)

• Meridian 1 PBX 11C Chassis

• Meridian 1 PBX 11C Cabinet

The following systems are referred to generically as “Large System”:

• Communication Server 1000M Half Group (CS 1000M HG)

• Communication Server 1000M Single Group (CS 1000M SG)

• Communication Server 1000M Multi Group (CS 1000M MG)

• Meridian 1 PBX 51C

WLAN Handset 2212 Installation and Configuration for VPN

Page 14 of 62 About this document

• Meridian 1 PBX 61C

•Meridian1 PBX81

• Meridian 1 PBX 81C

Related information

This section lists information sources that relate to this document.

Online

To access Nortel documentation online, click the Technical Documentation
link under Support & Training on the Nortel home page:

www.nortel.com

CD-ROM

To obtain Nortel documentation on CD-ROM, contact your Nortel customer
representative.

553-3001-229 Standard 1.00 November 2005

18

Page 15 of 62

Overview

Contents

This section contains information on the following topics:

Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15

Code and key code requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16

Scope of this document . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16

Assumptions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16

The configuration in this document . . . . . . . . . . . . . . . . . . . . . . . . . 17

Introduction

The WLAN Handset 2212 is a mobile handset for workplace IP telephone
systems. The handset operates over an 802.11b wireless Ethernet LAN
providing users a wireless Voice Over IP (VoIP) extension. By seamlessly
integrating with the Nortel IP telephony system, handset users are provided
with high-quality mobile voice communications throughout the workplace.
The handset gives users the freedom to roam throughout the workplace while
providing all the features and functionality of an IP desk telephone.

The WLAN Handset 2212 provides a wireless extension to the Nortel
Meridian 1 and CS 1000 VoIP solutions. The handset supports the UNIStim
protocol, a proprietary protocol developed by Nortel for communication
between a Nortel IP telephone and a Nortel PBX.

The handsets reside on the wireless LAN with other wireless devices using
Direct Sequence Spread Spectrum (DSSS) radio technology. The handset
radio transmits and receives packets at up to 11Mb/s.

WLAN Handset 2212 Installation and Configuration for VPN

Page 16 of 62 Overview

IMPORTANT!

The latest software version is required to support the features described
in this document.

Code and key code requirements

Before configuring the WLAN Handset 2212, you must ensure the various
components are using the proper versions of software. Table 2 lists the
components and software versions:

Table 2
Required components and software versions

Component Software Version

WLAN Handset 2212 097.060

WLAN IP Telephony Manager 2245 17x.022

Contivity VPN Router V04_90.301

router can be any model

CS 1000 or Meridian 1 PBX CS 1000 Release 4.0 or higher

Scope of this document

Assumptions

The following assumptions are made in this document:

• The wireless infrastructure has been configured and is available.

• The PBX has been configured.

• The WLAN IP Telephony Manager 2245 has been configured.

• The DHCP server has been programmed and configured to provide the
correct IP address.

553-3001-229 Standard 1.00 November 2005

requires Firewall licence key code

The configuration in this document

This document describes the configuration of the supported architecture
shown in Figure 1.

Figure 1
Thin AP – L2 Away from VPN Router

Overview Page 17 of 62

WLAN Handset 2212 Installation and Configuration for VPN

Page 18 of 62 Overview

The figures in this document are examples of the types and format of the
information required for a specific step. Substitute information for your
site accordingly.

IMPORTANT!

553-3001-229 Standard 1.00 November 2005

28

Page 19 of 62

Getting started

Contents

This section contains information on the following topics:

Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19

Configuring the Contivity VPN router . . . . . . . . . . . . . . . . . . . . . . . . . 19

Installing the Licence Keys . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26

Introduction

This section describes how to install and configure the WLAN Handset 2212
for Virtual Private Network (VPN).

Configuring the Contivity VPN router

After attaching the console to your PC, use Procedure 1 to configure the VPN
router.

Procedure 1
Configuring the VPN router

1 Select Start > Control Panel.

2 Double click on System.

The System Properties window appears.

3 Select the Hardware tab.

4 Click Device Manager.

The Device Manager window appears.

WLAN Handset 2212 Installation and Configuration for VPN

Page 20 of 62 Getting started

5 Click on the + beside Ports.

The Ports list expands.

6 Right click Communications Ports (COM 1) and select Properties.

The Communications Ports (COM 1) Properties window appears.

7 Select the Port Settings tab.

8 Ensure the settings are configured as shown in Figure 2.

Figure 2
COM1 settings

9 Connect to the wireless gateway through the console cable.

10 Access the wireless gateway using Hyper Terminal.

11 Enter the username and password in the Contivity 1050 Hyper Terminal

window.

The Main Menu window appears, as shown in Figure 3 on

553-3001-229 Standard 1.00 November 2005

page 21