FCC ID: QISEGW1520A eSpace EGW1520

 

eSpace EGW1520 Enterpr eSpace EGW1520 Enterpr V100R001C01 Quick Start rise Gateway rise Gateway eSpace EGW1520 V100R001C01 Issue:04 Part Number:31505357 Date:2012-10-25 04 31505357 2012-10-25 HUAWEI TECHNOLOGIES CO., LTD. Welcome Welcome to eSpace EGW1520 Enterprise G describes how to install and configure the E refer to the eSpace EGW1520 Enterprise G in the CD-ROM delivered with the device. Usage Notice

Keep the power plugs clean and dry to a

Use the power supply adapter provided w

Keep your hands dry when plugging in o

Power off the device, remove all connect maintenance personnel if smokes, noises Gateway (EGW1520). This document EGW1520. For more information, please Gateway Product Documentation provided void electric shock and other potential risks. with this product. ut the device cable. ted cables, and contact authorized s, or odors come from the device. Packing List EGW1520 Power supply adapter Analog phone lines (3) Network cable (1) Document CD-ROM Quick Start Warranty Card Device Appearance Rear View Side View R ESET: Press the button for short time ( 6s) to re estart. Press the button for long time (> 6s) to re estore factory settings. W WLAN: Press the button for short time ( 6s) to en nable or disable WLAN. Press the button for long tim me (> 6s) to activate WPS. 1 1 Installation 1 Preparing Installation Tools Claw hammer Phillips screwdriver 2 Installing the EGW1520 Install the EGW1520 on a horizontal surface

Installing the EGW1520 on a horizontal s

I t l on the surface and leave 10 cm space ar

To install the EGW1520 on a wall, fix the of the swell fixtures is exposed for mount th EGW1520 h i t lli Hammer drill Level ruler i f Y e or on a wall. surface is easy. You only need to place it it round for heat dissipation. e swell fixtures (M4) and ensure that 5 mm ting the EGW1520. d t l l 3 Connecting Cables Phone line port Phone line port 3G data a card Power supply socket Network cable port Network cable Phone line Note: Either the ADSL or WAN port can be used. The FXO1/LINE port supports power-off survival, and you are advised to use it with preference. IP pho one Analog phone PC Analog phone IAD FAX After cables are connected, press the powe the POWER indicators (on the front panel) a the POWER indicator is steady, the EGW15 r button to power on the EGW1520. View and check the EGW1520 working status. If 520 is working properly. 2 2 Configuring the EGW1520 Scenario Description The EGW1520 supports Internet access thro methods are available: account and passwo Internet access mode and data, contact you The audio function of the EGW1520 is used independent IP PBX, IMS/NGN access gate UC solution. The following describes the con details about scenario description and config ROM delivered with devices. ough ADSL or WAN. In WAN mode, three ord, static IP, and DHCP. For the specific ur local network carrier. in one of the following scenarios:

eway, and local gateway in a branch in the nfiguration methods in these scenarios. For guration cases, see the documentation CD-

3 3 Starting Configuration Netwo orking a on Planning Network Access Informatio Item Parameter Planning Description Account WAN Static IP Static IP PPPoE user name PPPoE password WAN IP address WAN subnet mask WAN gateway IP address Primary DNS server DHCP PVC Identifier (VPI) PVC Identifier (VCI) PPPoE user name PPPoE password ADSL SSID Wireless Wireless function Wireless access password ADSL and WAN are available. The WAN modes include the account, static IP, and DHCP submodes. To obtain the network access mode and data, contact the local network carrier. i it Indicates the ID of the EGW1520. The ID is displayed on a Wi-Fi terminal after the terminal finds the EGW1520. The default ID is eSpace EGW_****. **** is the last four di digits in the WLAN MAC address. The password is a string consisting of 8 to 63 ASCII characters or 64 hexadecimal digits. The default password is the WLAN MAC address of the EGW1520. th WLAN MAC dd t System W1520 using a network cable. xplorer 6.0 or a later version on the PC. The b Logging In to the Web Management Connect a PC to a LAN port on the EGW Log in to the EGW1520 using Internet Ex default URL is https://192.168.1.1. Enter the user name (default: admin) and Log In. c Starting Configuration Starting Configuration Choose Quick Setup from the navigation Choose a country and click Next. rding to step Select a network connection mode accor and click Next. Verify parameter settings

. Click Save And Continue and configure the audio function. If the audio function does not need to be configured, click Sav ve And Exit to exit the configuration wizard. n tree on the web management system. d password (default: Admin@123) and click

, set relevant parameters, a 4 4 4 Starting Configuration Indep a Planning Users' Internal Numbers Analog phones, fax machines, IP phones, an EGW1520. You are advised to connect fax m PHONE port. When the EGW1520 functions as an indepe prefix plus the called number to make an out the FXO port. The default outgoing prefix is 888. The outgo called number change rule in outgoing calls. ts An internal number is a string of 1 to 30 digit An internal number is a string of 1 to 30 digit ts. User Type POTS user SIP user Phone Type Fax machine or analog phone IP phone Analog phone 1 (connected to the EGW1520 through the IAD) Analog phone 2 (connected to the EGW1520 through the IAD)

... b 1 2 S S Starting Configuration On the SIP Server page, disable the UC O C Click Next to access the analog phone co not need to be configured when the EGW Based on the data plan in step

, config leave the registration groups and externa Click Add in the right part of the IP Phon

, configure internal numbers of SIP users external numbers blank, and click Next. Click Finish to finish EGW1520 configura Configure the IAD. The following describe 1. Open Internet Explorer and enter the a 3 4 5 6 the address box. pendent IP PBX nd IADs can be connected to the machines to the EGW1520 through the ndent IP PBX, users can dial the outgoing tgoing call, and the call is routed through oing prefix is deleted according to the Internal Number Example 6001 6002 SIP user SIP user

... 6003 6004

... mode and click Next. onfiguration page. Registration groups do W1520 functions as the IP PBX. ure internal numbers of POTS users, al numbers blank, and click Next. e page. Based on the data plan in step

, leave the registration groups and a ation. es how to configure IAD208E(M). IAD IP address (default: 192.168.100.1) in lt t) th

(d f d (d f lt d i ) nd password (default: admin) and click 2. Enter the user name (default: root) an d li k 2 E t d Log In to access the web manageme nt page. work Parameter and select the static IP 3. Choose Basic Configuration > Netw mode. Set the IAD IP address to 192.1 168.1.x (default IP address of the LAN set the subnet mask to 255.255.255.0, port on the EGW1520: 192.168.1.1), s gateway to 192.168.1.1. and set the IP address of the default g

> SIP Server and set the IP address of the 4. Choose SIP Service Configuration >

SIP server to the IP address of the LA AN port on the EGW1520 (for example, 192.168.1.1).

> FXS User and set User ID (indicating 5. Choose SIP Service Configuration >

n in step user numbers) based on the data plan 5 5

.a 7 Configure an IP phone. The following des phone. For details about other models, se 1. Enter the IP address of the IP phone i can click OK on the IP phone to view 2. Enter the user name and password (d and click Log In to access the web m 3. Click the Account tab. Set Register N based on the data plan in step

. Se address of the LAN port on the EGW1 4. Click Submit to finish IP phone config You can choose Voice > Phone Alloc You can choose Voice > Phone Alloc system of the EGW1520 to view the r Verify the configuration according to the c document. Starting Configuration IMS/N a Planning SIP Server Data Description Item a 8 scribes how to configure an eSpace 78xx IP ee the appropriate administrator guide. in the address box of Internet Explorer(You the IP address of the IP phone). default values: admin) of the administrator anagement page. Name to the user number of the IP phone et SIP Server to 192.168.1.1 (default IP 1520). guration. cation > IP Phone in the web management cation > IP Phone in the web management registration status of the IP phone. chapter Verifying Configuration in this NGN Access Gateway Type of the SIP server address The address can be an IP from the network carrier. address and or a domain name. Obtain the type SIP server address SIP ser er t pe SIP server type Heartbeat detection interval Registration interval IP address or domain nam network carrier. For examp The options are NGN and The options are NGN and me of the SIP server. Obtain the address from the ple, the value can be 191.1.1.1 or m04.huawei.com. IMS Obtain the t pe from the net ork carrier IMS. Obtain the type from the network carrier. Interval for the EGW1520 in seconds. The value rang recommended. to send heartbeat messages to the active SIP server, ges from 10 to 900. The default value 60 is Interval for the registration this group to the SIP serve The value ranges from 0 to n group to send registration messages for users in er, in seconds. o 14400. The default value 360 is recommended. Planning the Registration Group b Assume that the EGW1520 connects to the user-by-user registration. To obtain the registration group type, trun user name, IMS domain name, external nu contact the network carrier. When the SIP se name blank. Registration Group ID Trunk Registratio User ID Registration Group Type on 0 1 2

... User-by-user registration User-by-user registration User-by-user registration

+8657187654321

+8657187654322

+8657187654323

... .. .. 6 6 IMS, and the registration group type is k registration user ID, trunk registration umbers, Authentication and Password, erver type is NGN, leave the IMS domain yp

, Trunk Registration User Name

+8657187654321@abc. def.com

+8657187654322@abc. def.com

+8657187654323@abc. def.com IMS Domain Name abc.def.com abc.def.com abc.def.com

... Planning User Numbers c Analog phones, fax machines, IP phones, an EGW1520. You are advised to connect fax m PHONE port. nd IADs can be connected to the machines to the EGW1520 through the NOTE

The ID of the registration group correspon the same as that of the the trunk registration u with +, you need to change + to 00 when you

Internal numbers can be customized. nding to an external number of a user must be user ID. If the trunk registration user ID starts u configure an external number. User User Type I t Intern Exam nal Number l N mple b Fax machine or analog phone POTS user 6001 IP phone SIP user 6002 Analog phone 1 (connected to the EGW1520 through the IAD) SIP user 6003 Analog phone 2 (connected to the EGW1520 through the IAD) SIP user 6004

... .. .. R i t ti Registration Group ID 0 1 2 3

... E t External Number Example l N b 008657187654321 008657187654322 008657187654323 008657187654324

... d 1 1 2 3 Starting Configuration On the SIP Server page disable the UC On the SIP Server page, disable the UC a server based on the data plan in step Configure the registration group based on Configure the POTS user's internal and e in step 4 Click Add in the right part of the IP Phon and external numbers based on the data 5 Click Finish to finish EGW1520 configura 6 Configure the IAD. The following describe 1. Open Internet Explorer and enter the and click Next. c the address box. 2. Enter the user name (default: root) an Log In to access the web manageme 3. Choose Basic Configuration > Netw mode Set the IAD IP address to 192 mode. Set the IAD IP address to 192. port on the EGW1520: 192.168.1.1), s and set the IP address of the default g 4. Choose SIP Service Configuration >

SIP server to the IP address of the LA 192.168.1.1). mode and click Add Configure the SIP mode and click Add. Configure the SIP and click Next. and click Next. n the data plan in step b external numbers based on the data plan c and click Next. e page. Configure the SIP users' internal plan in step ation. es how to configure IAD208E(M). IAD IP address (default: 192.168.100.1) in nd password (default: admin) and click nt page. work Parameter and select the static IP 168 1 x (default IP address of the LAN 168.1.x (default IP address of the LAN set the subnet mask to 255.255.255.0, gateway to 192.168.1.1.

> SIP Server and set the IP address of the AN port on the EGW1520 (for example, 7 5. Choose SIP Service Configuration >

user numbers) based on the data plan Configure an IP phone. The following des phone. n the address box of Internet Explorer (You 1. Enter the IP address of the IP phone i can click OK on the IP phone to view t the IP address of the IP phone). 7 7

> FXS User and set User ID (indicating n in step scribes how to configure an eSpace 78xx IP c

. 2. Enter the user name and password (d and click Log In to access the web m 3. Click the Account tab. Set Register N based on the data plan in step

. Se address of the LAN port on the EGW1 4. Click Submit to finish IP phone config You can choose Voice > Phone Alloc management system of the EGW1520 phone. c default values: admin) of the administrator anagement page. Name to the user number of the IP phone et SIP Server to 192.168.1.1 (default IP 1520). guration. cation > IP Phone in the web 0 to view the registration status of the IP chapter Verifying Configuration in this L ti C fi 8 Verify the configuration according to the c ti Solution document. St Starting Configuration Loca a Planning Server Information When the EGW1520 functions as the local g SIP server on the central node at the headq synchronizes them to the EGW1520. You do the EGW1520. Before configuration, collect user quantity in allocation to the enterprise IT administrator. The default outgoing prefix of the EGW1520 according to the called number change rule Server Type Planned Item Remarks l G t th UC l Gateway in a Branch in the UC h i B i gateway in a branch in the UC solution, the quarters allocates all user numbers and o not need to configure user numbers on n the branch and apply for number 0 is 888. The outgoing prefix is deleted in outgoing calls. Data synchronization server SIP server IP address Port number Key for data synchronization SIP server address SIP server type Heartbeat detection interval Registration interval enterprise IT administrator to obtain the IP e data synchronization server. enterprise IT administrator to obtain the port e data synchronization server. If the port to be obtained, use the default value 8098. 20 compares its data synchronization key with ata synchronization server. If the keys are the ta synchronization server synchronizes data to 0; otherwise, the EGW1520 rejects the data on. The key is a string of 1 to 22 characters ts, letters, or special characters. You can h the enterprise IT administrator about the key Contact the e address of th Contact the e number of the number fails t The EGW152 that of the da same, the da the EGW1520 synchronizati including digi negotiate with format. can be an IP address and or a domain name. The address ddress from the enterprise IT administrator. Obtain the ad are IMS or NGN. Obtain the type from the The options a administrator. enterprise IT When the SIP P server is eSpace U1960, select NGN. P server is eSpace U2900, select IMS. When the SIP Interval for th e EGW1520 to send heartbeat messages to the active and d standby SIP servers, in seconds. The value 30 to 150. The default value 90 is ranges from 3 d. recommende e registration group to send registration Interval for th messages for r users in this group to the SIP server, in e value ranges from 0 to 14400. The default seconds. The value 360 is r recommended. 8 8 b 1 2 3 Starting Configuration On the SIP server page, enable the UC m mode. Configure the data synchronization

. server based on the data plan in step a Click Add. Configure the SIP server base ed on the data plan in step Click Finish. You can choose Voice > Phone Allocati EGW1520 to view the synchronized user ion in the web management system of the number. and click Next. a NOTE When configuring the IP phone, set SIP server 1, SIP the central node, standby SIP server in the central nod server 2, and SIP server 3 to the active SIP server in de, and IP address of the LAN port on the EGW1520. chapter Verifying Configuration in this 4 Verify the configuration according to the c document. Verifying Configuration a Verifying Network Access You can visit a website (for example, http://e network function. If the access is successful, configured. b

Independent IP PBX Verifying the Audio Function enterprise.huawei.com) and verify the

, the network function is correctly Intra-office users dial each other's inter rnal numbers using phones that have numbers configured numbers configured. An intra-office user under the EGW152 number (for example, mobile phone nu An outer-office user dials the number th FXO port of the EGW1520. After hearin switchboard, the outer-office user dials number). 0 to dial the outgoing prefix (888) and the mber) of an outer-office user. hat the PSTN network carrier assigns to the ng the announcement played by the the extension number (that is, the internal

IMS/NGN access gateway Intra-office users dial each other's inter rnal numbers using phones that have numbers configured. Calls are made between an analog pho network-side number (for example, a m

Local gateway in a branch in the UC solu

Local gateway in a branch in the UC solu Intra-office users dial each other's inter one or IP phone under the EGW1520 and a mobile phone number). ution ution rnal numbers using phones that have numbers configured. An intra-office user under the EGW152 number (for example, mobile phone nu An outer-office user dials the number th FXO port of the EGW1520. After hearin switchboard, the outer-office user dials number). 0 to dial the outgoing prefix (888) and the mber) of an outer-office user. hat the PSTN network carrier assigns to the ng the announcement played by the the extension number (that is, the internal alls are connected successfully. If a call In the preceding scenarios, verify that the ca nection. fails, check the configuration and cable conn 9 9 Seeking Technical Support and O Technical support Contact the device supplier to obtain tech Documentation Obtain documentation from the CD-ROM SUPPORT > Products > UC&C > UC >

obtain documentation. Declaration on Hazardous Substa Obtaining Documentation hnical support. delivered with the device or choose UC in http://enterprise.huawei.com to ances in Electronic Information Products Parts Parts Mechanical part Board/circuit module Signal cable Cable connector Power adapter Auxiliary equipment Hazardous Subst Hazardous Subst tances tances Pb Hg Cd Cr6+

PBB PBDE t Indicates that the concentration of the haz h homogeneous materials of this part is below the th standard. Indicates that the concentration of the haz homogeneous materials of this part is above the t i b l f thi i l ardous substance contained in all the f th SJ/T 11363 2006 e limit requirement of the SJ/T 113632006 li it t i ardous substance contained in all the e limit requirement. NOTE 1. Mechanical part such as shell: The steel, aluminum 2. Board and circuit module:

The PCB pad contains lead.

Ceramic capacitor or feedthrough capacitor or ceramic chip contains lead. m or copper materials contain lead. mica capacitor on the board: The

The resistor inside the clock oscillator is immu

The high temperature type solder, used for the une from lead. connector inside the transformer, contains more than 85% lead. contains more than 85% lead.

The luminescence glass of chip inductor contai

The high temperature type solder used for the t

The glass of resistance layer and protection lay

The pin and solder of the components such as t 3. Signal cables: The alloy materials such as the steel ins lead. transistor chip contains lead. yer is immune from lead. the IC and power unit contain lead. l, aluminum, and copper materials 4. Cable connector: For most connectors, the metal sh 5. Power adapter: The interior contains lead. 6.The circuit board of the auxiliary equipment contain hell, terminal and pin contain lead. ns lead. Same as point one and point contain lead. two. 1 0 eSpace EGW1520 EGW1520

EGW1520 3 1 RESET6s6s WLAN 6s/WLAN 6sWPS Wi-Fi Protected Setup 1 1 EGW1520 1 2 EGW1520 EGW1520 M4 5mmEGW1520 10cm 150mm 3 3G ADSLWAN FXO1/LINE IP IAD PC POWER 1 2 EGW1520 EGW1520ADSLWAN DHCP EGW1520 WANIP IP PBXIMS/NGNUC 1 3 a WAN IP IP DNS DHCP PVC Identifier (VPI) PVC Identifier (VCI) SSID ADSL b Web ADSLWAN WAN IP WANIP DHCP EGW1520IDWiFi EGW1520 IDeSpace EGW_****

****WLAN MAC4 863ASCII6416 863ASCII6416 EGW1520WLAN MAC PCEGW152 PCIE6.0 https://192.168.1.1 admin 20LAN EGW1520 Admin@123 c Web a 4 1 4 IP PBX a EGW1520IP EGW1520PHONE EGW1520IP PBX 888 130 IAD

+FXO IP 1IADEGW1520 2IADEGW1520 POTS SIP SIP SIP 6001 6002 6003 6004 b 1 2 3 4 5 6 a SIPUC POTS IP EGW1520 IAD IAD208EM 1. IEIADIP 2. roota 3. > I EGW1520 LANIP192.16 192.168.1.1 a IP PBX SIP 192.168.100.1 dminWeb PIADIP192.168.1.x 68.1.1255.255.255.0 4. SIP > SIPSIP PIPEGW1520LANIP 192.168.1.1 5. SIP > FXS a a ID 1 5 7 IP eSpace 78xx 1. IEIP IP IPOKIPIP 2. adminWeb 3. IP SIP192.168.1.1EGW1520 IP LAN a 4. IP EGW1520Web

> > IP 8 IMS/NGN a SIP SIP IP SIP SIPIP m04.huawei.com 191.1.1.1 SIP NGNIMS EGW1520SIP 10900 60 S 014400 SIP 360 b IMS, ID SIP IMS NGNIMS ID ID 0 1 2

+8657187654321

+8657187654322

+8657187654323

+8657187654321@abc d f

.def.com

+8657187654322@abc

.def.com

+8657187654323@abc

.def.com IMS abc.def.com abc.def.com abc.def.com 1 6 c EGW1520IP EGW1520PHONE IAD

ID IDID ID++

130 D D

+00 IP 1IAD EGW1520 2IAD EGW1520 POTS SIP SIP SIP ID ID 600 1 6002 2 6003 3 6004 4 0 1 2 3 008657187654321 008657187654322 008657187654323 008657187654324 d 1 1 2 3 4 SIP UC SIPUC b c POTS IP EGW1520 5 6 IADIAD208EM 1. IEIADIP 2. roota 3. > I EGW1520 LAN IP192 16 EGW1520 LANIP192.16 192.168.1.1 c SIP SIP a a SIP 192.168.100.1 dminWeb PIADIP192.168.1.x 68 1 1 255 255 255 0 68.1.1255.255.255.0 4. SIP > SIPSIP PIPEGW1520LANIP 192.168.1.1 5. SIP > FXS c c ID 1 7 7 IP eSpace 78xx 1. IEIP IP IPOKIPIP 2. adminWeb 3. IP SIP192.168.1.1EGW1520 IP LAN c 4. IP

> > IP EGW1520Web 8 UC a UC EGW1520888 SIPEGW1520 IT IP IPIT IT IT 8098 EGW1520 EGW1520 122 IT SIP SIP SIP IPIT SIP IMSNG SIP SIP GNIT eSpace U1960NGN eSpace U2900IMS EGW1520 SIP 3015090 POTSSIP 014400360 1 8 b 1 2 3 SIPUC S EGW1520 EGW1520Web a a SIP

>

IP SIP1SIP2 SIPEGW1530BLANIP SIP3 4 4 a http://enterpr b

IP PBX rise.huawei.com EGW1520IP 888+

PSTN EGW1520FXO

IMS/NGN EGW1520IP

UC EGW1520IP 888+

PSTN EGW1520FXO 1 9 http://enterprise.huawei.com

> > UC&C > UC > UC Pb Hg C Cd Cr6+

PBB PBDE

/

SJ/T-113632006 SJ/T113632006 1. 2. /

PCB

//

85

IC 3. 4. 5. 6. 1 5 12 2 0 HUA Hu AWEI TECHNOLOGIES CO., LTD. awei Industrial Base Bantian Longgang Shenzhen 518129 Peoples Republic of China People s Republic of China http://enterprise.huawei.com 518129 http://enterprise.huawei.com

 

 

Compliance and Safety Manual Issue Date HUAWEI TECHNOLOGIES CO., LTD. Copyright Huawei Technologies Co., Ltd. 2010. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any means without prior written consent of Huawei Technologies Co., Ltd. Trademarks and Permissions and other Huawei trademarks are trademarks of Huawei Technologies Co., Ltd. All other trademarks and trade names mentioned in this document are the property of their respective holders. Notice The purchased eSpace EGW1520, services and features are stipulated by the contract made between Huawei and the customer. All or part of the eSpace EGW1520, services and features described in this document may not be within the purchase scope or the usage scope. Unless otherwise specified in the contract, all statements, information, and recommendations in this document are provided "AS IS" without warranties, guarantees or representations of any kind, either express or implied. The information in this document is subject to change without notice. Every effort has been made in the preparation of this document to ensure accuracy of the contents, but all statements, information, and recommendations in this document do not constitute the warranty of any kind, express or implied. Huawei Technologies Co., Ltd. Address:

Huawei Industrial Base Bantian, Longgang Shenzhen 518129 People's Republic of China Website:

http://www.huawei.com Email:

support@huawei.com Issue () Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. i 1 Regulatory Compliance Statement 1 Regulatory Compliance Statement About This Chapter 1.1 Declaration of Conformity to European Directives Issue () Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 1-1 1 Regulatory Compliance Statement 1.1 Declaration of Conformity to European Directives Figure 1-1 Declaration of Conformity to European Directives 1-2 Huawei Proprietary and Confidential Issue () Copyright Huawei Technologies Co., Ltd. 2 Regulatory Compliance Information 2 Regulatory Compliance Information About This Chapter 2.1 Regulatory Compliance Standards 2.2 European Regulatory Compliance 2.3 U.S.A Regulatory Compliance 2.4 Canada Regulatory Compliance 2.5 Japan Regulatory Compliance 2.6 CISPR 22 Compliance 2.7 China RoHS hazardous substance table 2.8 Other Markets 2.1 Regulatory Compliance Standards eSpace EGW1520 complies with the standards listed in Table 2-1. Issue () Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 2-1 2 Regulatory Compliance Information Table 2-1 Regulatory compliance standards Discipline EMC Safety Telecom RF Health Standards CISPR22 Class B CISPR24 EN55022 Class B EN50024 ETSI EN 301 489-1 Class B ETSI EN 301 489-17 FCC Part 15 Subpart B Class B ICES 003 Class B AS/NZS CISPR22 Class B VCCI Class B IEC61000-3-2 IEC61000-3-3 EN61000-3-2 EN61000-3-3 ITU-T K.21 IEC 60950-1 EN 60950-1 UL 60950-1 CSA C22.2 No 60950-1 AS/NZS 60950.1 FCC Part 68 (CFR 47) ETSI EN 300 328 FCC Part15 Subpart C ICNIRP Guideline 1999-519-EC EN 62311 OET Bulletin 65 IEEE Std C95.1 Environmental protection 2002/95/EC & 2011/65/EU (RoHS) EC NO. 1907/2006 (REACH) 2002/96/EC (WEEE) 2-2 Huawei Proprietary and Confidential Issue () Copyright Huawei Technologies Co., Ltd. Discipline NOTE 2 Regulatory Compliance Information Standards EMC: electromagnetic compatibility RF: radio frequency CISPR: International Special Committee on Radio Interference EN: European Standard ETSI: European Telecommunications Standards Institute CFR: Code of Federal Regulations FCC: Federal Communication Commission IEC: International Electrotechnical Commission AS/NZS: Australian/New Zealand Standard VCCI: Voluntary Control Council for Interference CNS: Chinese National Standard UL: Underwriters Laboratories CSA: Canadian Standards Association BS: British Standard IS: Indian Standard GR: General Requirement WLAN: wireless local area network ICNIRP: International Commission on Non-Ionizing Radiation Protection OET: Office of Engineering Technology IEEE: Institute of Electrical and Electronics Engineers RoHS: restriction of the use of certain hazardous substances 2.2 European Regulatory Compliance eSpace EGW1520 complies with the following European directives and regulations. 1999/5/EC (R&TTE) 2002/95/EC & 2011/65/EU (RoHS) EC NO. 1907/2006 (REACH) 2002/96/EC (WEEE) eSpace EGW1520 complies with Directive 2002/95/EC, 2011/65/EU and other similar regulations from the countries outside the European Union, on the RoHS in electrical and electronic equipment. The device does not contain lead, mercury, cadmium, and hexavalent chromium and brominated flame retardants (Polybrominated Biphenyls (PBB) or Polybrominated Diphenyl Ethers (PBDE)) except for those exempted applications allowed by RoHS directive for technical reasons. eSpace EGW1520 complies with Regulation EC NO. 1907/2006 (REACH) and other similar regulations from the countries outside the European Union. Huawei will notify to the European Chemical Agency (ECHA) or the customer when necessary and regulation requires. Issue () Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 2-3 2 Regulatory Compliance Information eSpace EGW1520 complies with Directive 2002/96/EC on waste electrical and electronic equipment (WEEE). Huawei is responsible for recycling its end-of-life devices, and please contact Huawei local service center when recycling is required. Huawei strictly complies with the EU Waste Electrical and Electronic Equipment Directive (WEEE Directive) and electronic waste management regulations enacted by different countries worldwide. In addition, Huawei has established a system for recycling and reuse of electronic wastes, and it can provide service of dismantling and recycling for WEEE. By Huawei recycling system, the waste can be handled environmentally and the resource can be recycled and reused fully, which is also Huawei WEEE stratagem in the word. Most of the materials in eSpace EGW1520 are recyclable, and our packaging is designed to be recycled and should be handled in accordance with your local recycling policies. In accordance with Article 11(2) in Directive 2002/96/EC (WEEE), eSpace EGW1520 were marked with the following symbol: a cross-out wheeled waste bin with a bar beneath as below:

2.3 U.S.A Regulatory Compliance 2.3.1 FCC Part 15 2.3.2 FCC Part 68 2.3.1 FCC Part 15 eSpace EGW1520 complies with Part 15 of the FCC Rules. Operation is subject to the following two conditions:

This device does not cause harmful interference. This device must accept any interference received, including interference that may cause undesired operation. If this device is modified without authorization from Huawei, the device may no longer comply with FCC requirements for Class B digital devices. In that a case, your right to use the device may be limited by FCC regulations. Moreover, you may be required to correct any interference to radio or television communications at your own expense. This device has been tested and found to comply with the limits for a Class B digital device, pursuant to Part 15 of the FCC rules. These limits are designed to provide reasonable protection against harmful interference in a residential installation. 2-4 Huawei Proprietary and Confidential Issue () Copyright Huawei Technologies Co., Ltd. 2 Regulatory Compliance Information This device generates, uses and radiates radio frequency energy. If it is not installed and used in accordance with the instructions, it may cause harmful interference to radio communications. However, there is no guarantee that interference will not occur in a particular installation. If this device does cause harmful interference to radio or television reception, which can be determined by turning the device off and on, the user may take one or more of the following measures:

Reorient or relocate the receiving antenna. Reinforce the separation between the device and receiver. Connect the device into an outlet on a circuit different from that to which the receiver is connected. Consult the dealer or an experienced radio or TV technician for assistance. This equipment complies with FCC RF radiation exposure limits set forth for an uncontrolled environment. This transmitter must not be co-located or operating in conjunction with any other antenna or transmitter. This equipment should be installed and operated with a minimum distance of 20 centimeters between the radiator and your body. The manufacturer is not responsible for any radio or TV interference caused by unauthorized modifications to this equipment. Such modifications could void the user authority to operate the equipment. 2.3.2 FCC Part 68 eSpace EGW1520 complies with Part 68 of the FCC rules and the requirements adopted by the Administrative Council on Terminal Attachments (ACTA). On the bottom of this device is a label that contains, among other information, a device identifier in the format US:

HAUIS##TEGW1530. On request, this number must be provided to the telephone company. Table 2-3 lists the service order code (SOC), facility interface code (FIC) and Universal Service Order Code (USOC). Table 2-2 SOC, FIC and USOC information Interface Type SOC ADSL FXO

--

9.0F FIC Metallic 02LS2 Jack Type (USOC) RJ11C RJ11C eSpace EGW1520 that bears labeling identification number US: AAAIS##T EGW1530 complies with:

FCC Rules and Regulations 47 CFR Part 68 Issue () Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 2-5 2 Regulatory Compliance Information TIA/EIA/IS-968, Technical Criteria for Terminal Device to Prevent Harms to the Telephone Network, July 2001, as adopted by the ACTA. Table 2-4 lists the network modules certification numbers. Table 2-3 Network modules certification numbers Network Module Certification Number US: HAUIS##T EGW1520 A plug and jack used to connect this device to the premises wiring and telephone network must comply with the FCC Part 68 rules and requirements adopted by the ACTA. A compliant telephone cord and modular plug are provided with this device. The plug is designed to connect to a compatible modular jack that is also compliant with the applicable FCC Part 68 rules and requirements. The REN is used to determine the number of devices that may be connected to a telephone line. Excessive RENs on a telephone line may result in the devices not ringing in response to an incoming call. In most areas, the sum of RENs should not exceed five (5.0). To be certain of the number of devices that may be connected to a line, as determined by the total RENs, contact the local telephone company. If this device causes harm to the telephone network, the telephone company will notify you in advance that temporary discontinuance of service may be required. If advance notice is not practical, the telephone company will notify the customer as soon as possible. In this case, you will be advised of your right to file a complaint with the FCC. The telephone company may make changes in its facilities, device, operations or procedures that could affect the operation of the device. If this happens, the telephone company will provide advance notice so that you make necessary modifications to maintain uninterrupted service. If this device causes any trouble, contact a Factory Service Center or other Authorized Servicer company for repairs or warranty information. If the device causes harm to the telephone network, the telephone company may request that you disconnect the device until the problem is resolved. Connection to party-line service is subject to state tariffs. Contact the state public utility commission, public service commission, or corporation commission for information. If your home has specially wired alarm device connected to the telephone line, ensure the installation of this equipment does not disable your alarm device. For queries relating to disabling of alarm device, consult the telephone company or a qualified installer. 2.4 Canada Regulatory Compliance 2.4.1 CS-03 statement This eSpace EGW1520 meets the applicable Industry Canada technical specifications. Le prsent matriel est conforme aux specifications techniques applicables dIndustrie Canada. 2-6 Huawei Proprietary and Confidential Issue () Copyright Huawei Technologies Co., Ltd. 2 Regulatory Compliance Information The Ringer Equivalence Number (REN) is an indication of the maximum number of devices allowed to be connected to a telephone interface. The termination of an interface may consist of any combination of devices subject only to the requirement that the sum of the RENs of all the devices not exceed five. Lindice dquivalence de la sonnerie (IES) sert indiquer le nombre maximal de terminaux qui peuvent tre raccords une interface tlphonique. La terminaison dune interface peut consister en une combinaison quelconque de dispositifs, la seule condition que la somme dindices dquivalence de la sonnerie de tous les dispositifs nexcde pas cinq. 2.4.2 RSS-Gen statement This device complies with Industry Canada licence-exempt RSS standard(s). Operation is subject to the following two conditions: (1) this device may not cause interference, and (2) this device must accept any interference, including interference that may cause undesired operation of the device. Le prsent appareil est conforme aux CNR d'Industrie Canada applicables aux appareils radio exempts de licence. L'exploitation est autorise aux deux conditions suivantes : (1) l'appareil ne doit pas produire de brouillage, et (2) l'utilisateur de l'appareil doit accepter tout brouillage radiolectrique subi, mme si le brouillage est susceptible d'en compromettre le fonctionnement. 2.4.3 RSS-210 statement:

This device complies with Industry Canada RSS-210. Operation is subject to the following two conditions: (1) this device may not cause interference, and(2) this device must accept any interference, including interference that may cause undesired operation of the device. Le prsent appareil est conforme aux CNR d'Industrie Canada applicables aux appareils radio RSS-210. L'exploitation est autorise aux deux conditions suivantes : (1) l'appareil ne doit pas produire de brouillage, et (2) l'utilisateur de l'appareil doit accepter tout brouillage radio lectrique subi, mme si le brouillage est susceptible d'en compromettre le fonctionnement. 2.4.4 RSS-102 statement:

The device meets the exemption from the routine evaluation limits in section 2.5 of RSS 102 and compliance with RSS-102 RF exposure, users can obtain Canadian information on RF exposure and compliance. Le dispositif rencontre l'exemption des limites courantes d'valuation dans la section 2.5 de RSS 102 et la conformit l'exposition de RSS-102 rf, utilisateurs peut obtenir l'information canadienne sur l'exposition et la conformit de rf. This equipment complies with IC radiation exposure limits set forth for an uncontrolled environment. This transmitter must not be co-located or operating in conjunction with any other antenna or transmitter. This equipment should be installed and operated with minimum distance 20cm between the radiator and your body. Cet quipement est conforme l'exposition aux rayonnements IC limites tablies pour unenvironnement non contrl. Cet metteur ne doit pas tre Co-plac ou ne fonctionnant en mme temps qu'aucune autre antenne ou metteur.Cet quipement doit tre install et utilis avec un minimum de 20 cm de distance entre le radiateur et votre corps. Issue () Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 2-7 2 Regulatory Compliance Information 2.5 Japan Regulatory Compliance 2.5.1 VCCI 2.5.1 VCCI eSpace EGW1520 complies with VCCI Class B by Information Technology Equipment (ITE). The preceding translates as follows:

This is a Class B eSpace EGW1520 based on the standard of the Voluntary Control Council for Interference by Information Technology Equipment (VCCI).If this eSpace EGW1520 is used Near a radio or television receiver in a domestic environment. It may cause radio Interference.Install and use the equipment according to the instruction manual. 2.6 CISPR 22 Compliance eSpace EGW1520 complies with CISPR 22 for Class B by the ITE. 2.7 China RoHS hazardous substance table This eSpace EGW1520 described in this guide complies with the Chinese RoHS Frame 2-8 Huawei Proprietary and Confidential Issue () Copyright Huawei Technologies Co., Ltd. 2 Regulatory Compliance Information Alloy Parts Power Adapter Metal Fittings PCBA Capacitor Other electronics Screen Solder Cable Plastic and Polymer Label Battery 2.8 Other Markets For relevant compliance information/documentation for markets not mentioned above, please contact Huawei representative Issue () Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 2-9

 

 

eSpace EGW1520 Enterprise Gateway V100R001C01 Product Documentation Issue Date 01 2012-05-15 HUAWEI TECHNOLOGIES CO., LTD. Copyright Huawei Technologies Co., Ltd. 2012. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any means without prior written consent of Huawei Technologies Co., Ltd. Trademarks and Permissions and other Huawei trademarks are trademarks of Huawei Technologies Co., Ltd. All other trademarks and trade names mentioned in this document are the property of their respective holders. Notice The purchased products, services and features are stipulated by the contract made between Huawei and the customer. All or part of the products, services and features described in this document may not be within the purchase scope or the usage scope. Unless otherwise specified in the contract, all statements, information, and recommendations in this document are provided "AS IS" without warranties, guarantees or representations of any kind, either express or implied. The information in this document is subject to change without notice. Every effort has been made in the preparation of this document to ensure accuracy of the contents, but all statements, information, and recommendations in this document do not constitute the warranty of any kind, express or implied. Huawei Technologies Co., Ltd. Address:

Huawei Industrial Base Bantian, Longgang Shenzhen 518129 People's Republic of China Website:

http://www.huawei.com Email:

support@huawei.com Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. i eSpace EGW1520 Enterprise Gateway Product Documentation 1 Library Information 1 Library Information About This Chapter This topic describes the basic information about the EGW1520 document package, including the reader information and change history. 1.1 Library Overview This topic describes the main contents of each document in the library and the intended audience and defines each type of audience. 1.2 Conventions This topic describes the conventions in the document. 1.3 Change History Updates between document issues are cumulative. Therefore, the latest document issue contains all updates made in previous issues. 1.1 Library Overview This topic describes the main contents of each document in the library and the intended audience and defines each type of audience. Library Structure Table 1-1 describes all documents in the package. Table 1-1 Library Structure Topic Description Safety Precautions The precautions for using and maintaining products. Overview This section describes the product position, networking, appearance, functions, technical parameters, and Regulatory Compliance Information. Installation This section describes how to install EGW1520. Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 1 eSpace EGW1520 Enterprise Gateway Product Documentation 1 Library Information Topic Description Features and Implementation This section describes EGW1520 features and how to implement them. Quick Configuration This topic describes how to quickly configure the EGW1520. After the EGW1520 is configured, it provides Internet access and basic voice services. Diagnosis modes This section describes diagnosis modes for the EGW1520. System Management This section describes how to manage and maintain EGW1520 in different modes. Security Maintenance This section describes the concept and methods for maintaining the EGW1520. Troubleshooting The troubleshooting processes of common faults and provides typical troubleshooting cases of EGW1520. Reference This section describes Web parameter reference, TR-069 parameter reference and how to Customizing Voice Prompts for the Switchboard. Glossary All terms in the product documentation. Intended Audience Table 1-2 describes the engineers that the documents are intended for. Table 1-2 Definition of the intended audience Intended Audience Definition Maintenance Engineer Maintenance engineers have veteran experience in telecommunications and databases, and are responsible for adjusting service data configurations, rectifying faults, and upgrading services. Technical support Engineer Technical support engineers provide detailed technical support for the equipment. 1.2 Conventions This topic describes the conventions in the document. Symbol Conventions The following symbols may be found in this document. They are defined as follows. Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 2 eSpace EGW1520 Enterprise Gateway Product Documentation Symbol Description 1 Library Information Indicates a hazard with a high level of risk which, if not avoided, will result in death or serious injury. Indicates a hazard with a medium or low level of risk which, if not avoided, could result in minor or moderate injury. Indicates a potentially hazardous situation that, if not avoided, could cause device damage, data loss, and performance degradation, or unexpected results. Indicates a tip that may help you solve a problem or save your time. Provides additional information to emphasize or supplement important points of the main text. General Conventions Convention Description Times New Roman Normal paragraphs are in Times New Roman. Boldface Italic Names of files, directories, folders, and users are in boldface. For example, log in as user root. Book titles are in italics. Courier New Terminal display is in Courier New. Command Conventions Convention Boldface Italic

[ ]

{ x | y | ... }

[ x | y | ... ]

{ x | y | ... } *

Description The keywords of a command line are in boldface. Command arguments are in italic. Items (keywords or arguments) in square brackets [ ] are optional. Alternative items are grouped in braces and separated by vertical bars. One is selected. Optional alternative items are grouped in square brackets and separated by vertical bars. One or none is selected. Alternative items are grouped in braces and separated by vertical bars. A minimum of one or a maximum of all can be selected. Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 3 eSpace EGW1520 Enterprise Gateway Product Documentation Convention

[ x | y | ... ] *

GUI Conventions Convention Boldface

>

Keyboard Operation Format Key Key 1+Key 2 Key 1, Key 2 Mouse Operation Action Click Double-click Drag 1 Library Information Description Alternative items are grouped in braces and separated by vertical bars. Several or none can be selected. Description Buttons, menus, parameters, tabs, window, and dialog titles are in boldface. For example, click OK. Multi-level menus are in boldface and separated by the

">" signs. For example, choose File > Create > Folder. Description Press the key. For example, press Enter and press Tab. Press the keys concurrently. For example, pressing Ctrl+Alt+A means the three keys should be pressed concurrently. Press the keys in turn. For example, pressing Alt, A means the two keys should be pressed in turn. Description Select and release the primary mouse button without moving the pointer. Press the primary mouse button twice continuously and quickly without moving the pointer. Press and hold the primary mouse button and move the pointer to a certain position. 1.3 Change History Updates between document issues are cumulative. Therefore, the latest document issue contains all updates made in previous issues. Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 4 eSpace EGW1520 Enterprise Gateway Product Documentation Updates in draft Issue 01 (2012-03-14) First commercial release. 1 Library Information Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 5 eSpace EGW1520 Enterprise Gateway Product Documentation 2 Safety Precautions 2 Safety Precautions Pay attention to the following precautions when installing and using the device. Basic Requirements Keep the device dry when storing, transporting, and using the device. Take care to avoid collision when storing, transporting, and using the device. The installation instructions provided should be followed. In the event of a fault, contact the maintenance personnel. Do not open the device. Any company or person cannot change the design of the structure or security without permission. Any changes to the device must be carried out by an authorized and suitably qualified person with the permission of manufacturer. Usage Notice This device must be used in compliance with the legal and regulatory requirements of the country in which it is being used. Please respect the legal rights of others when using this device. This device should be installed by a suitably qualified person. The device must be far away from heat sources. Do not place any objects on the device. Ensure that the heat dissipation vents on are not blocked. DO NOT Drop the device from a height of 80 cm or greater; this may damage the device. In the event of an electrical storm / lightning, turn off the power to the device and remove cables to avoid damage to the device. All the phone cables are only used indoors, or the lightning may damage the device. Keep the power plug clean and dry to avoid risk of electric shock and other potential risk. Use the power supply adapter provided with this product. When using this device with mains power, the power socket should be located close to the device and should be easily accessible. Keep your hands dry when plugging in or out the device cable. When the device is not in use, the power should be turned off and the mains power cable should be disconnected from the mains supply. Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 6 eSpace EGW1520 Enterprise Gateway Product Documentation 2 Safety Precautions Keep water and other liquids away from the device. In the event of liquid coming into contact with the device, disconnect from the power immediately. Remove all cables, including network connections and power cables and contact your maintenance personnel. Never use damaged or old cables. In the event of unusual behavior, such as smoke emitting from the device, unusual noises or smells, disconnect from the mains power supply immediately, remove all the cables connected to the device and contact an authorized maintenance personnel. Care should be taken to prevent foreign objects from entering the device, with particular attention being paid to the heat dissipation hole. Please keep this device and accessories away from children. The antennas and 3G USB label used for this device must be installed to provide a safety distance of at least 20 cm from all persons. Do not use the device where use of wireless devices is prohibited or may cause interference or danger such as hospitals. The radio waves generated by the device may interfere with the operation of electronic medical devices. Use electrical medical device under the guidance of the professionals or contact its manufacturer for the restrictions on the use of the device. Cleaning Notice Before cleaning, the device should be shut down and disconnected from the mains power supply, removing all power and network cables. Clean using a soft, dry cloth. Do not use liquid or aerosol cleaners on this device. Environment Protection Please comply to all legal and environmental requirements when disposing of obsolete devices and packaging. Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 7 eSpace EGW1520 Enterprise Gateway Product Documentation 3 Overview 3 Overview About This Chapter This section describes the product position, networking, appearance, functions, technical parameters, and Regulatory Compliance Information. 3.1 Product Positioning and Features This topic describes the product positioning and features of the eSpace EGW1520. 3.2 Application Scenarios 3.3 Architecture This topic describes the appearanceports, and indicators of the EGW1520. 3.4 Functions and Features The EGW1520 provides rich functions and features to support voice services and data services. 3.5 Operation and Maintenance Users can manage the EGW1520 in the web management system and use the eSpace element management system (EMS) to operate and maintain the EGW1520. 3.6 Technical Specifications, Standards, and Authentications This topic describes the technical specifications, standards, and authentications of the EGW1520. 3.1 Product Positioning and Features This topic describes the product positioning and features of the eSpace EGW1520. 3.1.1 Product Positioning eSpace EGW1500 is a multi-service access gateway that integrates applications such as voice, data, and broadband connections and provides a complete access solution. It is an optimal choice for Small Office Home Office (SOHO) users and small enterprises to establish an integrated office network. Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 8 eSpace EGW1520 Enterprise Gateway Product Documentation 3 Overview The eSpace EGW1500 provides multiple uplink ports for networks in different uplink modes. It also provides user ports to establish flexible office networks. 3.1.2 Highlights This topic describes the product highlights of the EGW1520. With various services and ports, the EGW1520 features cost-effectiveness, high reliability and security, easy deployment, and simplified maintenance. High Reliability and Security The EGW1520's reliability reaches 99.99%, the mean time between failures (MTBF) is over 50 years, and the mean time to restore (MTTR) is less than 3 minutes. The EGW1520 provides various mechanism such as dual-homing, power-off survival, local survival, 3G access backup, and QoS to ensure the device reliability, and uses advanced technologies such as VPN, URL filtering, NAT, and DMZ to improve network security. Integration of Multiple Services The EGW1520 integrates various functions such as broadband access, voice, routing, security, wireless, firewall, and VPN. Multiple services can be deployed on the same node, which significantly reduces the initial investment and long-term maintenance costs of the enterprise network. The EGW1520 uses an advanced hardware platform and software architecture to provide users with the integrated network solution with a minimum investment. Various Ports The EGW1520 provides various uplink ports for different networking scenarios, including WAN, ADSL, USB, and FXO ports. The EGW1520 also provides diversified user ports such as Wi-Fi, LAN, FXS port to set up flexible office networks. Easy Installation and Maintenance The EGW1520 is a relatively small box that can be placed on a desk or mounted on a wall. The EGW1520 provides standard external ports that are clearly marked to facilitate installation and cable connection. The EGW1520 uses standard connection parts and does not require a dedicated installation tool. Users can view and configure devices on Web pages. The web management system provides step-by-step configuration guide for qiuck installation. Efficient Remote Maintenance The EGW1520 ensures the security of remote access. Users can access the EGW1520 through an uplink port (WAN, ADSL, or 3G) to perform remote configuration and maintenance. The EGW1520, complying with the TR-069 protocol, connects to the network management server (such as the eSpace EMS) to enable management functions such as the software version upgrade, configuration file backup and recovery, and device status monitoring. Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 9 eSpace EGW1520 Enterprise Gateway Product Documentation 3.2 Application Scenarios EGW1520 supports two application scenarios. 3 Overview The EGW1520 provides a small-capacity solution integrating voice and broadband services for small enterprises or SOHO users. The EGW1520 provides a comprehensive access solution for small branches by integrating with the eSpace UC solution. 3.2.1 Application of EGW1520 in SOHOs The EGW1520 provides a small-capacity solution integrating voice and broadband services for small enterprises or SOHO users. Figure 3-1 shows the networking mode for the application of the EGW1520 in SOHOs. Figure 3-1 Application of the EGW1520 in SOHOs Uplink Mode The EGW1520 supports three uplink access modes, namely, Asymmetric Digital Subscriber Line (ADSL), Wide Area Network (WAN), and 3G, as shown in Figure 3-1. The EGW1520 usually connects to an IP network through ADSL or WAN ports. When neither ADSL or WAN port is available, users can use USB-based 3G data cards to connect to a 3G network, to transmit voice and data streams (excluding fax data). Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 10 eSpace EGW1520 Enterprise Gateway Product Documentation 3 Overview The ADSL and WAN connections are two parallel modes, which cannot be used together or back up each other. Voice Application The EGW1520 supports the IP PBX function. Users can use different terminals (such as analog phones, fax machines, and IP phones) to connect to the EGW1520 for internal communication. In addition, the EGW1520 acts as an agent to register users with the IMS or NGN to implement outgoing calls and provide voice services. The FXO/LINE port supports the power-off survival function. When the EGW1520 encounters a power failure, the analog phone can be connected to the PSTN through the FXO/LINE port. In this way, the call function is still available even when the EGW1520 is powered off. Data Application The EGW1520 can be used to set up an enterprise network in LAN or WLAN mode. LAN users use the EGW1520 to connect to the Internet to use various services. The EGW1520 also supports various data functions, such as WLAN, DNS, VLAN, DHCP, static routing, QoS, NAT, VPN, URL filtering, DMZ, analog server, and MAC address filtering. 3.2.2 Enterprise Branch The EGW1520 integrates various eSpace UC solutions and is deployed in small-sized enterprise branches. As the network ingress, the EGW1520 provides a comprehensive access solution for enterprise branches. Figure 3-2 shows the networking mode for the application of the EGW1520 in enterprise branches. Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 11 eSpace EGW1520 Enterprise Gateway Product Documentation Figure 3-2 Application of the EGW1520 in enterprise branches 3 Overview Uplink Mode The EGW1520 supports three uplink access modes, namely, ADSL, WAN, and 3G, as shown in Figure 3-2. The EGW1520 usually connects to an IP network through ADSL or WAN ports. When neither ADSL or WAN port is available, users can use USB-based 3G data cards to connect to a 3G network, to transmit voice and data streams (excluding fax data). The ADSL and WAN connections are two parallel modes, which cannot be used together or back up each other. Voice Application Users within the enterprise branches are registered with the SIP server on the central node of the headquarters. The user numbers are allocated and synchronized to the EGW1520 by the data synchronization server. In the eSpace UC solution, the SIP server on the central node of the headquarters controls incoming and outgoing calls of enterprise branch users and provides voice services for these users. The EGW1520 supports the trunking gateway function to process incoming and outgoing calls for the local PSTN. This function helps reduce enterprises' toll call costs. The FXO1/LINE port supports the power-off survival function. When the EGW1520 encounters a power failure, the analog phone can be connected to the PSTN through the FXO1/LINE port. In this way, the call function is still available even when the EGW1520 is powered off. Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 12 eSpace EGW1520 Enterprise Gateway Product Documentation Local Survival 3 Overview The EGW1520 registers with the active and standby servers at the same time. If the active and standby SIP servers are both faulty, the EGW1520 switches to the local survival mode to process intra-office calls as a local server. When the active or standby SIP server is restored, the EGW1520 exits the local survival mode. Data Application The EGW1520 can be used to set up an enterprise network in LAN or WLAN mode. LAN users use the EGW1520 to connect to the Internet to use various services. The EGW1520 also supports various data functions, such as WLAN, DNS, VLAN, DHCP, static routing, QoS, NAT, VPN, URL filtering, DMZ, analog server, and MAC address filtering. 3.3 Architecture This topic describes the appearanceports, and indicators of the EGW1520. 3.3.1 Appearance EGW1520 is a box-shaped device that can be placed on a desk or mounted on the wall. Its dimensions (H x W x D) are 35 mm x 305 mm x 175 mm, as shown in Figure 3-3. Figure 3-3 EGW1520 appearance 3.3.2 Ports and Buttons This topic describes the EGW1520 ports and buttons. Figure 3-4 shows the EGW1520 ports and buttons. Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 13 eSpace EGW1520 Enterprise Gateway Product Documentation Figure 3-4 EGW1520 ports Figure 3-5 EGW1520 buttons 3 Overview Table 3-1 describes the EGW1520 ports. Table 3-1 EGW1520 ports and buttons SN Label Quan tity Physical Port and Attribute Function 1 2 ADSL 1 ADSL port RJ-11 Connects to the peer Digital Subscriber Line Access Multiplexer (DSLAM) through a telephone line to access the broadband network. FXO14 4 FXO port RJ-11 Enables phones connected to the EGW1520 to make calls. Enables the phone connected to PHONE1 to access the PSTN when the EGW1520 is powered off. 3 PHONE 1 POTS port Connects to analog phones and fax RJ-11 machines. PHONE1 supports power-off survival. One PHONE port can connect only one analog phone. User line length (diameter is 0.4 mm) is equal to or less than 1 km. PHONE ports are only used indoors. Ports specifications Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 14 eSpace EGW1520 Enterprise Gateway Product Documentation 3 Overview SN Label Quan tity Physical Port and Attribute Function The feed voltage is -48 V DC when an analog phone is in the on-hook state. The supply current is 25 mA when an analog phone is in the off-hook state. The value of EGW1520's ringing power is 50Vrms. Uses a 3G data card to connect to the 3G network. Connects to the broadband network in WAN mode. Connects to Ethernet devices such as local computers and IP phones to establish a LAN. When LAN ports connect to IP phones, they are only used indoors. Connects to the power supply adapter to provide power for the EGW1520. Requirement: 12 V DC, 2 A. 4 5 USB WAN 1 1 USB port USB 2.0 WAN port RJ-45 MDI-X 10/100/1000 Base-TX Outdoor network port 6 LAN1-4 4 LAN port RJ-45 MDI-X 10/100Base-

TX Indoor network port Power supply port 12 V/2 A 1 7 8 9 ON/OFF 1 Power switch Switch for powering on and powering off the EGW1520. RESET 1 Reset button Restores the factory settings if this button is held down for more than six seconds. Restarts the EGW1520 if this button is held down less than six seconds. 10 WLAN 1 Wi-Fi control button Enables the WiFi Protected Setup (WPS) function if this button is held down for more than six seconds. NOTE With the WPS function, the Wi-Fi terminal starts to authenticate the WPS. If the authentication exceeds two minutes, the function is not enabled. Enables or disables the WLAN function if this button is held down for less than six seconds. Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 15 eSpace EGW1520 Enterprise Gateway Product Documentation 3.3.3 Indicators 3 Overview This topic describes the EGW1520 indicators. Figure 3-6 shows the names of EGW1520 indicators. Figure 3-6 Names of the EGW1520 indicators Table 3-2 describes the indicators on the EGW1520 front panel. Table 3-2 Indicators on the EGW1520 front panel Indication Description Indicates the power status. Steady on: The EGW1520 is powered on. Off: The EGW1520 is powered off. Indicato r POWER ADSL Indicates the ADSL connection status. Steady on: The ADSL connection has been established and activated. Blinking: The ADSL connection is being activated. Off: The EGW1520 is powered off or the ADSL connection has not been established. Steady on: The EGW1520 works in routing mode and is connected to the WAN, but no data is transmitted. Blinking: The EGW1520 works in routing mode and is connected to the WAN, and data is being transmitted. Off: The EGW1520 works in bridge mode, works in routing mode and is not connected to the WAN, or is not powered on. INTERN ET Indicates the WAN or 3G connection status. WLAN Indicates the WLAN power or communication status. Steady on: The WLAN has been enabled but no data is transmitted. Blinking: The WLAN is enabled and data is being transmitted. Off: The EGW1520 is powered off or the Wi-Fi function is disabled. VOIP Indicates the VoIP status. Steady on: At least one VoIP user is registered with the SIP server and is in idle status. Blinking: At least one VoIP user is working. Off: The EGW1520 is powered off or the VoIP user failed to be registered with the SIP server. Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 16 eSpace EGW1520 Enterprise Gateway Product Documentation 3 Overview Indication Description Indicates the phone status. Steady on: The analog phone is picked up. Off: The EGW1520 is powered off or the analog phone is hung up. Indicato r PHONE In addition to the indicators on the front panel, there is an indicator on each network port, as shown in Table 3-3. Table 3-3 EGW1520 indicators on the network port Indicator Description Network port indicator Steady on: The network port is properly connected. Off: The network port is disconnected. Blinking: Data is being transmitted. 3.4 Functions and Features The EGW1520 provides rich functions and features to support voice services and data services. 3.4.1 Voice Features Voice Access SIP Trunk The SIP trunk supports the registration mode and static mode. The EGW1520 supports only the SIP trunk in the registration mode. The SIP trunk sends a registration message to the SIP server to set up a dynamic link. After being registered to the IMS or NGN network using the SIP trunk, the EGW1520 processes internal calls and the SIP signaling for outer-office calls. Common Mode When functioning as a device on the access layer, the EGW1520 can register with the IMS or NGN network using the SIP trunk and process SIP signalings. When functioning as the a small IP-PBX device, the EGW1520 accepts registration of IP phones and supports call control and protocol processing. A maximum of 20 SIP users can be registered. The EGW1520 provides four foreign exchange station (FXS) ports, connecting to a maximum of four POTS users. Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 17 eSpace EGW1520 Enterprise Gateway Product Documentation 3 Overview The EGW1520 supports a maximum of eight concurrent voice calls made by SIP users and POTS users. The maximum number of POTS users varies according to codec standard:

Four concurrent POTS calls for G.711 and G.729. Two concurrent POTS calls for G.726 and G.722. The EGW1520 voice services comply with the following standards:

G.711A, G.711u, G.729, G.726, and G.722 SIP (RFC 3261-3265) SIP Session Timers (RFC 4028) SDP (RFC 2327) RTP/RTCP RFC2833 UC Mode The EGW1520 is used together with the eSpace UC solution. In UC mode, the EGW1520 can be registered with multiple SIP servers at the same time. Phones connecting to the EGW1520 are registered with the SIP server on the central node at the headquarters. All calls are processed by the SIP server at the headquarters. When the EGW1520 is disconnected from the active and standby SIP servers, the EGW1520 automatically enters the local survival mode and functions as the local SIP server to accept registration of internal users. The EGW1520 processes all calls. The EGW1520 can function as the local PSTN landing gateway, implementing local incoming and outgoing calls and helping reduce toll call fees. Connecting to the PSTN Network The EGW1520 provides one FXO port used to connect to the PSTN network. An intra-office user dials the outgoing prefix and an outer-office user's number to make an outgoing call through the FXO port. An outer-office user dials the number that the PSTN carrier allocates to the FXO port to make an incoming call. The EGW1520 supports the switchboard and dedicated line functions. By default, the switchboard function is enabled. The EGW1520 supports one FXO port. The FXO port supports only the one-stage dialing mode. Only one call can be made through the FXO port at a time. Voice Services This topic describes the voice services supported by the EGW1520. Table 3-4 lists these voice services. Table 3-4 Voice services Type Service Voice service Calling line identification presentation (CLIP) Switchboard service Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 18 eSpace EGW1520 Enterprise Gateway Product Documentation Type Service 3 Overview Private line service Call pickup Call waiting Three-way calling Call forwarding unconditional (CFU) Call forwarding busy (CFB) Call forwarding on no reply (CFNR) Anonymous call Called number presentation Called number presentation restriction Do not disturb (DND) Night service Call hold Malicious caller identification Call history Call transfer Outgoing call barring Call back on busy (CBB) Voice message Message notification Message retrieval CLIR rejection Automatic call rejection Fax service T.30 and T.38 fax services Fixed mobile convergence

(FMC) service Simultaneous ringing Sequential ringing Call switch Voice message Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 19 eSpace EGW1520 Enterprise Gateway Product Documentation Voice QoS 3 Overview This topic describes the voice QoS policies supported by the EGW1520. VAD CNG EC PLC Jitter Buffer Reliability Voice activity detection (VAD) is a technology used in speech coding and speech recognition where the presence or absence of human speech is detected. The VAD avoids unnecessary coding and transmission of silence packets in Voice over Internet Protocol (VoIP) applications, saving computation and network bandwidth. Comfort noise generator (CNG) is used with VAD. When the VAD function is enabled and no packets are sent during the silent period, the listener may think that the call has disconnected. To avoid this, the EGW1520 enables the CNG function on the receiver end. The EGW1520 CNG technology complies with RFC3389. Echo cancellation (EC) is a process of removing echo from a voice communication to improve voice quality on a telephone call. In addition to improving subjective quality, this process increases the capacity achieved through silence suppression by preventing echo from traveling across a network. The EGW1520 EC technology complies with ITU-T G.168. Packets are often lost on the connectionless IP network as a result of network congestion, buffer area spillover, or error codes. A packet loss compensation (PLC) algorithm is used to minimize the effects of packet loss. Lost frames can be reconstructed during decoding based on the voice context, which ensures the quality of the received voice. With the jitter buffer function enabled, received packets can be buffered and then retrieved and processed to remove jitter. The EGW1520 provides various technologies to ensure voice communication reliability. Multi-SIP RegistrationDR Mechanism in a Small Branch Multi-SIP registration is a disaster recovery (DR) mechanism for emergencies, which is used to avoid SIP server breakdown. Functioning as a voice access device in small branches, the EGW1520 can register with two SIP servers at the same time. When the active SIP server is faulty, the EGW1520 switches services to the standby SIP server. When the active SIP server is recovered, the EGW1520 switches services to the active SIP server. Power-off Survival The EGW1520 provides an FXO port for power-off survival. When the EGW1520 is powered off, the POTS phone connected to the PHONE port is automatically connected to the FXO Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 20 eSpace EGW1520 Enterprise Gateway Product Documentation 3 Overview port to access the PSTN, which allows the EGW1520 to still support basic voice services during power-off. Local Survival Functioning as a voice access device in small branches, the EGW1520 supports local survival. When the EGW1520 detects that the central node in the headquarters is disconnected from the SIP server, the EGW1520 processes local calls. 3.4.2 Data Features The EGW1520 provides rich data services to meet requirements of different users. ADSL The EGW1520 can connect to an upstream network through the ADSL port. ADSL is an asymmetric transmission technology. It uses high frequencies that are not used by voice phone calls and several modulation methods to achieve high-speed data transmission. The routing and bridging connection types are supported. The EGW1520 can use a static IP address or use DHCP or Point-to-Point Protocol over Ethernet (PPPoE) to obtain a dynamic IP address. Two Point-to-Point Protocol (PPP) authentication modes are supported, including Password Authentication Protocol (PAP) and Challenge Handshake Authentication Protocol (CHAP). The ADSL Seamless Rate Adaptation (SRA) technology is supported. The voice service and the data service must use the same ADSL Permanent Virtual Circuits (PVC) channel. The EGW1520 can connect to an IP network through the ADSL or WAN port. The ADSL and WAN ports cannot be used at the same time or back each other up. The EGW1520 can connect to an IP network through the WAN port. The ADSL and WAN ports cannot be used at the same time or back each other up. The EGW1520 provides a 10/100/1000 Mbit/s self-adaptive WAN port. The EGW1520 can use a static IP address or use DHCP or PPPoE to obtain a dynamic IP address. The WAN port automatically chooses a work mode between the full-duplex and half-duplex modes. The duplex mode cannot be manually configured. The EGW1520 can connect to an IP network through the ADSL or WAN port. The ADSL and WAN ports cannot be used at the same time or back each other up. Generally, the EGW1520 connects to an IP network through the ADSL or WAN port. If a 3G data card is inserted into the USB port, the EGW1520 can also connect to a 3G network using the 3G data card. The 3G network connection supports voice (except the fax service) and data services. The EGW1520 supports the following 3G data cards:

WAN Port 3G Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 21 eSpace EGW1520 Enterprise Gateway Product Documentation 3 Overview Time Division-Synchronous Code Division Multiple Access (TD-SCDMA) data cards:

Huawei ET302 (software version: 11.100.05.00.00) Huawei ET127 (software version: 11.101.01.36.00) Wideband Code Division Multiple Access (WCDMA) data cards:

Huawei K3765 (software version: 11.126.03.06.00) Huawei E176G (software version: 11.126.03.02.00) The 3G network connection can be used as a backup network connection when no ADSL or WAN connection is available, and does not support fax, DMZ host, and virtual server functions. Static Routes LAN Ports WLAN DNS VLAN Users can manually configure static routes on the EGW1520. Proper static routes improve the network performance and ensure that important network application obtain required bandwidth. Terminals such as PCs and IP phones can connect to the EGW1520 through LAN ports to establish a small LAN. Functions such as file management, application sharing, printer sharing, scheduling in a work group, email, and fax can be implemented in the LAN. The EGW1520 provides eight 10/100Mbit/s self-adaptive LAN ports. The default IP address for accessing the EGW1520 through LAN ports is 192.168.1.1 and the default the subnet mask is 255.255.255.0. The EGW1520 can function as a DHCP server and assign IP addresses to data terminals such as PCs and IP phones connected to the EGW1520 through LAN ports. The EGW1520 supports Wi-Fi services and wireless networking. It provides an integrated network solution that covers both wired and wireless networking for small enterprises. IEEE 802.11b/g/n is supported. A maximum of 16 Wi-Fi terminals can connect to the EGW1520 at the same time. Four Service Set Identifiers (SSIDs) can be configured and the EGW1520 supports SSID broadcasting or hiding. The MAC address filtering function is supported. A maximum of 16 MAC addresses can be added to the list of MAC addresses that are allowed to connect to the EGW1520. The Wi-Fi bridging function is not supported. DNS allows users to specify meaningful domain names for network devices. The EGW1520 can function as a DNS client and use DNS servers to resolve domain names. The VLAN technology is used to divide a LAN into multiple logical LANs, that is, multiple VLANs. Each VLAN is a broadcast domain. Hosts in the same VLAN communicate with each other the same as they are in the same LAN. Hosts in different VLANs cannot Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 22 eSpace EGW1520 Enterprise Gateway Product Documentation 3 Overview communicate with each other directly. The EGW1520 supports port-based VLANs. LAN ports are added to different VLANs so that users are separated and virtual work groups are created. A maximum of eight VLANs can be created. Only port-based VLANs are supported. DHCP DHCP is a protocol for dynamically managing and configuring users in a centralized manner. It uses the Client/Server structure. A DHCP client sends the DHCP server a request to apply for parameter settings, including the IP address, subnet mask, and default gateway. The EGW1520 can function as a DHCP server, DHCP relay, or DHCP client. As a DHCP server, the EGW1520 provides a configurable address pool. In the default address pool, IP addresses ranges from 192.168.1.2 to 192.168.1.254. As a DHCP relay, the EGW1520 complies with RFC3361. As a DHCP client, the EGW1520 supports Option42/43/60/61/66/67/120/125/150. 3.4.3 QoS The EGW1520 provides a complete QoS mechanism to ensure that core services are allocated with sufficient bandwidth resources. QoS policies can be customized to ensure precedence of core services. In addition, the EGW1520 limits bandwidth for common services (such as web-based upload) and saves it for core services (such as voice streams). The EGW1520 supports the following Diff-Serv-based QoS technologies: priority mark, congestion management, and traffic policing. 802.1p/q priority can be marked in VLAN tags. The Differentiated Services Code Point (DSCP) priority can be marked. The bandwidth control can be performed on upstream data streams. Voice packets can be listed in the queue of high priorities and be transferred in a higher priority. 3.4.4 Security The EGW1520 provides rich security functions to ensure the security of calls and transferred data. NAT SIP ALG NAT is the process of converting a private IP address in an IP packet header to a public IP address. This function enables computers with private IP addresses to connect to a public network. NAT solves the problem of insufficient public IP addresses and prevents attacks from other networks, hiding and protecting computers on the private network. A maximum of 1024 NAT entries are supported. NAT is the technology for converting private IP addresses to public IP addresses, and allows one or more hosts on the private network to use the same the public IP address to access a public network. NAT works in the transport layer, and is transparent to the application layer. Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 23 eSpace EGW1520 Enterprise Gateway Product Documentation 3 Overview This brings a great challenge SIP applications. The EGW1520 supports SIP Application Layer Gateway (ALG) that solves the SIP NAT traversal problem. Incoming Packet Filtering If the firewall is enabled on the LAN or WAN side, all packets sent to the EGW1520 through LAN ports or the WAN port are blocked. The incoming packet filtering function allows specific packets to access the EGW1520. For example, if the firewall is enabled on the LAN side, voice and data packets cannot access the EGW1520 through LAN ports. Users can configure the incoming packet filtering function to allow voice packets to access the EGW1520. Outgoing Packet Filtering By default, the EGW1520 does not block any outgoing packets sent from LAN ports. Users can configure the outgoing packet filtering function to prevent specific packets from being sent from LAN ports. MAC Address Filtering If the ADSL service type is set to Bridge, users can configure the MAC address filtering function to prevent the ADSL port from sending certain data frames. URL Filtering The EGW1520 supports URL filtering, controlling the access to URLs effectively. A maximum of 100 URLs can be filtered. Virtual Server The maximum length of a URL is 128 bytes. Partial match and full match are supported. Filtering rules that use wildcard characters are not supported. For example, users cannot use the asterisk (*) to represent full match. The virtual server function allows external networks to access servers on private networks. These servers can provide services such as web access and FTP download, which allows public servers to be established on private networks. This function is not supported when the 3G access mode is used. DMZ The virtual server function allows external networks to access servers on private networks. If there are many services running on private network servers, multiple virtual servers must be configured. The configuration process is complicated. The DMZ function simplifies the configuration process. Only IP addresses of the DMZ servers must be configured. One DMZ host is supported. This function is not supported when the 3G access mode is used. Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 24 eSpace EGW1520 Enterprise Gateway Product Documentation IPSec VPN 3 Overview The EGW1520 can function as the access gateway for a small branch, and connect to the headquarters through the IPSec VPN channel, implementing secure access. The EGW1520 uses IPSec to establish a VPN channel to the headquarters in Site-to-Site tunnel encapsulation mode. As the initiator of the VPN channel, the EGW1520 can use the IP address of the peer device as the ID. Configuration File Encryption The EGW1520 encrypts the configuration file and sensitive data such as user names and passwords in the file. The EGW1520 encrypts the following items:

User name and password for logging in to the web management page. PPPoE user name and password PPPoA user name and password Password for connecting to the WLAN User name and password for connecting to the 3G network TR-069 ACS user name and password SIP user name and password Password for connecting to the NTP server Password in the VPN shared key mode The configuration file cannot be modified manually. HTTPS Users can safely transmit information between the web browser and EGW1520 using HTTPS protocol. 3.5 Operation and Maintenance Users can manage the EGW1520 in the web management system and use the eSpace element management system (EMS) to operate and maintain the EGW1520. 3.5.1 Web-based Management Users can configure, diagnose, and upgrade the EGW1520 in the web management system. The HTTPS and HTTP protocols are supported. Figure 3-7 shows the main page of the EGW1520 web management system. Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 25 eSpace EGW1520 Enterprise Gateway Product Documentation Figure 3-7 Main page of the EGW1520 web management system 3 Overview 3.5.2 Unified Network Management TR-069 is a DSL forum technical specification entitled CPE WAN Management Protocol

(CWMP). It defines an application layer protocol for remote management of end-user devices. Huawei eSpace EMS uses TR-069 to manage and maintain the EGW1520 remotely. TR-069 is used to upgrade versions, back up files, and restore configurations. Huawei eSpace EMS supports the following data models:

TR-98 data model TR-104 data model For details about Huawei eSpace EMS, see the eSpace EMS Documentation. 3.6 Technical Specifications, Standards, and Authentications This topic describes the technical specifications, standards, and authentications of the EGW1520. Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 26 eSpace EGW1520 Enterprise Gateway Product Documentation 3.6.1 Technical Specifications 3 Overview This topic describes EGW1520 technical specifications such as dimensions, weight, power supply, consumption, and running environment. EGW1520 parameter table show in Table 3-5 is displayed. Table 3-5 EGW1520 parameters Item Specification Dimensions (L x W x H) Weight 305 mm x 175 mm x 35 mm 1 kg (device weight, without the power adapter and other accessories) Maximum power 24 W Power supply 12 V DC, 2 A Power supply adapter Input: 100240 V AC, 1.0 A, 50 or 60 Hz Output: +12 V DC, 2 A Maximum transmit power of Wi-Fi 802.11b/g/n (SISO): 162 dBm 802.11n (MIMO): 182 dBm Long-term operating temperature Long-term operating humidity 0C-40C 5%-95% (non-condensing) Altitude 4 km Atmospheric pressure 70 -106 kPa 3.6.2 Standards This topic describes the standards that the EGW1520 complies with. Table 3-6 Standards compliance Service Name Standard Name Standard Version ADSL/ADSL2/

ADSL2+/Anne x M ITU-T G.992.1 Annex A ITU-T G.992.1 (06/1999) ITU-T G.992.3 (ADSL 2) Annex A, L and M ITU-T G.992.3 (01/2005) ITU-T G.992.5 (ADSL 2+) Annex A,M ITU-T G.992.5 (01/2005) Seamless Rate Adaption ITU-T G.992.3 (01/2005) Encapsulation: PPPoE and PPPoA PPPoE-RFC 2516 (February 1999) Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 27 eSpace EGW1520 Enterprise Gateway Product Documentation 3 Overview Service Name Standard Name Standard Version WiFi IEEE 802.11 b/g/n PPPoA-RFC 2364 (July 1998) IEEE 802.11b-1999 IEEE 802.11g-2003 IEEE 802.11n-2009 IP Requirements MAC Address (IEEE 802.3) IEEE 802.3-2002 IPv4 Internet Protocol v4 (RFC 791) IP Version 4-RFC 791

(September 1981) ARP Address Resolution Protocol

(RFC 826) ICMP Internet Control Message Protocol (RFC792) RFC 826 (November 1982) RFC 792 (September 1981) TCP Transmission Control Protocol

(RFC793) RFC 792 (September 1981) UDP User Datagram Protocol

(RFC768) RFC 768 (August 1980) RTP Real-Time Protocol (RFC 3550) (RFC 3551) RTP Version 2-RFC 3550 (July 2003) RTCP Real Time Control Protocol

(RFC 3550) An Ethernet Address Resolution Protocol (RFC 826) A Standard for the Transmission of IP Datagrams over Ethernet Networks (RFC 894) A Standard for the Transmission of IP Datagrams over IEEE 802 Networks (RFC 1042) RFC 3551 (July 2003) RTCP-RFC 3550 (July 2003) RFC 826 (November 1982) RFC 894 (April 1984) RFC 1042 (February 1988) DHCP (RFC 2131) RFC 2131 (March 1997) VLAN tagging 802.1 p/q IEEE802.1 Q-2003 Timing NTP (RFC 1305) NTP Version 3-RFC1305 (March 1992) SIP Protocol RFC 3323 RFC 3323 (November 2002) RFC 3325 RFC 3325 (November 2002) RFC 3515 Refer method RFC 3515 (April 2003) RFC 3891 Replaces header RFC 3891 (September 2004) RFC 3261 SIP Version 2.0-RFC 3261 (June Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 28 eSpace EGW1520 Enterprise Gateway Product Documentation 3 Overview Service Name Standard Name Standard Version RFC 3262 RFC 3264 RFC 3455 RFC 4028 2002) RFC 3262 (June 2002) RFC 3264 (June 2002) RFC 3455 (January 2003) RFC 4028 (April 2005) RFC 3263 for SIP over UDP RFC 3263 (June 2002) DHCP method RFC 3361 RFC 3361 (August 2002) DNS Client DNS for IPv4 SIP Session Timers SIP locating Servers P-CSCF Discovery CLIP/CLIR RFC 3323 RFC 3323 (November 2002) RFC 3325 RFC 3842 RFC 3265 RFC 3265 Message Waiting Indication Event Notification NAT Traversal NAT Traversal (RFC 3947) Codec G.711 A-Law G.711 -Law G.729 Annex A (must include annexb=no) G.729 Annex B G.726 (optional) G.722 T.38 Fax RFC 3325 (November 2002) RFC 3842 (August 2004) RFC 3265 (June 2002) RFC 3265 (June 2002) NAT for IPv4-RFC 3947

(January 2005) None None None None None None ITU-T T.38 (09/2005) T.30 over G.711 ITU-T T.30 (09/2005) Comfort Noise Generation RFC 3389 Echo Cancellation G.168 RFC 3389 (September 2002) ITU T G.168 (08/2004) DTMF RFC 2833 RFC 2833 (May 2000) CPE Provisioning TR-069 TR-069 v1.1, Amendment 2

(December 2007) Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 29 eSpace EGW1520 Enterprise Gateway Product Documentation 3 Overview Service Name Standard Name Standard Version TR-104 TR-104 (September 2005) Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 30 eSpace EGW1520 Enterprise Gateway Product Documentation 4 Installation 4 Installation About This Chapter EGW1520 is a box-shaped device. This topic describes how to install EGW1520. 4.1 Checking the Installation Environment Before installation, check the installation environment. 4.2 Unpacking Check You need to check the received equipment according to the packing list and check whether all the materials (such as hosts, cables, and CD-ROMs) are complete and undamaged. 4.3 Preparing Installation Tools This topic describes the tools for installing the EGW1520 on the wall. If you want to install the EGW1520 on a horizontal surface, place it on the surface. 4.4 Installing EGW1520 Install EGW1520 on a horizontal surface or on the wall. 4.5 Connecting Cables This topic describes how to connect cables for the EGW1520. 4.6 Powering On the EGW1520 After cables are connected, press the power button to power on the EGW1520. View the indicators and verify that the EGW1520 is working properly. 4.1 Checking the Installation Environment Before installation, check the installation environment. Table 4-1 lists the major check items in the installation environment. Table 4-1 Major check items in the installation environment Item Requirement Damppr Working humidity: 5%-95% relative humidity (RH), no condensing. The Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 31 eSpace EGW1520 Enterprise Gateway Product Documentation 4 Installation Item Requirement oof dehumidifier devices such as air conditioners with the dehumidifier function and special dehumidifiers must be installed in the equipment room where the relative humidity is higher than 95%. Water seepage, dripping, and dew condensation are forbidden in the room. Dustpro of If the equipment room is close to a dust source, such as a coal mine, a country road or a farmland, install aluminum alloy windows and fireproofing doors. Lightpr oof Interven tion-pro of Place the device in an environment without direct and strong sunlight. Prevent interference caused by other radio devices such as WLAN APs within 50 m. Place the device at the center of the working area by considering the WLAN coverage range. Install the antennas vertically to get the best WLAN performance. AC power Stable AC power supply (220 V) must be provided indoors and meets power supply requirements (600 W). Heat dissipati on Place the device in an environment with good ventilation and without heat sources. Leave more than 10 cm space for heat dissipation at the top and all four sides of the device. 4.2 Unpacking Check You need to check the received equipment according to the packing list and check whether all the materials (such as hosts, cables, and CD-ROMs) are complete and undamaged. Table 4-2 Packing list Item Remarks Qu ant ity eSpace EGW1520 including antennas 1

-

Power supply adapter Asymmetric digital subscriber line

(ADSL) splitter Analog phone line Straight-through network cable Swell fixtures Document and CD-ROM 1 1 3 1 2 1 12V,2A

-

-

A straight-through network cable is 2 meters long. Swell fixtures are used to install the EGW1520 on the wall. eSpace EGW1520 Enterprise Gateway Product Documentation and Copyright Notice Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 32 eSpace EGW1520 Enterprise Gateway Product Documentation Item eSpace EGW1520 Enterprise Gateway Quick Start Qu ant ity 1 4 Installation Remarks

& Warranty Disclaimer and Written Offer. Qualification Card and Declaration on Hazardous Substances in Electronic Information Products. If any material is damaged or lost, contact the local merchant. 4.3 Preparing Installation Tools This topic describes the tools for installing the EGW1520 on the wall. If you want to install the EGW1520 on a horizontal surface, place it on the surface. Table 4-3 Installation tools Phillips screwdriver Claw hammer Hammer drill Level ruler 4.4 Installing EGW1520 Install EGW1520 on a horizontal surface or on the wall. Context Installing EGW1520 on a horizontal surface is easy. You only need to place it on the surface and leave 10 cm space around for heat dissipation. This topic describes how to install EGW1520 on the wall. Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 33 eSpace EGW1520 Enterprise Gateway Product Documentation 4 Installation When installing EGW1520 on the wall, do not drop it to prevent damage. Procedure Step 1 Mark installation holes on the wall. Mark an installation hole, and use a level ruler to measure a distance of 150 mm and mark the second hole. Step 2 Drill holes. Choose a drill bit (diameter 4mm) on EGW1520's rear panel. Drill two holes on the marked positions. Step 3 Fix the swell fixtures. Use a claw hammer to strike the two M4 swell fixtures to the holes, and use a Phillips screwdriver to tighten them. Ensure that 5 mm of the swell fixtures is exposed for mounting EGW1520. Step 4 Mount EGW1520 on the wall. Mount EGW1520 to the exposed swell fixtures. Figure 4-1 shows how to mount EGW1520 on the wall. Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 34 eSpace EGW1520 Enterprise Gateway Product Documentation Figure 4-1 Mounting EGW1520 on the wall 4 Installation

----End 4.5 Connecting Cables This topic describes how to connect cables for the EGW1520. Select a cable connection mode based on the site requirements. Figure 4-2 and Figure 4-3 show the cable connection modes. Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 35 eSpace EGW1520 Enterprise Gateway Product Documentation Figure 4-2 ADSL access 4 Installation The ADSL splitter separates voice and data signals. You can connect the splitter to ADSL and FXO ports of the EGW1520 or connect ADSL ports on user devices to the ADSL port of the EGW1520. Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 36 eSpace EGW1520 Enterprise Gateway Product Documentation Figure 4-3 WAN access 4 Installation The EGW1520 provides four LAN interfaces, which can connect to terminals such as computers and IP phones. To use more than four LAN interfaces, connect the EGW1520 to an Ethernet switch or hub. The EGW1520 provides one POTS interfaces (PHONE ), which can connect to analog phones or fax machines. To use more than one POTS interfaces, connect the EGW1520 to an IAD. 4.6 Powering On the EGW1520 After cables are connected, press the power button to power on the EGW1520. View the indicators and verify that the EGW1520 is working properly. Before pressing the power button, ensure that all cables are connected correctly to the ports. Figure 4-4 shows the location of the power button. If the POWER indicator is on, the EGW1520 works properly. Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 37 eSpace EGW1520 Enterprise Gateway Product Documentation Figure 4-4 Power button 4 Installation Check the indicator status after the device is powered on. Table 4-4 and Table 4-5 describe the indicators and what they mean. Table 4-4 Indicators on the EGW1520 front panel Indication Description Indicates the power status. Steady on: The EGW1520 is powered on. Off: The EGW1520 is powered off. Indicato r POWER ADSL Indicates the ADSL connection status. Steady on: The ADSL connection has been established and activated. Blinking: The ADSL connection is being activated. Off: The EGW1520 is powered off or the ADSL connection has not been established. Steady on: The EGW1520 works in routing mode and is connected to the WAN, but no data is transmitted. Blinking: The EGW1520 works in routing mode and is connected to the WAN, and data is being transmitted. Off: The EGW1520 works in bridge mode, works in routing mode and is not connected to the WAN, or is not powered on. INTERN ET Indicates the WAN or 3G connection status. WLAN Indicates the WLAN power or communication status. Steady on: The WLAN has been enabled but no data is transmitted. Blinking: The WLAN is enabled and data is being transmitted. Off: The EGW1520 is powered off or the Wi-Fi function is disabled. VOIP Indicates the VoIP status. Steady on: At least one VoIP user is registered with the SIP server and is in idle status. Blinking: At least one VoIP user is working. Off: The EGW1520 is powered off or the VoIP user failed to be registered with the SIP server. PHONE Indicates the phone status. Steady on: The analog phone is picked up. Off: The EGW1520 is powered off or the analog phone is hung up. Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 38 eSpace EGW1520 Enterprise Gateway Product Documentation 4 Installation Table 4-5 EGW1520 indicators on the network port Indicator Description Network port indicator Steady on: The network port is properly connected. Off: The network port is disconnected. Blinking: Data is being transmitted. Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 39 eSpace EGW1520 Enterprise Gateway Product Documentation 5 Quick Configuration (UC Mode) 5 Quick Configuration (UC Mode) This topic describes how to quickly configure the EGW1520 in UC mode. After the EGW1520 is configured, it provides Internet access and basic voice services. Table 5-1 describes the EGW1520 configuration items. Table 5-1 Quick configuration (UC mode) Configuration Item Description Country China Select the country where you are. Ireland New Zealand Other Internet access Internet access mode ADSL or WAN. WLAN function Configure the WLAN function and set a password to access the WLAN. Voice configurati on Data synchroniz ation server SIP server Set data synchronization server parameters, such as the IP address, port number, and synchronization key. Set parameters of the SIP server at the headquarters. The parameters include the address and port number. FXO Set an outgoing prefix and determine whether to delete the outgoing prefix for outgoing calls. Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 40 eSpace EGW1520 Enterprise Gateway Product Documentation Prerequisites 5 Quick Configuration (UC Mode) You have logged in to the web management system. For the login operations, see 7.7.1 Web Management. Procedure Step 1 On the web management system, choose Quick Setup from the navigation tree. The page shown in Figure 5-1 is displayed. Figure 5-2 Selecting a country Step 2 Select the country where you are, and click

. The page shown in Figure 5-2 is displayed. Figure 5-3 Configuring the network Step 3 Configure the network. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 41 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 5 Quick Configuration (UC Mode) After you click one of the following links, the corresponding configuration procedure is displayed. ADSL WAN If ADSL is selected, the configuration procedure is as follows:

1. Set parameters according to Table 5-2. Table 5-2 Network parameters Parameter Description PVC Identifier

(VPI) Virtual path identifier (VPI). The value is provided by the network carrier. PVC Identifier

(VCI) Virtual channel identifier (VCI). The value is provided by the network carrier. PPPoE user name User name used to access the network. The value is provided by the network carrier. PPPoE Password Password used to access the network. The value is provided by the network carrier. WLAN SSID Whether to enable the WLAN function. This function is enabled by default. ID of the EGW1520. The ID is displayed on a Wi-Fi terminal after the terminal finds the EGW1520. WPA-PSK/WPA2

-PSK Key Password used to access the WLAN. The password is encrypted through Wi-Fi protected access II-pre-shared key (WPA2-PSK) and WPA-PSK. The EGW1520 uses the PSK to encrypt all communication, which prevents unauthorized listening and access. 2. Click

. The page shown in Figure 5-3 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 42 eSpace EGW1520 Enterprise Gateway Product Documentation 5 Quick Configuration (UC Mode) Figure 5-4 Network configuration complete 3. Click

. To save the configuration and exit, click

. If WAN is selected, the configuration procedure is as follows:

1. Click WAN on the page shown in Figure 5-2. Set parameters according to Table 5-3. Table 5-3 Network parameters Parameter Description PPPoE Static IP Indicates that Point-to-Point Protocol over Ethernet (PPPoE) is used. PPPoE User Name: user name used to access the network. The value is provided by the network carrier. PPPoE Password: password used to access the network. The value is provided by the network carrier. Indicates that the static IP address of the EGW1520 is used. The setting must be the same as that on the Broadband Remote Access Server (BRAS) of the network carrier. WAN IP Address: IP address used to access the network. The value is provided by the network carrier. WAN Subnet mask: subnet mask. The value is provided by the network carrier.The default value is 255.255.255.0. WAN gateway IP Address: IP address of the gateway. The value is provided by the network carrier. Primary DNS server: IP address of the primary DNS server. The value is provided by the network carrier. Secondary DNS server: IP address of the secondary DNS Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 43 eSpace EGW1520 Enterprise Gateway Product Documentation 5 Quick Configuration (UC Mode) Parameter Description DHCP WLAN SSID WPA-PSK/WPA2-PSK Key server. The value is provided by the network carrier. As a DHCP client, the EGW1520 obtains the IP address from the DHCP server. The IP address must be the same as that on the BRAS of the network carrier. Indicates whether to enable the WLAN function. This function is enabled by default. Indicates the ID of the EGW1520. The ID is displayed on a Wi-Fi terminal after the terminal finds the EGW1520. Indicates the password to access the WLAN. The password is encrypted through Wi-Fi protected access II-pre-shared key

(WPA2-PSK) and WPA-PSK. The EGW1520 uses the PSK to encrypt all communication, which prevents unauthorized listening and access. 2. Click

. The page shown in Figure 5-4 is displayed. Figure 5-5 Configuration result 3. Click

. To save the configuration and exit, click Step 4 Configure the voice. 1. Click Enable for UC Mode, and click The page shown in Figure 5-5 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 44 eSpace EGW1520 Enterprise Gateway Product Documentation 5 Quick Configuration (UC Mode) Figure 5-6 Configuring the SIP server when the UC mode is enabled UC Mode is set to Disable before the device is delivered. The synchronized user data is cleared when the system changes from the UC mode to the common mode. 2. Set parameters according to Table 5-4. Table 5-4 SIP server parameters Parameter Description IP Port DataSync Key IP address of the data synchronization server. The value is provided by the enterprise IT administrator. Port number of the data synchronization server. The value is provided by the enterprise IT administrator. If it is not provided, use the default value 8098. Data synchronization key. When the EGW1520 synchronizes data with the data synchronization server, the synchronization keys of the EGW1520 and the data synchronization server must be the same. Otherwise, the EGW1520 denies data synchronization. The value is a string of 1 to 32 characters that can be digits, letters, and special characters. For the detailed configuration rule, contact the enterprise IT administrator. Working Mode Master: active server. The server that is added first is the active server. Slave: standby server. OptionInterval Interval for sending heartbeat detection messages to the active and standby server. The value ranges from 30 to 150, in seconds. The default value 90 is recommended. Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 45 eSpace EGW1520 Enterprise Gateway Product Documentation 5 Quick Configuration (UC Mode) Parameter Description Address Type IP address or DNS mode. The value is provided by the enterprise IT administrator. IP/Domain DNS Type IP address or DNS domain name of the SIP server. The value is provided by the enterprise IT administrator. IP address parsing mode of the DNS. This parameter is valid when Address Type is set to Domain. SRV: A domain name can be mapped to multiple IP addresses. The two IP addresses of the highest priority are used as the IP addresses of the active and standby SIP servers. NOTE If you set DNS Type to SRV, you do not need to configure the standby SIP server. HOST: One domain name corresponds to one IP address. To perform switchover between the active and standby servers, two SIP servers need to be configured. Server Type SIP network type inside the enterprise. Generally, set the network type to NGN if the eSpace U1900 is used or IMS if the eSpace U2900 is used. For details, contact the enterprise IT administrator. Port Port number of the SIP server. The value is provided by the enterprise IT administrator. If it is not provided, use the default value 5060. Expiration Time Interval for the registration group to register POTS users in the group with the SIP server. The value ranges from 0 to 14400, in seconds. The default value 360 is recommended. 3. Click

. The page shown in Figure 5-6 is displayed. Figure 5-7 Setting an outgoing prefix Issue 01 (2012-05-15) Huawei Proprietary and Confidential 46 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 5 Quick Configuration (UC Mode) 4. Click

, and set parameters according to Table 5-5. Table 5-5 FXO prefix parameters Parameter Description Prefix Outgoing prefix for the FXO port. The value is a number of 1 to 30 digits. An intra-office user can dial the outgoing prefix to make an outgoing call through the FXO port. For details, see Description. The outgoing prefix must be the same as that set on the SIP server at the headquarters. Property Remove: The outgoing prefix is deleted for outgoing calls. Assume that the outgoing prefix is 0 and the number of an outer-office user is 12345678. To call this user, an intra-office user dials 012345678. Retain: The outgoing prefix is not deleted for outgoing calls. This mode is applicable to the situation where the outgoing prefix is the same as the first digit in the outer-office number. Assume that the outgoing prefix is 1 and the number of an outer-office user is 12345678. To call this user, an intra-office user dials 12345678. NOTE The number that the PSTN carrier allocates to the FXO port is displayed to the called party. To reset the outgoing prefix parameters after the configuration, select the configuration items and click to delete the original settings. 5. Click

. The page shown in Figure 5-7 is displayed. Figure 5-8 Configuration complete 6. Click

----End to finish the settings. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 47 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 6 Quick Configuration (Common Mode) 6 Quick Configuration (Common Mode) This topic describes how to quickly configure the EGW1520 in common mode. After the EGW1520 is configured, it provides Internet access and basic voice services. Table 6-1 describes the EGW1520 configuration items. Table 6-1 Quick configuration (common mode) Configuration Item Description Country China Select the country where you are. Ireland New Zealand Other Internet access mode Internet access ADSL or WAN. WLAN function Configure the WLAN function and set a password to access the WLAN. Voice SIP server Set SIP server parameters, such as the address and port number. FXO Set an outgoing prefix and determine whether to delete the outgoing prefix for outgoing calls. Registratio n group Set phone registration group parameters, such as the registration type and mode. Analog phone Set analog phone parameters, such as the internal number and external number. IP phone Set IP phone parameters, such as the internal number and external number. Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 48 eSpace EGW1520 Enterprise Gateway Product Documentation Prerequisites 6 Quick Configuration (Common Mode) You have logged in to the web management system. For the login operations, see 7.7.1 Web Management. Procedure Step 1 On the web management system, choose Quick Setup from the navigation tree. The page shown in Figure 6-1 is displayed. Figure 6-2 Selecting a country Step 2 Select the country where you are, and click

. The page shown in Figure 6-2 is displayed. Figure 6-3 Configuring the network Step 3 Configure the network. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 49 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 6 Quick Configuration (Common Mode) After you click one of the following links, the corresponding configuration procedure is displayed. ADSL WAN If ADSL is selected, the configuration procedure is as follows:

1. Set parameters according to Table 6-2. Table 6-2 Network parameters Parameter Description PVC Identifier

(VPI) Virtual path identifier (VPI). The value is provided by the network carrier. PVC Identifier

(VCI) Virtual channel identifier (VCI). The value is provided by the network carrier. PPPoE user name User name used to access the network. The value is provided by the network carrier. PPPoE Password Password used to access the network. The value is provided by the network carrier. WLAN SSID Whether to enable the WLAN function. This function is enabled by default. ID of the EGW1520. The ID is displayed on a Wi-Fi terminal after the terminal finds the EGW1520. WPA-PSK/WPA2

-PSK Key Password used to access the WLAN. The password is encrypted through Wi-Fi protected access II-pre-shared key (WPA2-PSK) and WPA-PSK. The EGW1520 uses the PSK to encrypt all communication, which prevents unauthorized listening and access. 2. Click

. The page shown in Figure 6-3 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 50 eSpace EGW1520 Enterprise Gateway Product Documentation 6 Quick Configuration (Common Mode) Figure 6-4 Network configuration complete 3. Click

. To save the configuration and exit, click

. If WAN is selected, the configuration procedure is as follows:

1. Click WAN on the page shown in Figure 6-2. Set parameters according to Table 6-3. Table 6-3 Network parameters Parameter Description PPPoE Static IP Indicates that Point-to-Point Protocol over Ethernet (PPPoE) is used. PPPoE User Name: user name used to access the network. The value is provided by the network carrier. PPPoE Password: password used to access the network. The value is provided by the network carrier. Indicates that the static IP address of the EGW1520 is used. The setting must be the same as that on the Broadband Remote Access Server (BRAS) of the network carrier. WAN IP Address: IP address used to access the network. The value is provided by the network carrier. WAN Subnet mask: subnet mask. The value is provided by the network carrier.The default value is 255.255.255.0. WAN gateway IP Address: IP address of the gateway. The value is provided by the network carrier. Primary DNS server: IP address of the primary domain name server (DNS) server. The value is provided by the network carrier. Secondary DNS server: IP address of the secondary DNS Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 51 eSpace EGW1520 Enterprise Gateway Product Documentation 6 Quick Configuration (Common Mode) Parameter Description DHCP WLAN SSID WPA-PSK/WPA2-PSK Key server. The value is provided by the network carrier. As a DHCP client, the EGW1520 obtains the IP address from the DHCP server. The IP address must be the same as that on the BRAS of the network carrier. Indicates whether to enable the WLAN function. This function is enabled by default. Indicates the ID of the EGW1520. The ID is displayed on a Wi-Fi terminal after the terminal finds the EGW1520. Indicates the password used to access the WLAN. The password is encrypted through Wi-Fi protected access II-pre-shared key

(WPA2-PSK) and WPA-PSK. The EGW1520 uses the PSK to encrypt all communication, which prevents unauthorized listening and access. 2. Click

. The page shown in Figure 6-4 is displayed. Figure 6-5 Configuration result 3. Click

. To save the configuration and exit, click

. Step 4 Configure the voice. 1. Click

. The page shown in Figure 6-5 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 52 eSpace EGW1520 Enterprise Gateway Product Documentation 6 Quick Configuration (Common Mode) Figure 6-6 Adding an SIP server UC Mode is set to Disable before the device is delivered. The synchronized user data is cleared when the system changes from the UC mode to the common mode. 2. Set parameters according to Table 6-4. Table 6-4 SIP server parameters Parameter Description Working Mode Master: active server. The server that is added first is the active server. Slave: standby server. Recovery Whether to enable the failback function. When the active server fails, resources and services will be automatically switched to the standby server. If this function is enabled, resources and services will be automatically switched back to the original active server after the original active server has been recovered. OptionInterval Interval for sending the option messages to the active server. The value ranges from 10 to 900, in seconds. The default value 60 is recommended. NOTE The option messages are sent to the active server only, and therefore this parameter is valid only for the active server. Address Type IP address or DNS mode. The value is provided by the network carrier. IP/Domain DNS Type IP address or DNS domain name of the SIP server. The value is provided by the network carrier. IP address parsing mode of the DNS. This parameter is valid when Address Type is set to Domain. SRV: A domain name can be mapped to multiple IP addresses. The two IP addresses of the highest priority are used as the IP addresses of the active and standby SIP servers. NOTE If you set DNS Type to SRV, you do not need to configure the standby SIP server. HOST: One domain name corresponds to one IP address. To Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 53 eSpace EGW1520 Enterprise Gateway Product Documentation 6 Quick Configuration (Common Mode) Parameter Description perform switchover between the active and standby servers, two SIP servers need to be configured. Server Type SIP network type. The value is provided by the network carrier. Port Port number of the SIP server. The value is provided by the network carrier. The default value 5060 is recommended. Expiration Time Timeout interval for the registration group to register with the SIP server. The value ranges from 0 to 14400, in seconds. The default value 360 is recommended. 3. Click

. The page shown in Figure 6-6 is displayed. Figure 6-7 Setting an outgoing prefix 4. Click

, and set parameters according to Table 6-5. Table 6-5 FXO parameters Parameter Description Prefix Outgoing prefix for the FXO port. The value is a number of 1 to 30 digits. An intra-office user can dial the outgoing prefix to make an outgoing call through the FXO port. NOTE A maximum of 16 outgoing prefixes can be configured for the FXO port on the EGW1520. An intra-office user can use any one of the outgoing prefixes to make an outgoing call through the FXO port. The outgoing prefix cannot conflict with internal numbers and emergency numbers. If an internal number is the same as the outgoing prefix plus an outer-office number, the internal user is connected. Property Remove: The outgoing prefix is deleted for outgoing calls. Assume that the outgoing prefix is 0 and the number of an outer-office user is 12345678. To call this user, an intra-office user dials 012345678. Retain: The outgoing prefix is not deleted for outgoing calls. This Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 54 eSpace EGW1520 Enterprise Gateway Product Documentation 6 Quick Configuration (Common Mode) Parameter Description mode is applicable to the situation where the outgoing prefix is the same as the first digit in the outer-office number. Assume that the outgoing prefix is 1 and the number of an outer-office user is 12345678. To call this user, an intra-office user dials 12345678. NOTE The number that the PSTN carrier allocates to the FXO port is displayed to the called party. To reset the outgoing prefix parameters after the configuration, select the configuration items and click to delete the original settings. 5. Click

. The page shown in Figure 6-7 is displayed. Figure 6-8 Configuring a registration group Configure a registration group when the softswitch is required for intra-office users to make outgoing calls. 6. Click

, and set parameters according to Table 6-6. Table 6-6 Registration group parameters Parameter Description Register Type Registration type. The value is provided by the network carrier. Single: Only one user can exist in the registration group. The value of Register Type is Single for the NGN network. Group: Multiple users can exist in the registration group. Wildcard: Wildcard registration group. This registration group registers with the IMS or NGN based on certain wildcard rules, which are provided by the network carrier. Authentication Authentication mode used when a registration group registers with the IMS or NGN. The value is provided by the network carrier. Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 55 eSpace EGW1520 Enterprise Gateway Product Documentation 6 Quick Configuration (Common Mode) Parameter Description Password Authentication password used when a registration group registers with the IMS or NGN. The value is provided by the network carrier. Sip Trunk ID SIP trunk ID used when a registration group registers with the IMS or NGN. The value is provided by the network carrier. Sip Trunk Name User name used when a registration group registers with the IMS or NGN. The value is provided by the network carrier. IMS Domain IMS domain name used when a registration group registers with the IMS. The value is provided by the network carrier. 7. Click

. The page shown in Figure 6-8 is displayed. Figure 6-9 Configuring an analog phone 8. Click

, and set parameters according to Table 6-7. Table 6-7 Analog phone parameters Parameter Description Port Port number used by the analog phone to access the EGW1520. Value 1 indicates the PHONE1 port on the EGW1520, value 2 indicates the PHONE2 port, and the rest can be deducted by analogy. NOTE You are advised to use the PHONE1 port because it supports the power-off survival function. Internal No The internal number is used for the calls between intra-office subscribers. The value is a number of 1 to 30 digits, which can be user-defined. It cannot conflict with any service prefixes, emergency numbers, outer-office numbers, or other intra-office numbers. Registration Group Registration group ID that is used when a POTS phone registers with the IMS/NGN network. External No External number for outgoing and incoming calls. The value is provided by the network carrier. This parameter is valid after you set Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 56 eSpace EGW1520 Enterprise Gateway Product Documentation 6 Quick Configuration (Common Mode) Parameter Description the SIP Group parameter. The external number cannot conflict with any service prefixes, emergency numbers, outer-office numbers, or other intra-office numbers. NOTE The external number must correspond to Sip Trunk ID. Registration Group bound to External No must correspond to Sip Trunk ID. If Sip Trunk ID starts with +, change + to 00 when you configure External No. 9. Click

. The page shown in Figure 6-9 is displayed. Figure 6-10 Configuring an IP Phone 10. Click

, and set parameters according to Table 6-8. Table 6-8 IP phone parameters Parameter Description Internal No Authentication Password The internal number is used for the calls between intra-office subscribers. The value is a number of 1 to 30 digits, which can be user-defined. It cannot conflict with any service prefixes, emergency numbers, outer-office numbers, or other intra-office numbers. Authentication mode used when a SIP user registers with the EGW1520. The value must be the same as that configured on the IP phone. Authentication password used when a SIP user registers with the EGW1520. The value must be the same as that configured on the IP phone. Registration Group Registration group ID that is used when an IP phone registers with the IMS/NGN network. NOTE If the required registration group does not exist, choose Voice > SIP Server, Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 57 eSpace EGW1520 Enterprise Gateway Product Documentation 6 Quick Configuration (Common Mode) Parameter Description and click the Registration Group tab to add it. External number for outgoing and incoming calls. The value is provided by the network carrier. This parameter is valid after you set the Registration Group parameter. The external number cannot conflict with any service prefixes, emergency numbers, outer-office numbers, or other intra-office numbers. NOTE The external number must correspond to Sip Trunk ID. Registration Group bound to External No must correspond to Sip Trunk ID. If Sip Trunk ID starts with +, change + to 00 when you configure External No. External No To add IP phones in batches, click and proceed as prompted. To change the configuration of a saved IP phone, select the IP phone and reset it. 11. Click

. The page shown in Figure 6-10 is displayed. Figure 6-11 Configuration complete 12. Click

----End to finish the configuration. Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 58 eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation 7 Feature Description and Implementation About This Chapter This topic describes EGW1520 features and feature implementation. 7.1 Feature List This topic describes EGW1520 features. 7.2 Connection Modes The EGW1520 connects to the IP network using an ADSL or a WAN port. The ADSL and WAN ports cannot be used at the same time or back each other up. If the ADSL and WAN ports are unavailable, you can insert a 3G data card to the universal serial bus (USB) port to access the 3G network. 7.3 Voice (UC Mode) In the eSpace UC solution, the EGW1520 is deployed at a small branch of an enterprise to provide network access functions for the small branch. Phones at the branch are registered with the SIP server on the central node at the headquarters. Numbers of the branch users are allocated by the SIP server at the headquarters and synchronized by the EGW1520 with the data synchronization server. The EGW1520 can also function as a trunking gateway to implement incoming and outgoing call functions through the FXO port for the local PSTN. 7.4 Voice(Common Mode) EGW1520 can function as a SIP trunk access device or a small-scale Internet protocol-private branch exchange (IP-PBX). It provides basic voice services and supplementary services. 7.5 Data This topic describes EGW1520 data features and how to configure the features. 7.6 Security This topic describes EGW1520 security features. 7.7 Operations and Maintenance The EGW1520 can be managed on web pages or in TR-069 mode. Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 59 eSpace EGW1520 Enterprise Gateway Product Documentation 7.1 Feature List This topic describes EGW1520 features. Access Mode 7 Feature Description and Implementation Descriptio n The EGW1520 uses an Asymmetric Digital Subscriber Line

(ADSL) port to connect to the upstream network. ADSL is an asymmetric transmission technology. It enables high-speed data transmission over analog telephone lines by using idle high frequencies and several modulation methods. Modes for connecting to Internet: route and bridge. Support for the static IP address and obtaining IP addresses by means of DHCP, PPPoE, PPPoA, and IPoA. Point-to-Point Protocol (PPP) authentication modes: Password Authentication Protocol (PAP) and Challenge Handshake Authentication Protocol (CHAP). ADSL Seamless Rate Adaptation (SRA). Specificati on ADSL Standards supported by ADSL:

ITU-T G.992.1 Annex A ITU-T G.992.3 (ADSL 2) Annex Annex A, L and M ITU-T G.992.5 (ADSL 2+) Annex A ITU-T G.992.5 (ADSL 2+) Annex M The voice service and the data service must use the same ADSL Permanent Virtual Circuits (PVC) channel. Limitation The EGW1520 connects to the IP network using an ADSL or a WAN port. The ADSL and WAN ports cannot be used at the same time or back each other up. Related Topics Descriptio n 7.2.1 ADSL The EGW1520 uses a WAN port to connect to the upstream network. The ADSL and WAN ports cannot be used at the same time or back each other up. One 10/100/1000 Mbit/s self-adaptive WAN port. Modes of obtaining IP addresses: static IP address configuration, DHCP server, and PPPoE. Standards supported by the WAN port:

WAN Specificati on MAC Address (IEEE 802.3) Internet Protocol v4 (RFC 791) Address Resolution Protocol (RFC 826) Internet Control Message Protocol

(RFC 792) An Ethernet Address Resolution Protocol (RFC 0826) Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 60 eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation A Standard for the Transmission of IP Datagrams over Ethernet Networks

(RFC894) A Standard for the Transmission of IP Datagrams over IEEE 802 Networks

(RFC1042) DHCP (RFC 2131) TCP Transmission Control Protocol

(RFC793) UDP User Datagram Protocol

(RFC768) The WAN port supports half-duplex and full-duplex self adaptation, but cannot be forced to use full duplex or half duplex. Limitation The EGW1520 connects to the IP network using an ADSL or a WAN port. The ADSL and WAN ports cannot be used at the same time or back each other up. IPv6 is not supported. Related Topics 7.2.2 WAN Descriptio n Specificati on Generally, the EGW1520 connects to the IP network using an ADSL or a WAN port. When the ADSL or WAN port is unavailable, the EGW1520 can use a 3G data card (based on the USB port) to access the 3G network to transmit voice and data

(excluding the fax service). One USB port (for 3G data cards). The EGW1520 supports the following 3G data cards:

TD SCDMA Limitation WCDMA Huawei ET302 with the software version of 11.100.05.00.00 Huawei ET127 with the software version of 11.101.01.36.00 Huawei K3765 with the software version of 11.126.03.06.00 Huawei E176G with the software version of 11.126.03.02.00 The 3G network supports the backup function and does not support the fax service, Demilitarized Zone (DMZ) host, and virtual servers. Related Topics 7.2.3 3G 3G Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 61 eSpace EGW1520 Enterprise Gateway Product Documentation Voice UC mode Descripti on 7 Feature Description and Implementation The EGW1520 is combined with the eSpace UC solution. In UC mode, the EGW1520 can be registered with multiple SIP servers at the same time. Phones connecting to the EGW1520 are registered with the server on the central node of the headquarters. All calls are processed by the server of the headquarters. When the EGW1520 is disconnected from both the active and standby SIP servers, it automatically switches to the local survival mode. It then functions as a local SIP server to register internal users and process calls. The EGW1520 can function as a landing gateway for the local PSTN to process incoming and outgoing calls, which reduces the enterprise's toll call costs. Voice access Specifica tion A maximum of 20 SIP users. One FXS port, connecting to one POTS user. A maximum of 8-channel users (SIP users and POTS users) can simultaneously initiate calls. Standards supported by voice service:

G.711 A, G.711 u, G.729, G.726, and G.722 SIP (RFC 32613265) SIP Session Timers (RFC 4028) SDP (RFC 2327) RTP or RTCP RFC 2833 Limitatio n None. Related Topics Description Configuration Common mode Descripti on As an access layer device, the EGW1520 registers with the softswitch (NGN/IMS) through a SIP trunk and cooperates with the softswitch to process SIP signaling interaction. The EGW1520 can also function as a small-scale Internet Protocol Private Branch Exchange

(IP PBX), implementing functions such as IP Phone user registration, call control, and protocol processing. Specifica tion A maximum of 20 SIP users. One FXS port, connecting to one POTS user. A maximum of 8-channel users (SIP users and POTS users) can simultaneously initiate calls. Standards supported by voice service:

G.711 A, G.711 u, G.729, G.726, and G.722 Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 62 eSpace EGW1520 Enterprise Gateway Product Documentation Limitatio n Related Topics Descripti on Specifica tion Limitatio n Related Topics Descripti on FXO port Dual homing Specifica tion 7 Feature Description and Implementation SIP (RFC 32613265) SIP Session Timers (RFC 4028) SDP (RFC 2327) RTP or RTCP RFC 2833 For details, see Service Conflicts. 7.4.1 Voice Access and IP PBX EGW1520 provides four foreign exchange office (FXO) ports used to connect to PSTN networks. An intra-office user dials the outgoing prefix and an outer-office user's number to make an outgoing call through an FXO port. An outer-office user dials the number that the PSTN network carrier allocates to the FXO port to make an incoming call. EGW1520 supports the switchboard, DDI, and dedicated line functions. By default, the switchboard function is enabled. Four FXO ports.. The FXO port supports only the one-stage dialing mode. Each FXO port allows one user to make an outgoing or incoming call through the FXO port at the same time. Description. Dual homing is a disaster recovery mechanism for emergency communication, for example, in case of a SoftSwitch breakdown. Functioning as a voice access device, the EGW1520 can register with two SIP servers at the same time. When the active SIP server is faulty, the EGW1520 switches services to the standby SIP server. When the active SIP server is recovered, the EGW1520 switches services back to it. Two SIP servers, working in active/standby mode. IP addresses of two SIP servers with the highest priority: obtained using the Domain Name System Service (DNS SRV). Limitatio n The priority for obtaining SIP server IP addresses using the DNS SRV must be configured on the DNS Server. Related Topics For details on how to configure the priority, see SIP Server in Adding Voice Users. Power-off Descripti The EGW1520 provides a PSTN Power-off survival port Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 63 eSpace EGW1520 Enterprise Gateway Product Documentation survival on Specifica tion Limitatio n Related Topics Descripti on Specifica tion Voice quality 7 Feature Description and Implementation with an RJ-11 connector. When a power off occurs, the analog phone that connects to the PHONE1 port can make outgoing calls using the PSTN emergency line. One PSTN Power-off survival port. The Power-off survival function is available only when a power off occurs. Only the Analog Phone that connects to the PHONE port supports Power-off survival function. 7.4.3 Power-off Survival Voice quality technologies are used by the EGW1520 to ensure voice transmission quality and service effectiveness. Voice quality technologies: voice activity detection

(VAD), comfort noise generator (CNG), echo cancellation (EC), packet loss compensation, and jitter buffer. VAD The EGW1520 detects silent periods in voice signal streams, and removes data from the silent periods to conserve bandwidth resources without reducing service quality. CNG The CNG is used with the VAD. When the VAD function is enabled and no packet is sent during the silent periods, the listener may consider that the call has been disconnected. To avoid this situation, the EGW1520 enables the CNG function on the receiver end. The CNG technology complies with RFC 3389. EC An echo is quickly transmitted to a listener during a local call because the end-to-end delay is short, and the listener may not hear the echo. However, the end-to-end delay is long during an international call, and the EC must be enabled. The EGW1520 EC technology complies with ITU-T G.168. Packet loss compensation Packets are often lost on the connectionless IP network as a result of network congestion, buffer overflow, or error codes. A packet loss compensation algorithm is used to minimize the effects of packet loss. Lost frames can be reconstructed during decoding based on the voice context, which ensures the quality of the received voice. Jitter buffer With this function, received packets can be cached Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 64 eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation and then retrieved and processed to remove jitter. Limitatio n N/A Related Topics Descripti on 7.4.5 Voice Parameters Fax is a form of telegraphy for the transmission of fixed images, with or without halftones, to be reproduced at another location in hard copy form. In ITU-RV.662, faxing is defined as a form of telecommunication for the reproduction at a distance of graphic documents in the form of other graphic documents geometrically similar to the original. Fax service Specifica tion Standards supported by fax service:

One FXS ports for fax machines T.30 T.38 V.17/V.21/V.27/V.29/V.34 Limitatio n N/A Related Topics Descripti on 7.4.4 Fax Service The digitmap is a dialing rule used by the EGW1520 to detect and report digit events received on a termination. The digitmap can be used to eliminate the post-dial delay. NOTE The post-dial delay is the time interval between "end of dialing"

by a user and the reception (by the same user) of the call progress signaling generated by the exchange serving this customer. The call progressing signals can be a dial tone, a recorded announcement, or the abandoning of the call. Specifica tion Maximum length of the data field that can be configured by a user: 128 bytes. Limitatio n N/A Related Topics Descripti on Specifica tion For details, see Table 7-29 and Table 7-31. A codec is a device or computer program capable of encoding or decoding audio signals to improve the network usage and user capacity. G.711 A/u, G.729, G.726, and G.722. Multiple codecs used at the same time. Adjustable priority for codecs. Adjustable packetization interval for codecs. DigitMap Codec Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 65 eSpace EGW1520 Enterprise Gateway Product Documentation DTMF Call record 7 Feature Description and Implementation A maximum of 4-channel G.711, 4-channel G.729, 2-channel G.726, or 2-channel G.722. Limitatio n A codec cannot be automatically switched during a conversation, but it can be switched through signaling negotiation. Descripti on Dual tone multi-frequency (DTMF) is the signal to the phone company that you generate when you press an ordinary telephone's touch keys. Specifica tion Limitatio n Descripti on Specifica tion DTMF detection and generation. RFC 2833. The encryption function of RFC 2833 is not supported. There is a record for each incoming or outgoing call. A maximum of 5000 latest records. Records of call start time, call end time, calling number, and called number. Limitatio n Call records can be downloaded from the web management system but cannot be viewed directly on it. Related Topics Descripti on 9.8 Downloading Call Records The gain can be adjusted to enhance useful signals when signals are not strong enough on the line and affected by other electrical noises. Gain adjustment Specifica tion Send and receive gain is adjustable from 96 dB to +32 dB. Limitatio n N/A Related Topics Descripti on 7.4.5 Voice Parameters To modify or supplement basic communication services, provide supplementary services with basic communication services. Supplementary services Specifica tion For details about supplementary services supported by the EGW1520, see Configuring and Using Voice Services. Limitatio n Related Topics For details, see Service Conflicts. Enabling Voice Services Configuring and Using Voice Services Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 66 eSpace EGW1520 Enterprise Gateway Product Documentation Data 7 Feature Description and Implementation Descriptio n Terminals like computers and IP phones that connect to the EGW1520 LAN ports can set up a small local area network

(LAN) to enable the following services and functions: file management, application sharing, printer sharing, schedule, email, and fax. Four 10/100 Mbit/s self-adaptive LAN ports. Default IP address of LAN ports: 192.168.1.1; subnet mask:

255.255.255.0. DHCP server function, allocating IP addresses to computers and IP phones that connect to LAN ports. Standards supported by LAN ports:

Specificati on LAN MAC Address (IEEE 802.3) IPv4 Internet Protocol v4 (RFC 791) ARP Address Resolution Protocol

(RFC 826) ICMP Internet Control Message Protocol (RFC 792) An Ethernet Address Resolution Protocol (RFC 0826) A Standard for the Transmission of IP Datagrams over Ethernet Networks

(RFC 0894) A Standard for the Transmission of IP Datagrams over IEEE 802 Networks

(RFC 1042) DHCP (RFC 2131), TCP Transmission Control Protocol (RFC 793) UDP User Datagram Protocol (RFC 768) Limitation The LAN port supports half-duplex and full-duplex self adaptation, but cannot be forced to use full duplex or half duplex. IPv6 is not supported. Related Topics 7.5.1 LAN Descriptio n DHCP DHCP is a protocol for dynamically managing and configuring users in a centralized manner. It uses the Client/Server structure. A DHCP client sends the DHCP server a request to apply for parameter settings, including the IP address, subnet mask, and default gateway. The EGW1520 can function as a DHCP server, DHCP relay, or DHCP client. Specificati on As a DHCP server, the EGW1520 can configure an IP address pool. The default IP address ranges from 192.168.1.2 to 192.168.1.254. Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 67 eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation As a DHCP relay, the EGW1520 complies with RFC 3361. As a DHCP client, the EGW1520 supports Option42/43/60/61/66/67/120/125/150. Limitation N/A Related Topics Descriptio n 7.5.2 DHCP The EGW1520 allows Wi-Fi services to connect to the wireless network. This provides small enterprises with a network solution integrating wired and wireless technologies. IEEE802.11b, IEEE802.11g, and IEEE802.11n are supported. IEEE802.11b, with the maximum transmission rate of 11 Mbit/s and frequency of 2.4 GHz IEEE802.11g, with the maximum transmission rate of 54 Mbit/s and frequency of 2.4 GHz (compatible with IEEE802.11b) IEEE802.11n, with the maximum transmission rate of 300 Mbit/s and Multi-Input Multi-Output (MIMO) supported WLAN Specificati on A maximum of 16 WiFi terminals can be connected. Four service set identifiers (SSIDs) are supported and SSID broadcast and hiding are supported. The default value of the primary SSID is eSpace EGW_XXXX. Three subordinate SSIDs are eSpace EGW_XXXX_S1, eSpace EGW_XXXX_S2, and eSpace EGW_XXXX_S3. XXXX is the last four bits in the WLAN MAC address. A maximum of 16 MAC addresses can be filtered. Wi-Fi authentication standards:

64 bit or 128 bit Wired Equivalent Privacy (WEP) WPA-PSK, WPA2-PSK, and Combination of WPA-PSK and WPA2-PSK Maximum transmit power:

802.11b/g/n (SISO): 162 dBm 802.11n (MIMO): 182 dBm Wi-Fi Protected Setup (WPS) Limitation Wi-Fi bridging is not supported. Related Topics 7.5.3 WLAN Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 68 eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Descriptio n The DNS specifies meaningful names for devices on a network. The DNS server defines the mapping between domain names and devices' IP addresses. The EGW1520 can function as a DNS client to resolve domain names on the DNS server. DNS Specificati on N/A Limitation N/A Related Topics 7.5.4 DNS Descriptio n Specificati on Static route The static route can improve the network performance and ensure the bandwidth for critical networks. The static route cannot adjust to network topology changes. When a network fault occurs or the network topology changes, the static route may become unreachable, resulting in connection failure. If the static route is unreachable, the static route must be modified manually. A maximum of 32 static routes. Limitation N/A Related Topics 7.5.5 Static Route Descriptio n The VLAN technology divides a LAN to multiple virtual LANs

(VLANs). Each VLAN is a broadcast domain. Communication between hosts in a VLAN is the same as that in a LAN. VLANs cannot communicate with each other directly. The EGW1520 supports port-based VLANs. LAN ports are assigned to different VLANs, which separates users and creates virtual work groups. VLAN Specificati on A maximum of four ports used to assign VLANs Limitation The VLAN ports support only the port-based VLANs. Related Topics 7.5.8 VLAN Descriptio n The EGW1520 provides a comprehensive quality of service

(QoS) mechanism. QoS policies can be customized to ensure precedence of core services. In addition, the EGW1520 limits bandwidth for ordinary services (such as web upload) and saves it for core services (such as voice streams). The EGW1520 supports the following Diff-Serv-based QoS technologies: priority mark, congestion management, and traffic policy. QoS VLAN Tag marked with 802.1p/q priorities. Specificati on DSCP priority. Upstream and downstream traffic limits are supported. Limitation 3G port does not support QoS. Related 7.5.9 QoS Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 69 eSpace EGW1520 Enterprise Gateway Product Documentation Topics 7 Feature Description and Implementation Descriptio n Voice packets can be placed in the priority queue for prior forwarding. Voice packet priority Specificati on N/A Limitation N/A Related Topics Descriptio n 7.5.9 QoS When the EGW1520 is in Bridge mode, it has the layer 2 switch function. Computers that are connected to the EGW1520 can use the dialing software to access the IP network. Layer 2 switch Specificati on N/A Limitation N/A Related Topics 7.2.1 ADSL NTP Network Time Protocol (NTP) is a protocol for time synchronization. It enables a device to synchronize time with its server or clock source (such as a quartz clock or Global Positioning System). NTP provides accurate time correction (time difference over a LAN smaller than 1 millisecond; time difference over a WAN smaller than tens of milliseconds), and prevents protocol attacks by means of encryption. The EGW1520 is used as the NTP client to synchronize the time with that of the NTP server. Two NTP servers, working in active/standby mode. The EGW1520 does not save the time. After the EGW1520 restarts, the time is restored to the factory setting and needs to be synchronized with the NTP server. 9.1 Configuring the System Time Descriptio n Specificati on Limitation Related Topics Security VPN Descriptio n Specificati on Virtual Private Network (VPN) is a virtual network established based on the existing public network. A VPN is used for an enterprise or customer group. EGW1520, used as an access gateway for a small-scale branch network, can connect to the headquarters network using IPSec VPN tunnels. EGW1520 can connect to the headquarters using IPSec VPN tunnels. EGW1520 uses IPSec to set up site-to-site tunnels with the Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 70 eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation headquarters. As the initiator of VPN tunnels, EGW1520 uses the peer IP address or fully qualified domain name (FQDN) as the ID for IKE negotiation. A maximum of 6 IPSec VPN tunnels are supported. The throughput of the IPSec VPN tunnel is not lower than 2 Limitation Mbit/s. A maximum of 32 concurrent connections are supported in an IPSec VPN. Related Topics 7.5.6 VPN Descriptio n Network address translation (NAT) is the process of converting a private IP address in an IP packet header to a public IP address. This function enables computers with private IP addresses to connect to a public network. NAT solves the problem of insufficient IP addresses and prevents the attack from other networks, hiding and protecting computers on the private network. NAT Specificati on A maximum of 1024 NAT table entries. Limitation N/A Related Topics 7.6.1 NAT 7.2.1 ADSL 7.2.2 WAN SIP ALG Descriptio n NAT enables one or more private hosts to use a public IP address to connect to a public network.NAT works in the transport layer, which is transparent to the application layer, so it is difficult for the SIP application to traverse the NAT device. The EGW1520 supports the SIP application level gateway (ALG), which solves the NAT traversal problem for SIP. Specificati on N/A Limitation N/A Related Topics 7.6.1 NAT Descriptio n If the firewall on the LAN or WAN side is enabled, all the packets transmitted through LAN or WAN ports to the EGW1520 will be blocked. You can configure the incoming packet filtering function to allow specified packets to be transmitted to the EGW1520. Incomin g packet filter Specificati on N/A Limitation N/A Related Topics 7.6.2 Incoming Packet Filter Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 71 eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Descriptio n The system allows all packets to be sent to the upstream network through the LAN ports. You can configure the outgoing packet filter to prevent certain packets from being sent to the upstream network using the LAN ports. Outgoin g packet filter Specificati on N/A Limitation N/A Related Topics Descriptio n 7.6.3 Outgoing Packet Filter If the ADSL service is in Bridge mode, you can configure MAC address filter to prevent the ADSL port from forwarding certain data frames. MAC address filter Specificati on N/A Limitation N/A Related Topics 7.6.4 MAC Address Filter Descriptio n The EGW1520 uses the URL filter to limit users' access to specified websites. Maximum number of URLs to be filtered at the same time:

Specificati on URL filter 100 Maximum length of each URL: 128 bytes Full match and partial match Limitation Wildcards, for example, using * for full match, are not allowed in filtering rules. Related Topics Descriptio n 7.6.5 URL Filter A virtual server enables external users to access internal servers on the private network. You can configure a public server on the private network to provide web access and FTP download services. Virtual server Specificati on N/A Limitation This function cannot be enabled when the EGW1520 connects to the 3G network. Related Topics 7.6.6 Virtual Server DMZ Descriptio n A virtual server enables external users to access internal servers on the private network. When multiple services are running on internal servers, several virtual servers must be configured, which makes the configuration complicated. To simplify the configuration, configure only the IP addresses for internal servers Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 72 eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation in the DMZ. Because all ports are open in the DMZ, it increases the security risk for internal servers. Specificati on Only one internal server in the DMZ is supported. Limitation This function cannot be enabled when the EGW1520 connects to the 3G network. Related Topics 7.6.7 DMZ Descriptio n The EGW1520 can encrypt sensitive information in configuration files, such as user name and password. The EGW1520 can encrypt user names and passwords for:

Logging in to the web management system Configu ration file encrypti on PPPoE PPPoA WLAN Specificati on Accessing the 3G network TR-069 ACS SIP user NTP Server Limitation Manual modification on the configuration file is not supported. Related Topics 9.2 Managing the Configuration File Descriptio n The web browser interacts with the EGW1520 using HTTPS, which ensures user information security. HTTPS Specificati on N/A Limitation N/A Related Topics 7.7.1 Web Management Operations and Maintenance Web Descriptio n The EGW1520 provides web management system for users to easily configure, diagnose, and upgrade the EGW1520. Specificati on HTTPS HTTP Limitation Operating system: Windows XP or later Browser: Microsoft Internet Explorer 6.0 or later Resolution: 1024 x 768 or higher Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 73 eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Related Topics 7.7.1 Web Management Web parameters reference TR-069 Descriptio n Technical Report 069 (TR-069) is a technical specification developed by the DSL Forum. TR-069 is short for CPE WAN Management Protocol (CWMP). As an application-layer protocol for remotely managing end devices, TR-069 enables the Application Control Server (ACS) to remotely manage and maintain the EGW1520. Specificati on TR-069 TR-098 TR-104 Limitation N/A Related Topics 7.7.2 TR-069 TR-069 parameters reference 7.2 Connection Modes The EGW1520 connects to the IP network using an ADSL or a WAN port. The ADSL and WAN ports cannot be used at the same time or back each other up. If the ADSL and WAN ports are unavailable, you can insert a 3G data card to the universal serial bus (USB) port to access the 3G network. 7.2.1 ADSL The EGW1520 uses an ADSL port to connect to the upstream network. The ADSL uses high frequencies that are not used by voice phone calls and several modulation methods to achieve high-speed data transmission over twisted-pair copper phone lines. Description Principle This topic describes the principle, implementation, specification, and limitation for the EGW1520 to connect to the upstream network by using the ADSL. Using the frequency-division multiplexing (FDM) technology, the ADSL divides a regular telephone line into three separate channels for the telephone, upstream link, and downstream link. Using the discrete multi-tone (DMT) technology, the ADSL divides the frequency band from 0 kHz to 1.1 MHz on the telephone line into 256 sub frequency bands, each of which occupies a 4.3 kHz bandwidth. 4 kHz or lower: Provides traditional telephone services. 20 kHz to 138 kHz: Transmits upstream signals. 138 kHz to 1.1 MHz: Transmits downstream signals. Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 74 eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Telephone signals are transmitted at the frequency band from 0 kHz to 4 kHz, while signals of ADSL services are transmitted at other frequency bands. ADSL in practical application are deployed as follows:

On the service provider side, connect the telephone lines that have enabled the ADSL service to a digital subscriber line access multiplexer (DSLAM). On the user side, use an ADSL modem to connect telephone and data lines. The ADSL uses high frequency signals. To prevent noise disturbance to calls, splitters are required on the service provider side and the user side to separate data signals from audio signals. ADSL2 The ADSL2 improves the initialization state machine's performance by reducing the frame overhead. In addition, the ADSL2 uses higher modulation rate, improved coding gain, and enhanced signal processing methods. Compared with the ADSL, the ADSL2 takes advantage in rate and coverage. Its maximum downstream rate is 12 Mbit/s and maximum upstream rate is 1 Mbit/s. ADSL2+

In addition to basic ADSL2 features, the ADSL2+ extends ADSL2's downstream frequency band, which increases the downstream rate within a short distance. Two ADSL2 standards specify downstream frequency bands to 0 kHz1.1 MHz and 0 kHz552 kHz, while the ADSL2+ specifies the downstream frequency band to 0 kHz t2.2 MHz. This increases the ADSL2+ downstream rate to 24 Mbit/s within 1.5 km. The ADSL2's upstream rate, depends on the line condition (basically, it is 1 Mbit/s). Implementation The EGW1520 functions as a modem on the ADSL network to modulate and demodulate ADSL signals. After being connected to a remote DSLAM, the EGW1520 connects users to the IP network. Figure 7-1 shows the ADSL network. Figure 7-1 ADSL network diagram Specification Modes for connecting to Internet: route and bridge. Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 75 eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Support for the static IP address and obtaining IP addresses by means of DHCP, PPPoE, PPPoA, and IPoA. Point-to-Point Protocol (PPP) authentication modes: Password Authentication Protocol

(PAP) and Challenge Handshake Authentication Protocol (CHAP). ADSL Seamless Rate Adaptation (SRA). Standards supported by ADSL:

Limitation ITU-T G.992.1 Annex A ITU-T G.992.3 (ADSL 2) Annex Annex A, L and M ITU-T G.992.5 (ADSL 2+) Annex A ITU-T G.992.5 (ADSL 2+) Annex M The voice service and the data service must use the same ADSL Permanent Virtual Circuits (PVC) channel. The EGW1520 connects to the IP network using an ADSL or a WAN port. The ADSL and WAN ports cannot be used at the same time or back each other up. Basic Configuration This topic describes the basic configuration of the ADSL. After the ADSL is configured and ADSL connection is set up, EGW1520 users can connect to the IP network to access the Internet or IP Multimedia Subsystem/Next Generation Network (IMS/NGN). Prerequisite Background You have logged in to the web management system. For details, see 7.7.1 Web Management. For the principle, implementation, specification, and limitation of the ADSL, see Description. EGW1520 ADSL basic configuration contains the following operations:

1. Add an ATM interface. For details, see Adding an ATM Interface. 2. Add an ADSL service for the new ATM interface. For details, see Adding an ADSL Service. ADSL services can be added only for ATM interfaces. Therefore, you must add an ATM interface before adding an ADSL service. Before deleting an ATM interface, you must delete the ADSL service that is associated with the interface. Adding an ATM Interface Step 1 On the web management system, choose Network > ADSL from the navigation tree. The page shown in Figure 7-2 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 76 eSpace EGW1520 Enterprise Gateway Product Documentation Figure 7-2 Adding an ATM interface (1) 7 Feature Description and Implementation Step 2 Click

. The page shown in Figure 7-3 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 77 eSpace EGW1520 Enterprise Gateway Product Documentation Figure 7-3 Adding an ATM interface (2) 7 Feature Description and Implementation Step 3 Set parameters according to Table 7-1. Table 7-1 Parameter description (1) Parameter Description PVC Identifier

(VPI) Indicates the virtual path identifier. The value is provided by the network carrier. PVC Identifier

(VCI) Indicates the virtual channel identifier. The value is provided by the network carrier. DSL Latency Indicates the ADSL latency channel. Normally, the value is Path0. The setting must be the same as that on the Digital Subscriber Line Access Multiplexer (DSLAM), which is provided by the network Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 78 eSpace EGW1520 Enterprise Gateway Product Documentation Parameter Description carrier. 7 Feature Description and Implementation DSL Link Type Indicates the ADSL connection type. The options are as follows:

EoA: Ethernet over ATM, including Point-to-Point Protocol over Ethernet over ATM (PPPoEoA), IP over Ethernet over ATM

(IPoEoA), and bridge. PPPoA: Point-to-Point Protocol over ATM IPoA: Internet Protocol over ATM The setting on the EGW1520 must be the same as that on the DSLAM, which is provided by the network carrier. The following Adding an ADSL Service uses EoA as an example. Connection Mode Indicates the ADSL connection mode. The options are as follows:

Default Mode: Packets that are sent from the ADSL port do not carry any VLAN tags. VLAN MUX Mode: Packets that are sent from the ADSL port can carry VLAN tags. The setting on the EGW1520 must be the same as that on the DSLAM, which is provided by the network carrier. NOTE When DSL Link Type is set to PPPoA or IPoA, this parameter is unavailable. Encapsulation Mode Indicates the mode for encapsulating packets. The setting on the EGW1520 must be the same as that on the DSLAM, which is provided by the network carrier. Service Category Indicates the service type. This parameter limits the rate of upstream packets that are sent from the ADSL port. UBR Without PCR: Neither the unspecified bit rate (UBR) nor the peak cell rate (PCR) is limited. UBR With PCR: The UBR is not limited but the PCR is limited. CBR: The constant bit rate (CBR) is used. Non Realtime VBR: The non-real-time variable bit rate (VBR) is used. Non Realtime VBR: The real-time VBR is used. IP QoS Scheduler Algorithm Indicates the QoS rule for scheduling upstream packets that are sent from the ADSL port. The options are as follows:

Strict Priority: The priority-based QoS rule is used. Packets in a queue with a low priority are not sent until packets in the queue with a higher priority have been sent. The priority of the default queue is 8. Packets matching no QoS rule are placed in the default queue. Weighted Fair Queuing: The Weighted Fair Queuing (WFQ)-based QoS rule is used. Packets are classified based on precedence. The precedence of a packet determines the bandwidth for sending the packet out of the queue. A higher precedence indicates a higher bandwidth. NOTE Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 79 eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Parameter Description For features and configurations of the EGW1520 QoS, see QoS. Step 4 Click to save the settings.

----End Adding an ADSL Service The operations for Adding an ADSL Service vary with the ADSL connection type. This topic describes the ADSL connection of the EoA type. For parameters for configuration other ADSL connection types, see Web Parameters Reference . Step 1 On the web management system, choose Network > ADSL from the navigation tree. The page shown in Figure 7-4 is displayed. Figure 7-4 Adding an ADSL service (1) Step 2 Click

. The page shown in Figure 7-5 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 80 eSpace EGW1520 Enterprise Gateway Product Documentation Figure 7-5 Adding an ADSL service (2) 7 Feature Description and Implementation Step 3 Select an ADSL port. Step 4 Click

. The page shown in Figure 7-6 is displayed. Figure 7-6 Adding an ADSL service (3) Step 5 Select a service type and define the service description. You can also retain the default service description. The service type varies according to network carriers. If Bridging is selected, EGW1520 functions as a bridge and does not provide the route and voice functions. The EGW1520 supports the following ADSL service types (to access the configuration procedure of a service type, click the corresponding link):

Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 81 eSpace EGW1520 Enterprise Gateway Product Documentation PPPoE IPoE Bridging 7 Feature Description and Implementation If you select PPPoE as the service type, the procedure is as follows:

1. Click in Figure 7-6. The page shown in Figure 7-7 is displayed. Figure 7-7 Adding an ADSL service (4) 2. Set parameters according to Table 7-2. Table 7-2 Parameter description (2) Parameter Username Password Description The value is provided by the network carrier. The value is provided by the network carrier. Authentication Method The options are as follows:

AUTO: The system automatically selects the Password Authentication Protocol (PAP) or Challenge Handshake Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 82 eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Parameter Description Dial on demand (with idle timeout timer) Authentication Protocol (CHAP) as required. PAP: The PAP is used. CHAP: The CHAP is used. The value is provided by the network carrier. The recommended value is AUTO. Dial on demand is applicable to the Internet service charged by time. When this function is enabled, the EGW1520 sets up a dialing connection only when there are Internet access requests. If the EGW1520 does not receive any Internet access requests within a specified period, the ADSL connection is disconnected automatically. Use Static IP Address The static IP address assigned by the network carrier is used. Bridge PPPoE Frames Between WAN and Local Ports PCs and other terminals that connect to the EGW1520 can still use the PPPoE dialing function when the EGW1520 functions as a route. NAT Fullcone NAT Firewall Indicates whether to enable the network address translation

(NAT) function which allows EGW1520 users to access the Internet with private IP addresses. The default value Enable is recommended. Indicates whether to enable the full cone NAT function. The default value Disable is recommended. Indicates whether to enable the firewall function. If the firewall function is enabled, the firewall will block all downstream packets that are sent from the ADSL port. The default value Enable is recommended. 3. Click

. The page shown in Figure 7-8 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 83 eSpace EGW1520 Enterprise Gateway Product Documentation Figure 7-8 Adding an ADSL service (5) 7 Feature Description and Implementation 4. Configure a DNS server. The system provides the following methods for configuring a DNS server:

Select a port that connected to a DNS server. Configure a static DNS server whose IP address is provided by the network carrier. If the IP address of the DNS is provided, users can select the second method. 5. Click

. The page shown in Figure 7-9 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 84 eSpace EGW1520 Enterprise Gateway Product Documentation Figure 7-9 Adding an ADSL service (6) 7 Feature Description and Implementation 6. Check whether the configurations are correct. If yes, click to save the configurations. If no, click to modify the configurations. If you select IPoE as the service type, the procedure is as follows:

1. Click IPoE in Figure 7-6. The page shown in Figure 7-10 is displayed. Figure 7-10 Adding an ADSL service (7) Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 85 eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation 2. Click

. The page shown in Figure 7-11 is displayed. Figure 7-11 Adding an ADSL service (8) 3. Set the IP address. Select either of the following modes for setting the IP address based on the parameters provided by carriers:

DHCP mode Static mode Set parameters according to Table 7-3. Table 7-3 Parameter description (3) Parameter DHCP Description The EGW1520 functions as the DHCP client and obtains the IP address using the DHCP server. The setting must be the same as that on the Broadband Remote Access Server Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 86 eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Parameter Description

(BRAS) of the network carrier. Option 60 Vendor ID Indicates the ID of the DHCP client manufacturer. Option 61 IAID Option 61 DUID Option 125 Option 42 Option 43 Indicates the identity association identifier of the DHCP client. The IAID and DUID compose of the client ID. The MAC address and DHCP client ID are used to identify a DHCP client. When the same client requests IP addresses at different times, the DHCP server allocates the same IP address to it. Indicates the unique DHCP client identifier. The IAID and DUID compose of the client ID. The MAC address and DHCP client ID are used to identify a DHCP client. When the same client requests IP addresses at different times, the DHCP server allocates the same IP address to it. Indicates the option for the client manufacturer. It is used to provide the DHCP server with information such as the manufacturer name, OUI, device model, device SN for the DHCP server. The information can be used in TR-069.By default, this value is enabled. Indicates the NTP server option. It is used to allocate the NTP server's IP addresses to the client.By default, this value is enabled. Indicates the option for the manufacturer's specified information. It is used to allocate ACS URL to the client. The information can be used in TR-069.By default, this value is enabled. Option 66 & 67 & 150 66: TFTP server domain option, used to allocate the TFTP server's domain name to the client. 67: File name option, used to allocate the file name to the client. 150: TFTP server IP address option, used to allocate the TFTP server's IP address to the client. By default, this value is enabled. Indicates the SIP server option. It is used to allocate the SIP server's IP address or domain name to the client.By default, this value is enabled. Set the static IP address for the EGW1520. The setting must be the same as that on the BRAS of the network carrier. Indicates the IP address. The value is provided by the network carrier. Option 120 Static IP Address WAN IP Address WAN Subnet Mask Indicates the subnet mask. The value is provided by the network carrier.The default value is 255.255.255.0. WAN Gateway Indicates the gateway IP address. The value is provided by the network carrier. Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 87 eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation 4. Click

. The page shown in Figure 7-12 is displayed. Figure 7-12 Adding an ADSL service (9) 5. Set parameters according to Table 7-4. Table 7-4 Parameter description (4) Parameter NAT Fullcone NAT Firewall Description Indicates whether to enable the network address translation

(NAT) function which allows EGW1520 users to access the Internet with private IP addresses. The default value Enable is recommended. Indicates whether to enable the full cone NAT function. The default value Disable is recommended. Indicates whether to enable the firewall function. If the firewall function is enabled, the firewall will block all downstream packets that are sent from the ADSL port. The default value Enable is recommended. 6. click

. The page shown in Figure 7-13 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 88 eSpace EGW1520 Enterprise Gateway Product Documentation Figure 7-13 Adding an ADSL service (10) 7 Feature Description and Implementation 7. Configure a DNS server. The system provides the following methods for configuring a DNS server:

Select a port that connected to a DNS server. Configure a static DNS server whose IP address is provided by the network carrier. If the IP address of the DNS is provided, users can select the second method. 8. Click

. The page shown in Figure 7-14 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 89 eSpace EGW1520 Enterprise Gateway Product Documentation Figure 7-14 Adding an ADSL service (11) 7 Feature Description and Implementation 9. Check whether the configurations are correct. If yes, click to save the configurations. If no, click to modify the configurations. If you select Bridging as the service type, the procedure is as follows:

1. Click Bridging in Figure 7-6. The page shown in Figure 7-15 is displayed. Figure 7-15 Adding an ADSL service (12) Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 90 eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation 2. Click

. The page shown in Figure 7-16 is displayed. Figure 7-16 Adding an ADSL service (13) 3. Check whether the configurations are correct. If yes, click to save the configurations. If no, click to modify the configurations.

----End Verification To verify that the ADSL connection is set up, proceed as follows:

Step 1 Choose Management > Status. The Network page is displayed. Step 2 Check the value of Status. If the value of Status is Connected, the ADSL connection is set up. If the value is not Connected, verify that the configuration is correct.

----End Advanced Configurations This topic describes how to set advanced ADSL parameters. Only network administrators can change the advanced parameter settings. To ensure the normal running of the EGW1520, you are advised to use the default settings. Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 91 eSpace EGW1520 Enterprise Gateway Product Documentation Prerequisites 7 Feature Description and Implementation You have logged in to the web management system. For details, see 7.7.1 Web Management. Configuration Procedure Step 1 On the web management system, choose Network > ADSL from the navigation tree. Step 2 Click the Advanced Configuration tab. The page shown in Figure 7-17 is displayed. Figure 7-17 ADSL advanced configurations Step 3 Set parameters according to Table 7-5. Table 7-5 Parameter description Parameter Description Modulation Indicates the ADSL modulation mode, which is provided by the network carrier and must be compatible with the Digital Subscriber Line Access Multiplexer (DSLAM). The options are as follows:

G.Dmt: It is an International Telecommunications Union (ITU) standard for ADSL, also known as G.992.1. It delivers data at rates up to 8 Mbit/s downstream and 896 kbit/s upstream. By default, this value is selected. T1.413: It is created by the American National Standards Institute

(ANSI) Telecommunications Committee. It defines the minimum requirements for satisfactory performance of ADSL systems using the Discrete Multi-Tone (DMT) line code. The maximum downstream data rate is 8 Mbit/s. By default, this value is selected. ADSL2: It is the second-generation ADSL standard, including ADSL2 (G.992.3) and no-splitter ADSL2 (G.992.4). Compared with the first-generation ADSL standard, the ADSL2 standard is better in Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 92 eSpace EGW1520 Enterprise Gateway Product Documentation Parameter Description 7 Feature Description and Implementation the access distance and transmission performance aspects, and is improved in stability and anti-noise capabilities. It delivers data at rates up to 12 Mbit/s downstream and 1.0 Mbit/s upstream. By default, this value is selected. ADSL2+: The ADSL2+ extends the capability of the ADSL2. It increases the number of subcarriers by increasing the number of downstream bits. It delivers data at rates up to 24 Mbit/s downstream and 1.0 Mbit/s upstream. The maximum transmission distance is 6.5 km. By default, this value is selected. AnnexL: It is an ITU standard for ADSL, also known as G.992.3. It delivers data at rates up to 12 Mbit/s downstream and 1.0 Mbit/s upstream. By default, this value is selected. Annex M: It contains all new features of ADSL2+. Annex M delivers data at rates up to 24 Mbit/s downstream and 3.5 Mbit/s upstream. By default, this value is not selected. Phone Line Pair Indicates the phone line pair. The default value is Inner pair. Inner pair: inner pair among the four internal phone lines. Outer pair: outer pair among the four internal phone lines. Capability Indicates the DSL service capability. Bitswap: bit exchange capability. If this value is specified, EGW1520 allows simple bit control for automatically adjusting line rates. By default, this value is selected. SRA: seamless rate adaptation capability. If this value is specified, EGW1520 can change connection rates when services are transmitted continuously or when there is no bit error. By default, this value is not selected. Step 4 Click to save the settings.

----End 7.2.2 WAN The EGW1520 uses a WAN port to connect to the upstream network. The FE mode, however, cannot be used with the ADSL mode at the same time and cannot function as a backup of the ADSL mode. This topic describes the principle, implementation, specification, and limitation for using a WAN port to connect the EGW1520 to the upstream network. Description Principle The EGW1520 complies with IEEE802.3u 100Base-T. Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 93 eSpace EGW1520 Enterprise Gateway Product Documentation Implementation 7 Feature Description and Implementation The EGW1520 has a WAN port. After being configured and connected, the WAN port connects users to the IP network. The IP network connects users to the Internet, IP Multimedia Subsystem (IMS), or Next Generation Network (NGN), as shown in Figure 7-18. Figure 7-18 WAN network diagram Specification One 10/100/1000 Mbit/s self-adaptive WAN port. Modes of obtaining IP addresses: static IP address configuration, DHCP server, and PPPoE. Standards supported by the WAN port:

MAC Address (IEEE 802.3) Internet Protocol v4 (RFC 791) Address Resolution Protocol (RFC 826) Internet Control Message Protocol (RFC 792) An Ethernet Address Resolution Protocol (RFC 0826) A Standard for the Transmission of IP Datagrams over Ethernet Networks (RFC894) A Standard for the Transmission of IP Datagrams over IEEE 802 Networks

(RFC1042) DHCP (RFC 2131) TCP Transmission Control Protocol (RFC793) UDP User Datagram Protocol (RFC768) Limitation The WAN port supports half-duplex and full-duplex self adaptation, but cannot be forced to use full duplex or half duplex. Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 94 eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation The EGW1520 connects to the IP network using an ADSL or a WAN port. The ADSL and WAN ports cannot be used at the same time or back each other up. IPv6 is not supported. Configuration The EGW1520 uses a WAN port to connect to the IP network. Users can access the Internet, IP Multimedia Subsystem (IMS), or Next Generation Network (NGN) over the IP network. Prerequisite Background Procedure You have logged in to the web management system. For details, see 7.7.1 Web Management. For the principle, implementation, specification, and limitation for using a WAN port to connect the EGW1520 to the upstream network, see Description. Step 1 On the web management system, choose Network > WAN from the navigation tree. The page shown in Figure 7-19 is displayed. Figure 7-19 Configuring the WAN connection (1) Step 2 Click

. The page shown in Figure 7-20 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 95 eSpace EGW1520 Enterprise Gateway Product Documentation Figure 7-20 Configuring the WAN connection (2) 7 Feature Description and Implementation Step 3 Select a service type and define the service description. You can also use the default service description. The service type varies according to network carriers. The EGW1520 supports the following WAN service types (to access the configuration procedure of a service type, click the corresponding link):

PPPoE IPoE If you select PPPoE as the service type, the procedure is as follows:

1. Click in Figure 7-20. The page shown in Figure 7-21 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 96 eSpace EGW1520 Enterprise Gateway Product Documentation Figure 7-21 Configuring the WAN connection (3) 7 Feature Description and Implementation 2. Set parameters according to Table 7-6. Table 7-6 Parameter description (1) Parameter Description Username Password The value is provided by the network carrier. The value is provided by the network carrier. Authentication Method The options are as follows:

AUTO: The system automatically selects the Password Authentication Protocol (PAP) or Challenge Handshake Authentication Protocol (CHAP) as required. PAP: The PAP is used. CHAP: The CHAP is used. The value is provided by the network carrier. The recommended value is AUTO. Dial on demand is applicable to the Internet service charged by time. When this function is enabled, the EGW1520 sets up a dialing connection only when there are Internet access requests. If the EGW1520 does not receive any Internet access requests within a specified period, the WAN connection is disconnected Dial on demand Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 97 eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Parameter Description automatically. Use Static IP Address The static IP address assigned by the network carrier is used. Bridge PPPoE Frames Between WAN and Local Ports NAT Fullcone NAT Firewall The default value is recommended. Indicates whether to enable the network address translation

(NAT) function which allows EGW1520 users to access the Internet with private IP addresses. Indicates whether to enable the full cone NAT function. The default value Disable is recommended. Indicates whether to enable the firewall function. If the firewall function is enabled, the firewall will block all downstream packets that are sent from the WAN port. By default, this value is Enabled. You can configure relevant parameters to enable packets to pass the firewall. 3. Click

. The page shown in Figure 7-22 is displayed. Figure 7-22 Configuring the WAN connection (4) 4. Configure a DNS server. The system provides the following configuration methods:

Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 98 eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Select a WAN port. Then the DNS server where the port resides is used. Set the static IP address for the DNS server. The IP address is provided by the network carrier. This method is available when you know the IP address of the DNS server. 5. Click

. The page shown in Figure 7-23 is displayed. Figure 7-23 Configuring the WAN connection (5) 6. Check whether the configurations are correct. If yes, click to save the configurations. If no, click to modify the configurations. If you select IPoE as the service type, the procedure is as follows:

1. Click IPoE in Figure 7-20. The page shown in Figure 7-24 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 99 eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Figure 7-24 Configuring the WAN connection (6) 2. Click

. The page shown in Figure 7-25 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 100 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Figure 7-25 Configuring the WAN connection (7) 3. Set parameters according to Table 7-7. Table 7-7 Parameter description (2) Parameter DHCP Description The EGW1520 functions as the DHCP client and obtains the IP address using the DHCP server. The setting must be the same as that on the Broadband Remote Access Server

(BRAS) of the network carrier. Option 60 Vendor ID Indicates the ID of the DHCP client manufacturer. Option 61 IAID Indicates the identity association identifier of the DHCP client. The IAID and DUID compose of the client ID. The MAC address and DHCP client ID are used to identify a DHCP client. When the same client requests IP addresses at different times, the DHCP server allocates the same IP address to it. Option 61 DUID Indicates the unique DHCP client identifier. The IAID and Issue 01 (2012-05-15) Huawei Proprietary and Confidential 101 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Parameter Description Option 125 Option 42 Option 43 DUID compose of the client ID. The MAC address and DHCP client ID are used to identify a DHCP client. When the same client requests IP addresses at different times, the DHCP server allocates the same IP address to it. Indicates the option for the client manufacturer. It is used to provide the DHCP server with information such as the manufacturer name, OUI, device model, device SN for the DHCP server. The information can be used in TR-069.By default, this value is enabled. Indicates the NTP server option. It is used to allocate the NTP server's IP addresses to the client.By default, this value is enabled. Indicates the option for the manufacturer's specified information. It is used to allocate ACS URL to the client. The information can be used in TR-069.By default, this value is enabled. Option 66 & 67 & 150 66: TFTP server domain option, used to allocate the TFTP server's domain name to the client. 67: File name option, used to allocate the file name to the client. 150: TFTP server IP address option, used to allocate the TFTP server's IP address to the client. By default, this value is enabled. Indicates the SIP server option. It is used to allocate the SIP server's IP address or domain name to the client.By default, this value is enabled. Set the static IP address for the EGW1520. The setting must be the same as that on the BRAS of the network carrier. Indicates the IP address. The value is provided by the network carrier. Option 120 Static IP Address WAN IP Address WAN Subnet Mask Indicates the subnet mask. The value is provided by the network carrier.The default value is 255.255.255.0. WAN Gateway Indicates the gateway IP address. The value is provided by the network carrier. 4. Click

. The page shown in Figure 7-26 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 102 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Figure 7-26 Configuring the WAN connection (8) 5. Set parameters according to Table 7-8. Table 7-8 Parameter description (3) Parameter NAT Fullcone NAT Firewall Description Indicates whether to enable the network address translation

(NAT) function which allows EGW1520 users to access the Internet with private IP addresses. The default value Enable is recommended. Indicates whether to enable the full cone NAT function. The default value Disable is recommended. Indicates whether to enable the firewall function. If the firewall function is enabled, the firewall will block all downstream packets that are sent from the WAN port. By default, this value is Enabled. You can configure relevant parameters to enable packets to pass the firewall. 6. Click

. The page shown in Figure 7-27 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 103 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Figure 7-27 Configuring the WAN connection (9) 7. Configure a DNS server. The system provides the following configuration methods:

Select a WAN port. Then the DNS server where the port resides is used. Set the static IP address for the DNS server. The IP address is provided by the network carrier. This method is available when you know the IP address of the DNS server. 8. Click

. The page shown in Figure 7-28 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 104 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Figure 7-28 Configuring the WAN connection (10) 7 Feature Description and Implementation 9. Check whether the configurations are correct. If yes, click to save the configurations. If no, click to modify the configurations.

----End Verification To verify that the WAN connection is set up, proceed as follows:

Step 1 Choose Management > Status. The Network page is displayed. Step 2 Check the value of Status. If the value of Status is Connected, the WAN connection is set up. If the value is not Connected, verify that the configuration is correct.

----End 7.2.3 3G Normally, the EGW1520 uses an ADSL or a WAN port to connect to the IP network. When the ADSL or WAN port cannot be used, insert a 3G card to the USB port to connect the EGW1520 to the 3G network. The 3G network connects the EGW1520 to the IP network. The 3G network supports voice and data services, but does not support the fax service. Description This topic describes the principle, implementation, specification, and limitation for connecting the EGW1520 to the upstream network through the 3G network. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 105 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Principle 7 Feature Description and Implementation The EGW1520 has a USB port. After you insert a 3G card to the USB port, the EGW1520 is connected to the 3G network. Implementation Normally, the EGW1520 uses an ADSL or a WAN port to connect to the IP network. When the ADSL or WAN port is not available, you can use a 3G card to enable audio and data services (fax service not supported), as shown in Figure 7-29. When the ADSL or WAN port is available, the EGW1520 automatically switches to the ADSL or WAN port to connect to the IP network. Figure 7-29 3G network Specification One USB port (for 3G data cards). Limitation The EGW1520 supports the following 3G data cards:

TD SCDMA Huawei ET302 with the software version of 11.100.05.00.00 Huawei ET127 with the software version of 11.101.01.36.00 WCDMA Huawei K3765 with the software version of 11.126.03.06.00 Huawei E176G with the software version of 11.126.03.02.00 The 3G network supports the backup function and does not support the fax service, Demilitarized Zone (DMZ) host, and virtual servers. Configuration This topic describes how to configure the connection to the IP network through 3G. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 106 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Prerequisite 7 Feature Description and Implementation Huawei K3765 3G data card has been inserted. After WAN cable or ADSL cable is connected, 3G data card can be connected to the EGW1520 to achieve network backup. The procedure for enabling the 3G network connection is as follows:

1. Draw the 3G data card cap, and insert the SIM card, as shown in Figure 7-30. Figure 7-30 Inserting the SIM card 2. Insert the 3G data card into the USB port on the EGW1520, as shown in Figure 7-31. Figure 7-31 Inserting the 3G data card Logging In to the Web Management System You have logged in to the web management system. For details, see Logging In to the Web Management System. For details about the principle, implementation, specification, and limitation for connecting the EGW1520 to the upstream network through the 3G network, see Description. Background Procedure Step 1 On the web management system, choose Network > 3G from the navigation tree. The page shown in Figure 7-32 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 107 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Figure 7-32 3G Configuration (1) Table 7-9 describes the parameters. Table 7-9 Parameter description (1) Parameter Description ISP Indicates the carrier name, such as China Unicom. Signal Intensity Indicates the signal strength. SIM Card Status Indicates the SIM card status. The options are as follows:

Ready: The SIM card is available. No Device: No data card exists or the data card is not detected properly. PUK Need: If you enter incorrect PIN codes for three consecutive times, the SIM card is locked. To unlock the SIM card, contact network carriers. Unlocking: The PIN code is entered and the SIM card is being unlocked. IMEI Indicates the serial number of the data card. SYS Mode Indicates the connection mode, such as WCDMA. Connection Status Indicates the current network connection status. IP Address Indicates the IP address obtained on the 3G network. Connection Duration Indicates the network connection duration. Step 2 Click the

. The page shown in Figure 7-33 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 108 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Figure 7-33 3G Configuration (2) Step 3 Set parameters according to Table 7-10. Table 7-10 Parameter description (2) Parameter Description Backup Mode Backup modes are as follows:

Manual: When the ADSL or WAN port is disconnected, you are required to connect the EGW1520 to the 3G network manually. Automatic: When the ADSL or WAN port is disconnected, the EGW1520 connects to the 3G network automatically. NOTE When the ADSL or WAN port is available, the EGW1520 automatically switches to the ADSL or WAN port to connect to the IP network. WCDMA Set WCDMA parameters. Dial String: Enter the dial string, such as *99# for China Unicom. Access Point Name: Enter the access point name, such as 3gnet for China Unicom. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 109 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Parameter Description TD SCDMA Set TD SCDMA parameters. Dial String: Enter the dial string, such as *99# for China Mobile. Access Point Name: Enter the access point name, such as cmnet for China Mobile. Step 4 Click

. Step 5 Click the SIM Configuration . The page shown in Figure 7-34 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 110 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Figure 7-34 SIM Configuration tab page Step 6 Set parameters according to Table 7-11. Table 7-11 Parameter description (3) Parameter Description PIN Lock Enable: You must enter a PIN code in the SIM Card State text box on the 3G Status tab page when a SIM card is inserted again or is recovered from power-off. Obtain the PIN code from network carriers. This improves SIM card security. NOTE If you enter incorrect PIN codes for three consecutive times, the SIM card is locked. To unlock the SIM card, contact network carriers. Disable: A PIN code is not required when a SIM card is inserted Issue 01 (2012-05-15) Huawei Proprietary and Confidential 111 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Parameter Description again or is recovered from a power-off. Click to save the settings. Network Mode 3G Preferred: Use 3G in preference and use 2G only when 3G is unavailable. 3G Only: Use only 3G. 2G Only: Use only 2G. Click to save the settings.

----End Verification To verify that the 3G backup function takes effect, proceed as follows:

Step 1 Disconnect the ADSL port or WAN port. Step 2 Click the 3G Configuration tab, and verify that the value of Connection Status is Connected. If the value is Disconnected, check the 3G configurations. If you set the 3G backup mode to Manual, connect the EGW1520 to the 3G network manually when the ADSL or WAN port is disconnected. Step 3 Use the Microsoft Internet Explorer on a computer to browse an external web page.

----End If you can browse web pages and make calls, the 3G backup is effective. If the 3G backup is ineffective, contact the network carrier. 7.3 Voice (UC Mode) In the eSpace UC solution, the EGW1520 is deployed at a small branch of an enterprise to provide network access functions for the small branch. Phones at the branch are registered with the SIP server on the central node at the headquarters. Numbers of the branch users are allocated by the SIP server at the headquarters and synchronized by the EGW1520 with the data synchronization server. The EGW1520 can also function as a trunking gateway to implement incoming and outgoing call functions through the FXO port for the local PSTN. 7.3.1 Voice Access This topic describes the voice function provided by the EGW1520 in the eSpace UC solution. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 112 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Description 7 Feature Description and Implementation This topic describes the registration and call process when the EGW1520 functions as the voice access device. Registration with Multiple Servers and Call Process In UC mode, the EGW1520 can register with multiple SIP servers (both the active and standby SIP servers) simultaneously. The EGW1520 registers POTS users to the SIP server at the central node. SIP users (such as IP phone and IAD users) use SIP to directly register with the SIP server at the central node. All calls are processed by the SIP server at the central node. Figure 7-35 shows the registration with multiple servers. Figure 7-35 Registration with multiple servers When the EGW1520 registers with multiple SIP servers, the call processes are as follows:

User A calls user B. 1. User A sends a call request to the SIP server at the central node through the EGW1520. 2. The SIP server processes the request and then transfers the call to user B. 3. User B picks up the phone and the call is set up. User B calls user C. 1. User B sends a call request to the SIP server in at the headquarters' central node through the EGW1520. 2. The SIP server processes the request and then transfers the call to user C. 3. User C picks up the phone and the call is set up. User C calls an external user of the enterprise. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 113 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation 1. User C sends a call request to the SIP server in at the headquarters' central node through the EGW1520. 2. The SIP server processes the request and transfers the call the IMS/NGN or PSTN network. 3. The external user picks up the phone and the call is set up. Local Survival The EGW1520 supports the local survival function. When the EGW1520 is disconnected from the primary and secondary SIP servers, it automatically switches to the local survival mode. In this mode, the EGW1520 functions as a local SIP server for internal users to register with. All calls connected to the EGW1520 are processed by the EGW1520. Outgoing calls are made through the FXO port. The EGW1520 sends heartbeat detection messages to both the active and standby servers. When either server recovers, the EGW1520 automatically disables the local survival mode. Data Synchronization In UC mode, you do not need to configure internal user numbers on the EGW1520. All user numbers are allocated and synchronized to the EGW1520 by the data synchronization server such as the BMP. Users can only view phone number information on the web page of the EGW1520. They cannot change the information. Figure 7-36 shows the typical network of data synchronization. Figure 7-36 Typical network of data synchronization Issue 01 (2012-05-15) Huawei Proprietary and Confidential 114 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Before the configuration, collect the user quantity in a branch and apply to the enterprise IT administrator for number allocation. Then the SIP server allocates user numbers and the EGW1520 synchronizes the user numbers with the data synchronization server. The data synchronization mechanism is as follows:

The EGW1520 initiates data synchronization. The EGW1520 sends a data synchronization request to the data synchronization server when the EGW1520 restarts, data synchronization server information on the EGW1520 changes, or the EGW1520 switches from the local survival mode to another mode. The data synchronization server initiates data synchronization. The data synchronization server regularly sends data synchronization requests to the EGW1520 to ensure user data consistency between them. Specification A maximum of 20 SIP users. One FXS port, connecting to one POTS user. A maximum of 8-channel users (SIP users and POTS users) can simultaneously initiate calls. Standards supported by voice service:

G.711 A, G.711 u, G.729, G.726, and G.722 SIP (RFC 32613265) SIP Session Timers (RFC 4028) SDP (RFC 2327) RTP or RTCP RFC 2833 Configuration In UC mode, all phones connected to the EGW1520 are registered with the SIP server at the headquarters. Before the configuration, apply to the enterprise IT administrator for number allocation. Prerequisite You have logged in to the web management system. For details, see 7.7.1 Web Management. The EGW1520 has connected to the uplink network. For details, see 7.2 Connection Modes. Before the configuration, collect the user quantity in a branch and apply to the enterprise IT administrator for number allocation. Example Network Plan Example Figure 7-37 shows the network in which the EGW1520 connects to the SIP server at the headquarters. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 115 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Figure 7-37 EGW1520 network 7 Feature Description and Implementation Analog phones are connected to the PHONE ports of the EGW1520, and IP phones are connected to the EGW1520 through the switch. You can also use network cables to connect IP phones to LAN ports of the EGW1520. Data Plan Example Table 7-12 describes the server information to be obtained from the enterprise IT administrator. Table 7-12 Headquarters server information Server Information Example Information about the SIP server at the headquarters' central node Information about the data synchronization server (BMP) Address type: IP address Address: 192.169.10.90 Network type: IMS IP address: 192.169.10.99 Port number: 8098 Procedure Step 1 On the web management system, choose Voice > SIP Server from the navigation tree. Step 2 Click Enable for UC Mode. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 116 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Step 3 Click

. The page shown in Figure 7-38 is displayed. Figure 7-38 Configuring a registration server Step 4 Set parameters according to Table 7-13. Table 7-13 Registration server parameters Parameter Description IP Port DataSync Key IP address of the data synchronization server (such as the BMP). The value is provided by the enterprise IT administrator. Port number of the data synchronization server (such as the BMP). The value is provided by the enterprise IT administrator. If it is not provided, use the default value 8098. Data synchronization key. When the EGW1520 synchronizes data with the data synchronization server, the synchronization keys of the EGW1520 and the data synchronization server must be the same. Otherwise, the EGW1520 denies data synchronization. The value is a string of 1 to 32 characters that can be digits, letters, and special characters. For the detailed configuration rule, contact the enterprise IT administrator. Working Mode Master: active server. The server that is added first is the active server. Slave: standby server. Option Interval Interval for sending heartbeat detection messages to the active and standby server. The value ranges from 30 to 150, in seconds. The default value 90 is recommended. NOTE In UC mode, the EGW1520 sends heartbeat detection messages to both the active and standby servers. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 117 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Parameter Description Address Type Address type of the SIP server. The options are IP address or domain name. The value is provided by the enterprise IT administrator. IP/Domain IP address or DNS domain name of the SIP server. The value is provided by the enterprise IT administrator. NOTE If you select Domain, configure the DNS server when configuring the WAN uplink mode. DNS Type IP address parsing mode of the DNS. This parameter is valid when Address Type is set to Domain. SRV: A domain name can be mapped to multiple IP addresses. The two IP addresses of the highest priority are used as the IP addresses of the active and standby SIP servers. NOTE If you set DNS Type to SRV, you do not need to configure the standby SIP server. HOST: One domain name corresponds to one IP address. To perform switchover between the active and standby servers, two SIP servers need to be configured. Server Type SIP network type inside the enterprise. Generally, set the network type to NGN if the eSpace U1900 is used or IMS if the eSpace U2900 is used. For details, contact the enterprise IT administrator. Port Port number of the SIP server. The value is provided by the network carrier. The default value 5060 is recommended. Expiration Time Interval for the registration group to register POTS users in the group with the SIP server. The value ranges from 0 to 14400, in seconds. The default value 360 is recommended. Step 5 Click to save the settings. After the enterprise IT administrator allocates numbers to users connected to the EGW1520 on the SIP server at the headquarters, and the EGW1520 synchronizes data with the data synchronization server, you can choose Voice > Phone Allocation to query the allocated user numbers. If the user numbers cannot be found, query again after you restart the EGW1520 or the EGW1520 synchronizes data with the data synchronization server. Step 6 Register IP phones with the SIP server at the headquarters. See the IP phone manual to configure the IP address and internal number of the IP phone, IP address of the SIP server at the headquarters, and IP address of the EGW1520 to register the IP phone with the SIP server and the EGW1520. Step 7 Configure the VPN tunnel. VPN ensures secure communication between branches and headquarters. For details about VPN configuration, see 7.5.6 VPN.

----End Issue 01 (2012-05-15) Huawei Proprietary and Confidential 118 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Verification 7 Feature Description and Implementation Use a POST or IP phone connected to the EGW1520 to call a phone number outside the enterprise. Verify that the call is set up successfully. Use a POST phone to call an IP phone that is connected to the same EGW1520 with the POST phone. Verify that the call is set up successfully. 7.3.2 FXO Port The topic describes the principle, specification, and limitation, and implementation for the FXO port on the EGW1520 in UC mode. Description Principle The EGW1520 provides four FXO ports used to connect to PSTN networks, allowing voice users on the EGW1520 to communicate with PSTN users. The EGW1520 provides an FXO port for connecting to the PSTN network. An external user dials the number that the PSTN carrier allocates to the FXO port to make an incoming call. An internal user dials the outgoing prefix and an external user's number to make an outgoing call through an FXO port. During an outgoing call, the EGW1520 functions as the PSTN landing gateway, implementing local outgoing calls and helping reduce toll call fees. The EGW1520 supports the switchboard, DDI, and dedicated line functions. By default, the switchboard function is enabled. Implementation for the Switchboard Figure 7-39 shows the application scenario for the switchboard. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 119 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Figure 7-39 Application scenario for the switchboard 7 Feature Description and Implementation The call process for the switchboard is as follows:

Outgoing call 1. An internal user dials the outgoing prefix for the FXO port (for example, 0571) and the number of an external user. 2. The SIP server at the headquarters determines the location of the number based on the outgoing prefix, and sends the outgoing prefix and the external user's number to the landing gateway in the corresponding branch. 3. The landing gateway in the branch automatically queries an idle non-dedicated FXO port for the user to make the outgoing call. A non-dedicated FXO port is a port for which the dedicated line is not configured. For details about the dedicated line, see Implementation for the Dedicated Line. 4. The external user answers the call. The number that the PSTN network carrier allocates to the FXO port is displayed to the called party. 5. One party hangs up the phone to end the call. Incoming call 1. An external user dials the number that the PSTN network carrier allocates to the FXO port, that is, the switchboard number. The external user hears an announcement, for example, "Thanks for calling XX company. Please dial the extension number. To query numbers, dial 9. End the number with a pound key."

Issue 01 (2012-05-15) Huawei Proprietary and Confidential 120 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation 2. The external user dials an extension number (internal number of any internal user) or dials 9 (to connect to the preset attendant number) as prompted, and presses the pound key (#). If the extension number does not belong to the branch where the switchboard is located, the EGW1520 sends the number to the SIP server at the headquarters. The SIP server at the headquarters automatically queries the corresponding internal user. 3. The internal user or attendant answers the call. 4. One party hangs up the phone to end the call. Implementation for the DDI The DDI binds an internal user to an FXO port. When an external user makes an incoming call to the internal user through the FXO port, the call is directly connected to the internal user. After the DDI is configured for an FXO port, other users can still make outgoing calls through the FXO port. Figure 7-40 shows the application scenario for the DDI. Figure 7-40 Application scenario for the DDI A DDI user can be bound to an FXO port in the same branch or in another branch as shown in Figure 7-40. The call process for the DDI is as follows:

Outgoing call 1. An internal user dials the outgoing prefix for the FXO port (for example, 0571) and the number of an external user. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 121 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation 2. The SIP server at the headquarters determines the location of the number based on the outgoing prefix, and sends the outgoing prefix and the external user's number to the landing gateway in the corresponding branch. 3. The landing gateway in the branch automatically queries an idle non-dedicated FXO port for the user to make the outgoing call. A non-dedicated FXO port is a port for which the dedicated line is not configured. For details about the dedicated line, see Implementation for the Dedicated Line. 4. The external user answers the call. The number that the PSTN network carrier allocates to the FXO port is displayed to the called party. 5. One party hangs up the phone to end the call. Incoming call 1. An external user dials the number that the PSTN network carrier allocates to the FXO port. 2. The phone of the DDI user bound to the FXO port (for example, internal user 1 in Figure 7-40) rings. 3. The DDI user answers the call. 4. One party hangs up the phone to end the call. Implementation for the Dedicated Line The dedicated line binds an internal user to an FXO port and sets the FXO port to be a dedicated port. When an external user makes an incoming call to the internal user through the FXO port, the call is directly connected to the internal user. Only the internal user can use the FXO port to make outgoing calls. Figure 7-41 shows the application scenario for the dedicated line. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 122 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Figure 7-41 Application scenario for the dedicated line A dedicated user can be bound an FXO port in the same branch or in another branch as shown in Figure 7-41. The call process for the dedicated line is as follows:

Outgoing call If the external user and the FXO port that the dedicated user is bound to are not in the same branch, the call process is similar to that for the switchboard. For details, see Flow of Outgoing Calls Through the Switchboard. If the external user and the FXO port that the dedicated user is bound to are in the same branch, the call process is as follows:

1. A dedicated user (for example, internal user 1 in Figure 7-41) dials the FXO outgoing prefix (configurable, for example, 0) and an external user's number. 2. The SIP server at the headquarters sends the outgoing prefix and the external user's number to the landing gateway in the branch where the FXO port bound to the dedicated user is located. 3. The EGW1520 automatically queries the FXO port bound to the user for the user to make the outgoing call. If the bound FXO port is unavailable (for example, no phone line is connected to the FXO port), the EGW1520 automatically queries a non-dedicated idle FXO port for the user to make the outgoing call. 4. The external user answers the call. The number that the PSTN network carrier allocates to the FXO port is displayed to the called party. 5. One party hangs up the phone to end the call. Incoming call Issue 01 (2012-05-15) Huawei Proprietary and Confidential 123 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation 1. An external user dials the number that the PSTN network carrier allocates to the FXO port. 2. The phone of the dedicated user bound to the FXO port (for example, internal user 1 in Figure 7-41) rings. 3. The dedicated user answers the call. 4. One party hangs up the phone to end the call. Specification Four FXO ports.. Limitation The FXO port supports only the one-stage dialing mode. Each FXO port allows one user to make an outgoing or incoming call through the FXO port at the same time. Configuring an Outgoing Prefix This topic describes how to configure an outgoing prefix for the FXO port on the EGW1520. After the outgoing prefix is configured, an intra-office user can dial the outgoing prefix and the number of an outer-office user to make an outgoing call through the FXO port. Prerequisite Principle You have logged in to the web management system. For details, see 7.7.1 Web Management. The outgoing call prefix must match the outgoing call prefix configured on the SIP server at the central node. Based on whether the SIP server at the center node deletes the outgoing prefix, the outgoing prefix configuration is classified into the following modes. For details about the configuration modes, contact the IT administrator at the enterprise headquarters. The SIP server at the central node does not delete the outgoing prefix. Configure an outgoing prefix (such as 0571) for each branch to identify the area where a branch is located. The outgoing prefix for each branch must be unique. For e xample, the outgoing prefixes of branch A and branch B are 0571 and 0755 respectively. If user D dials 057112345678, the SIP server at the headquarters determines that the number belongs to branch A according to the prefix and sends the number 057112345678 to the EGW1520 at branch A. The SIP server at the central node deletes the outgoing prefix. Configure at least two outgoing prefixes for each branch. One prefix identifies the area where the branch is located and the other prefix is the same as a prefix on the SIP server at the central node. For example, the outgoing prefixes of branch A are 0571 and 0. When user D dials 057112345678, the SIP server at the headquarters receives the number, deletes the prefix 0571, adds the new prefix 0, and sends the new number 012345678 to the EGW1520 at branch A. Procedure Step 1 On the web management system, choose Voice > FXO Configuration. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 124 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Step 2 Click

. The page shown in Figure 7-42 is displayed. Figure 7-42 Configuring an outgoing prefix for the FXO port Step 3 Set parameters according to Table 7-14. Table 7-14 FXO prefix parameters Parameter Description Prefix Outgoing prefix for the FXO port. The value is a number of 1 to 30 digits. An intra-office user can dial the outgoing prefix to make an outgoing call through the FXO port. For details, see Description. NOTE A maximum of 16 outgoing prefixes can be configured for the FXO port on the EGW1520. The outgoing prefix must not conflict with internal numbers and emergency numbers. Once an outgoing prefix plus an outer-office number are the same as an internal number, the call will fail to be made towards the outer-office user. Instead, the internal user is connected. Property Remove: The outgoing prefix is deleted for outgoing calls. Retain: The outgoing prefix is not deleted for outgoing calls. This mode is applicable to the situation where the outgoing prefix is the same as the first digit in the outer-office number. NOTE The number that the PSTN network carrier allocates to the FXO port is displayed to the called party. Step 4 Click to save the settings.

----End Issue 01 (2012-05-15) Huawei Proprietary and Confidential 125 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Verification 7 Feature Description and Implementation Step 1 An internal user dials the outgoing prefix for the FXO port (for example, 0571) and the number of an external user. Step 2 The external user answers the call.

----End Verify that the call is set up successfully; otherwise, check the configuration. Configuring the Switchboard This topic describes how to configure the switchboard on the EGW1520. Prerequisite Background You have logged in to the web management system. For details, see 7.7.1 Web Management. For details about the application scenario and call process for the switchboard, see Description. The switchboard function conflicts with the DDI and dedicated line functions. If the DDI or dedicated line function is enabled, choose Voice > FXO Configuration and delete the binding number on the FXO Toggle tab page before configuring the switchboard function. By default, the switchboard function is enabled on the EGW1520. The following only describes how to configure attendant numbers. If you do not need to configure attendants, skip the following steps. Default voice prompts are loaded on the EGW1520 before delivery. To customize voice prompts, see Customizing Voice Prompts for the Switchboard. Procedure If you want to make an outgoing call, configure an outgoing prefix when you configure the switchboard. For the configuration method, see Configuring an Outgoing Prefix. Step 1 On the web management system, choose Voice > FXO Configuration. Step 2 Click the Operator Configure tab. The page shown in Figure 7-43 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 126 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Figure 7-43 Configuring an attendant Step 3 Click

. The page shown in Figure 7-44 is displayed. Figure 7-44 Selecting a user Step 4 Select an internal number as the attendant number, and click

. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 127 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Step 5 Click to save the settings.

----End Verification Verification Incoming call Incoming call Step 1 An outer-office user dials the number that the PSTN network carrier allocates to the FXO port, that is, the switchboard number. Step 2 The outer-office user dials an extension number (internal number) or dials 9 (to connect to the preset attendant number) as prompted, and presses the pound key (#). Step 3 The intra-office user or attendant answers the call.

----End Verify that the call is set up successfully; otherwise, check the configuration. Outgoing call Outgoing call Step 1 An internal user dials the outgoing prefix for the FXO port (for example, 0) and the external user number. Step 2 The external user answers the call.

----End Verify that the call is set up successfully; otherwise, check the configuration. Verify that the call is set up successfully; otherwise, check the configuration. Configuring the DDI and Dedicated Line This topic describes how to configure the DDI and dedicated line on the EGW1520. Prerequisite Background You have logged in to the web management system. For details, see 7.7.1 Web Management. For details about the application scenario and call process for the DDI and dedicated line, see Description. The priority of the DDI or dedicated line is higher than that of the switchboard. When the DDI or dedicated line is configured, the switchboard automatically becomes invalid. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 128 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Procedure 7 Feature Description and Implementation If you want to make an outgoing call, configure an outgoing prefix when you configure the DDI and dedicated line. For the configuration method, see Configuring an Outgoing Prefix. Step 1 On the web management system, choose Voice > FXO Configuration from the navigation tree. Step 2 Click the FXO Toggle tab. The page shown in Figure 7-45 is displayed. Figure 7-45 Configuring the FXO binding number Step 3 Select the FXO port you want to configure, set parameters according to Table 7-15. Table 7-15 Configuring the DDI and dedicated line Parameter Toggle Number Private Line Description Internal number bound to the FXO port, which can be an internal number in the local or other branch. Indicates whether to enable the dedicated line function. Step 4 Click to save the settings. Verification

----End Incoming call Step 1 An external user dials the number that the PSTN network carrier allocates to the FXO port. Step 2 The phone of the internal user whose number is bound to the FXO port rings. Step 3 The internal user answers the call. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 129 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation

----End 7 Feature Description and Implementation Verify that the call is set up successfully; otherwise, check the configuration. Outgoing call Step 1 An internal user dials the outgoing prefix for the FXO port (for example, 0) and the external user number. Step 2 The external user answers the call.

----End Verify that the call is set up successfully; otherwise, check the configuration. 7.3.3 Power-off Survival The FXO1 port of the EGW1520 can be used as a power-off survival port. When the EGW1520 is powered off, the analog phone connected to the PHONE port can be connected to the PSTN through the FXO1 port. Principle and Implementation When the EGW1520 is powered off, the PHONE port automatically connects to the FXO1 port. Generally, the EGW1520 power-off survival function is available once the cables are connected. You do not need to configure the function on the web management system. The cables are connected as follows:

The FXO1 port on the EGW1520 has been connected to the PSTN. An analog phone has been connected to the PHONE port on the EGW1520. When the EGW1520 is powered off, it automatically connects the analog phone connected to the PHONE port to the PSTN, as shown in Figure 7-46. Figure 7-46 Power-off survival Issue 01 (2012-05-15) Huawei Proprietary and Confidential 130 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation When the power-off survival function is enabled, the number of the analog phone connected to the PHONE port changes from the external number to the FXO1 port number, and the dialing rule changes from the EGW1520 dialing rule to the PSTN dialing rule. After the power-off survival function is enabled, the ongoing call does not end after the EGW1520 powers on again, but the voice services cannot be used until the call ends. After the power-off survival function is enabled, the FXO switchboard, DDI, and dedicated line functions cannot be used. To verify that the power-off survival function is enabled, perform the following steps:

1. Cut the power supply of the EGW1520. 2. Use an analog phone that is connected to the PHONE port to call an external number. If the call is connected, the power-off survival function is enabled. If the call is disconnected, check the connections between the PHONE port and the analog phone, and between the EGW1520 FXO1 port and the PSTN. Specification Limitation One PSTN Power-off survival port. The Power-off survival function is available only when a power off occurs. Only the Analog Phone that connects to the PHONE port supports Power-off survival function. 7.3.4 Fax Service The EGW1520 supports fax service. Fax is a form of telegraphy for the transmission of fixed images with a view to their reproduction in a permanent form. In ITU-RV.662, faxing is defined as a form of telecommunication for the reproduction at a distance of graphic documents in the form of other graphic documents geometrically similar to the original. Description This topic describes the principle, implementation, specification, and limitation of the fax service. By transmission rate, faxes are divided into low-speed faxes (<= 14.4 kbit/s) and high-speed faxes (> 14.4 kbit/s). Low-speed faxes on an IP network are divided into transparently transmitted faxes (using G.711A or G.711u) and T.38 faxes. High-speed faxes, however, can only use G.711A or G.711u featuring low compression rate due to the requirement for high quality. The EGW1520 supports T.38 and transparent fax. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 131 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Principle 7 Feature Description and Implementation The fax service establishes a voice channel and switches the voice channel to a fax channel, including the IP address, port, codec, and channel types (audio, fax, and data). The voice channel is switched to a fax channel after the access device detects fax signals. The access device checks fax signals to determine whether the current fax is a high-speed or low-speed fax, and then delivers the fax signals to the NGN or IMS. The EGW1520 supports T.38 and transparent fax. Transparent fax: Fax signals are transmitted transparently as G.711 packets. G.711 faxes feature low delay and simple implementation, but they occupy a high bandwidth (fixed at 64 kbit/s) and are easily affected by network conditions. Therefore, G.711 faxes are recommended on a good network condition and not recommended when network jitter or packet loss frequently occur. G.711 faxes are applicable to high-speed and low-speed faxes. T.38 fax: T.30 fax signals are converted to T.38 packets for transmission on a packet switching network. T.38 faxes occupy a low bandwidth, provide high reliability with redundant frames and forward error checking (FEC), and are slightly affected by the network condition. However, the implementation is complicated. T.38 faxes are applicable only to low-speed fax services due to delay generated by the packet switching network. Implementation EGW1520 internal faxing The EGW1520 can access a fax machine through an FXS port. When two internal fax machines communicate with each other, the SIP server at the central center controls the fax call process. Figure 7-47 shows the network diagram. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 132 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Figure 7-47 EGW1520 internal faxing The SIP server at the central node controls call signaling. The EGW1520 detects fax signals. The process for making a fax call is similar to that for making a call between two internal phones. After a call is made, the EGW1520 checks the fax signals and negotiates with the called and calling users about the fax media information. After the negotiation is successful, the voice channel is switched to the fax channel. Then the fax call is established. After the fax call is complete, the EGW1520 detects the fax ending signals and switches to the voice channel. EGW1520 external faxing When an internal fax machine communicates with an external fax machine, the fax service can be implemented through FXO ports or softswitch. The SIP server at the central node controls the external fax call process implemented through FXO ports. The softswitch

(IMS/NGN) controls the external fax call process implemented through the softswitch. Figure 7-48 shows the network diagram when the softswitch is used. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 133 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Figure 7-48 EGW1520 external faxing 7 Feature Description and Implementation The NGN or IMS controls call signaling. The EGW1520 detects fax signals and encodes and decodes IP voice packets. After a fax call is established, fax media streams are transmitted over an IP network. The process for making a fax call is similar to that for making a call between an internal phone and an external phone. After the fax call is complete, the EGW1520 detects the fax ending signals and sends them to the NGN or IMS. The NGN or IMS negotiates with the calling and called users about the fax media information. After the negotiation is successful, the EGW1520 switches to the fax channel according to the NGN or IMS's signaling to establish a fax call. After the fax call is complete, the EGW1520 detects the fax ending signals and sends them to the NGN or IMS. Then the NGN or IMS switches to the voice channel. Specification Standards supported by fax service:

One FXS ports for fax machines T.30 T.38 V.17/V.21/V.27/V.29/V.34 Limitation N/A Issue 01 (2012-05-15) Huawei Proprietary and Confidential 134 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Configuring the Fax Service 7 Feature Description and Implementation Generally, the EGW1520 faxing function is available once the cables are conne cted, you do not need to configure the function on the web management system. This topic describes how to set the advanced parameters for faxing. Prerequisites You have logged in to the web management system. For details, see 7.7.1 Web Management. Configuring the Priority Step 1 On the web management system, choose Voice > Voice Parameters from the navigation tree. Step 2 Click the DSP tab. The page shown in Figure 7-49 is displayed. Figure 7-49 DSP tab page Issue 01 (2012-05-15) Huawei Proprietary and Confidential 135 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Step 3 Set parameters according to Table 7-16. Table 7-16 DSP parameters Parameter Description Codec DSP codec type. If multiple options are selected, the system sends messages based on the specified codec rank. By default, all options are selected. NOTE Compared with other codec types, G729, G726, and G722 consume more DSP resources. Codec Ptime (ms) For each codec type, you can change the duration of packaging voice streams to 10 ms, 20 ms, or 30 ms. The default value is 20 ms. Echo Cancellation Indicates the echo cancellation switch. The options are Enable and Disable, and the default value is Enable. The high-speed transparent transmission mode has the echo processing mechanism. You are advised to disable the echo cancellation function for the high-speed transparent transmission mode and enable this function for low-speed transparent transmission mode. Enable Silence Suppress Indicates the silence suppression switch. The options are Enable and Disable. The default value is Enable, which indicates that the system sends silence packets if no voice packet is available. Receive Gain (dB) Indicates the receiving gain of DSP chips. The value ranges from 14 to 6. The default value is 0. Send Gain (dB) Indicates the sending gain of DSP chips. The value ranges from 14 to 6. The default value is 0. Fax Prior Mode Indicates the fax transmission mode. The options are as follows:

T38: Only T38 is supported. VBD: Only voice band data (VBD) is supported. T38-VBD: Both T38 and VBD are supported, and T38 has a higher priority. VBD-T38: Both T38 and VBD are supported, and VBD has a higher priority. The default value is VBD-T38. Media Negotiation Mode Indicates the priority used in media negotiation. Prefer remote codec: During media negotiation, the codec priority at the remote end is preferred. Prefer local codec: During media negotiation, the codec priority at the local end is preferred. The default value is Prefer remote codec. DTMF Transfer Mode Indicates the transmission mode in a session. RFC2833: RFC2833 transmission mode. Transfer: transparent transmission mode. Dialing tones are Issue 01 (2012-05-15) Huawei Proprietary and Confidential 136 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Parameter Description transmitted transparently as voice signals. The default value is RFC2833. VBD Mode Indicates the codec type for transparent transmission. The options are G711A and G711U, and the default value is G711A. Step 4 Click to save the settings.

----End Viewing T38 Fax Parameters Step 1 On the web management system, choose Voice > Voice Parameters from the navigation tree. Step 2 Click the T38 tab. The page shown in Figure 7-50 is displayed. Figure 7-50 T38 tab page Step 3 Set parameters according to Table 7-17. Table 7-17 T.38 fax parameters Parameter Description Fax Rate UDPEC Indicates the faxing rate mode. Value transferredTcf indicates remote training mode. Indicates the UDP redundancy correction capability. The EGW1520 supports t38udpredundancy. If the redundancy correction capability is carried in fax negotiation signals, the EGW1520 uses the redundancy technology to send T38 data when the peer end also supports redundancy. Max Rate Indicates the maximum faxing rate. If the maximum faxing rate at the peer end is smaller than that at the local end, use the smaller Issue 01 (2012-05-15) Huawei Proprietary and Confidential 137 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Parameter Description one; otherwise, use the value of this parameter. Transport Protocol Indicates the transmission protocol. The EGW1520 supports UDP.

----End 7.3.5 Voice Parameters This topic describes how to set voice parameters. Only network administrators can change the parameter settings. To ensure the normal running of the EGW1520, you are advised to use the default settings. Prerequisites You have logged in to the web management system. For details, see 7.7.1 Web Management. Configuring the Region On the Region tab page, specify analog phone standards in different countries. Dialing tones and signal tone frequency vary according to area and country. Configure the parameters based on requirement. Step 1 On the web management system, choose Voice > Voice Parameters from the navigation tree. The page shown in Figure 7-51 is displayed. Figure 7-51 Region tab page Issue 01 (2012-05-15) Huawei Proprietary and Confidential 138 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Step 2 Set parameters according to Table 7-18. Table 7-18 Region parameters Parameter Description Current Country Country name. Slic Gain RX (dB) Receiving gain of an analog phone. The value ranges from -12 dB to +6 dB. Slic Gain TX (dB) Sending gain of an analog phone. The value ranges from -12 dB to

+6 dB. FlashHook Max (ms) Maximum interval for pressing the hook flash button. The value ranges from 0 to 1000, in milliseconds. If the hook flash button is not pressed within the duration specified by this parameter, the call will end. FlashHook Min (ms) Minimum interval for pressing the hook flash button. The value ranges from 0 to 1000, in milliseconds. If the interval is smaller than the value of this parameter, the hook flash operation does not take effect. OnHook Min (ms) Minimum interval for confirming hang-up. The value ranges from 0 to 2000, in milliseconds. If the hang-up interval is smaller than the value of this parameter, the hang-up operation does not take effect. OffHook Min (ms) Minimum interval for confirming pickup. The value ranges from 0 to 2000, in milliseconds. If the pickup interval is smaller than the value of this parameter, the pickup operation does not take effect. Step 3 Click to save the settings.

----End Configuring the DSP On the DSP tab page, configure voice quality information about DSP chips, such as codec type, noise and echo cancellation, silence suppression, and gains. Step 1 On the web management system, choose Voice > Voice Parameters from the navigation tree. Step 2 Click the DSP tab. The page shown in Figure 7-52 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 139 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Figure 7-52 DSP tab page 7 Feature Description and Implementation Step 3 Set parameters according to Table 7-19. Table 7-19 DSP parameters Parameter Description Codec DSP codec type. If multiple options are selected, the system sends messages based on the specified codec rank. By default, all options are selected. NOTE Compared with other codec types, G729, G726, and G722 consume more DSP resources. Codec Ptime (ms) For each codec type, you can change the duration of packaging voice streams to 10 ms, 20 ms, or 30 ms. The default value is 20 ms. Echo Cancellation Echo cancellation switch. The options are Enable and Disable, and the default value is Enable. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 140 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Parameter Description Enable Silence Suppress Silence suppression switch. The options are Enable and Disable. The default value is Enable, which indicates that the system sends silence packets if no voice packet is available. Receive Gain (dB) Receiving gain of DSP chips. The value ranges from -14 to 6. The default value is 0. Send Gain (dB) Sending gain of DSP chips. The value ranges from -14 to 6. The default value is 0. Fax Prior Mode Fax transmission mode. The options are as follows:

T38: Only T38 is supported. VBD: Only voice band data (VBD) is supported. T38-VBD: Both T38 and VBD are supported, and T38 has a higher priority. VBD-T38: Both T38 and VBD are supported, and VBD has a higher priority. The default value is VBD-T38. Priority used in media negotiation. Prefer remote codec: During media negotiation, the codec priority at the remote end is preferred. Prefer local codec: During media negotiation, the codec priority at the local end is preferred. The default value is Prefer remote codec. Media Negotiation Mode DTMF Transfer Mode Transmission mode in a session. RFC283: RFC2833 transmission mode. Transfer: transparent transmission mode. Dialing tones are transmitted transparently as voice signals. The default value is RFC2833. VBD Mode Codec type for transparent transmission. The options are G711A and G711U, and the default value is G711A. Step 4 Click to save the settings.

----End Configuring RTP On the RTP tab page, set the parameters used for playing voices on analog phones such as the maximum and minimum media port numbers. Step 1 On the web management system, choose Voice > Voice Parameters from the navigation tree. Step 2 Click the RTP tab. The page shown in Figure 7-53 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 141 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Figure 7-53 RTP tab page 7 Feature Description and Implementation Step 3 Set parameters according to Table 7-20. Table 7-20 RTP parameters Parameter Description Min UDP Port Max UDP Port Minimum media port number used for playing voices on analog phones. Maximum media port number used for playing voices on analog phones. DTMF (RFC2833) Whether RFC2833 is used for encryption. The options are Enable and Disable. Payload Type: payload for RFC2833 used for encryption. The value must be unique on the EGW1520. It is recommended that you set this parameter to the payload type of the softswitch. If the parameter value is different from that on the softswitch, call connections may fail to be set up. Whether to enable the RTCP function. The options are Enable and Disable. The default value is Disable. RTCP After changing the UDP port number, restart the device to make the configuration take effect. Step 4 Click to save the settings.

----End Issue 01 (2012-05-15) Huawei Proprietary and Confidential 142 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Viewing T38 Fax Parameters 7 Feature Description and Implementation On the T38 tab page, you can view T.38 fax parameters. Step 1 On the web management system, choose Voice > Voice Parameters from the navigation tree. Step 2 Click the T38 tab. The page shown in Figure 7-54 is displayed. Figure 7-54 T38 tab page Step 3 Set parameters according to Table 7-21. Table 7-21 T38 fax parameters Parameter Description Fax Rate UDPEC Max Rate Faxing rate mode. Value transferredTcf indicates remote training mode. UDP redundancy correction capability. The EGW1520 supports t38udpredundancy. If the redundancy correction capability is carried in fax negotiation signals, the EGW1520 uses the redundancy technology to send T38 data when the peer end also supports redundancy. Maximum faxing rate. If the maximum faxing rate at the peer end is smaller than that at the local end, use the smaller one; otherwise, use the value of this parameter. Transport Protocol Transmission protocol. The EGW1520 supports UDP.

----End Configuring SIP On the SIP tab page, configure the timeout interval for local SIP users to register with the EGW1520. Step 1 On the web management system, choose Voice > Voice Parameters from the navigation tree. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 143 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Step 2 Click the SIP tab. The page shown in Figure 7-55 is displayed. Figure 7-55 SIP tab page 7 Feature Description and Implementation Step 3 Set parameters according to Table 7-22. Table 7-22 SIP parameters Parameter Description SIP Register Expire

(s) Timeout interval for local SIP users to register with the EGW1520. Min: Minimum timeout interval for local SIP users to register with the EGW1520. The default value is 120. Max: Maximum timeout interval for local SIP users to register with the EGW1520. The default value is 3600. Local Subscribe Expire (s) Timeout interval for local SIP users to subscribe to a service (such as voice message and voice mailbox) with the EGW1520 Min: Minimum timeout interval for local SIP users to subscribe to a service with the EGW1520. The default value is 120. Max: Maximum timeout interval for local SIP users to subscribe to a service with the EGW1520. The default value is 3600. Network Subscribe Expire (s) Default timeout interval for the EGW1520 to subscribe to a service with the NGN or IMS. SIP Session Timer Whether to use the session timer. The session timer is disabled by default. When the session timer is enabled, the two parties can check the conversation status using the update or reinvite signaling. Step 4 Click to save the settings.

----End Issue 01 (2012-05-15) Huawei Proprietary and Confidential 144 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Configuring SIP ALG 7 Feature Description and Implementation On the SIP ALG tab page, configure SIP servers in an outer office. Step 1 On the web management system, choose Voice > Voice Parameters from the navigation tree. Step 2 Click the SIP ALG tab. The page shown in Figure 7-56 is displayed. Figure 7-56 SIP ALG tab page Step 3 Set parameters according to Table 7-23. Table 7-23 SIP ALG parameters Parameter Description Server port Master: Port number used by the active SIP server to send and receive packets. Slave: Port number used by the standby SIP server to send and receive packets. Extended: Extended port number used by the SIP ALG to send and receive packets. RTP port Min: Minimum media port that can be used by the RTP server. Max: Maximum media port that can be used by the RTP server. Step 4 Click to save the settings.

----End Issue 01 (2012-05-15) Huawei Proprietary and Confidential 145 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation 7.4 Voice(Common Mode) EGW1520 can function as a SIP trunk access device or a small-scale Internet protocol-private branch exchange (IP-PBX). It provides basic voice services and supplementary services. 7.4.1 Voice Access and IP PBX This topic describes the SIP trunk access and IP-PBX functions of EGW1520. Description The EGW1520 is deployed at the headquarters of an enterprise to connect to IADs, fax machines, IP phones, multimedia soft terminals, and WiFi terminals to implement voice user registration, call control, and protocol processing and provide rich voice services for enterprise users. In addition, the EGW1520 can work as a SIP trunk device to register users with the softswitch (NGN/IMS) and cooperate with the softswitch to process SIP signaling interaction, so that enterprise users can use services provide by the softswitch. Working Principle (SIP Trunk) A SIP trunk is a SIP link between a SIP trunk device and the SIP server. When an intra-office user calls an outer-office user, the SIP trunk device sends a message to the SIP server through the trunk. Then, the SIP server responds to the message and sets up the call between the two users. All the signaling and media streams between the SIP trunk and SIP server are transmitted over an IP network. SIP trunks usually function in the following modes:

Registration mode The IP address of the SIP server is configured on the SIP trunk device. The SIP trunk device sends a SIP REGISTER registers to the SIP server to create a dynamic SIP trunk link. Static mode A SIP trunk device and a SIP server are equivalent NEs. The static IP address of the device is configured on the server and the static IP address of the server is configured on the device. A static SIP trunk is created between the device and the server. As a SIP trunk device, the EGW1520 supports the SIP trunk in registration mode. Intra-office calls are processed by the EGW1520. When there are outer-office calls, the EGW1520 cooperates with the softswitch (IMS/NGN) through the SIP trunk to process the SIP signaling interaction. Figure 7-57 shows the networking where the EGW1520 functions as a SIP trunk device. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 146 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Figure 7-57 Connecting to the IMS/NGN through a SIP trunk EGW1520's registration and calling process is as follows:

1. The EGW1520 uses SIP Trunk to send a registration request to the softswitch

(NGN/IMS). the softswitch (NGN/IMS) processes the registration request. If the authentication is successful, the softswitch (NGN/IMS) sends the success notification to the EGW1520. If the authentication fails, the softswitch (NGN/IMS) sends the failure notification to the EGW1520. When the registration is successful, EGW1520's SIP users can make or receive calls. 2. When an intra-office user makes a call, the EGW1520 analyzes the called number. If the called user is an intra-office user, the EGW1520 enables the called user's Analog phone to ring or sends a SIP message to the called user's SIP phone. The softswitch (NGN/IMS) does not process SIP messages for intra-office calls. If the called user is an outer-office user, the EGW1520 sends SIP requests to the softswitch (NGN/IMS). The EGW1520 cooperates with the softswitch to process the SIP signaling interaction. The called and calling users of a intra-office call are connected to the same the EGW1520. The called and calling users of an inter-office call are connected to different EGW1520s. 3. When receiving a call, the EGW1520 analyzes the called number. If the called user belongs to the EGW1520, the EGW1520 enables the called user's Analog phone to ring or sends a SIP message to the called user's SIP phone. If the called user is using a SIP phone, the EGW1520 also sends a SIP response to the peer device. If the called user does not belong to the EGW1520, the call fails and the EGW1520 sends a SIP response to the peer device. Working Principle (IP-PBX) When the EGW1520 connects to the PSTN as an IP-PBX, it implements call control, protocol processing, and voice functions on its own. Outgoing calls are made through FXO ports of the EGW1520. Figure 7-58 shows the network diagram when the EGW1520 functions as an IP-PBX. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 147 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Figure 7-58 IP-PBX network diagram 7 Feature Description and Implementation The EGW1520 allocates numbers to POTS and SIP users. Each number is unique. The EGW1520 can accept SIP users' registration. When receiving a registration request from a SIP user, the EGW1520 authenticates the SIP user. If the authentication is successful, the EGW1520 sends the success notification to the SIP user. If the authentication fails, the EGW1520 sends the failure notification to the SIP user. When the registration is successful, EGW1520's SIP users can make or receive calls. POTS users who are allocated numbers by the EGW1520 do not require registration. The registration is successful after pots users allocate numbers. The EGW1520 analyzes the called number when an intra-office user initiates a call. If the call is an inter-office call call and the prefix of the called number matches the outgoing call prefix range configured on the EGW1520, the call is made through an FXO port. If the call is an intra-office call, the EGW1520 enables the user's POTS phone to ring or sends an SIP message to the user's SIP phone or soft terminal. The EGW1520 process calls made between intra-office users. When the EGW1520 receives a call from an outer-office user, it analyzes the called number. If the called user connects to the EGW1520, the EGW1520 enables the called user's POTS phone to ring or sends a SIP message to the called user's SIP phone or soft terminal. If the called user is not connected to the EGW1520, the call fails and EGW1520 sends a response to the calling user through the SIP server. Specification A maximum of 20 SIP users. One FXS port, connecting to one POTS user. A maximum of 8-channel users (SIP users and POTS users) can simultaneously initiate calls. Standards supported by voice service:

Issue 01 (2012-05-15) Huawei Proprietary and Confidential 148 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation G.711 A, G.711 u, G.729, G.726, and G.722 SIP (RFC 32613265) SIP Session Timers (RFC 4028) SDP (RFC 2327) RTP or RTCP RFC 2833 Limitation For details, see Service Conflicts. Adding Voice Users Prerequisite The EGW1520 provides the IP private branch exchange (PBX) function. This function enables internal phones (analog phones and IP phones) to connect to each other. The EGW1520 can also serve as an agent to register users with the IP Multimedia Subsystem

(IMS) or Next Generation Network (NGN) so that users can call external parties. You have logged in to the web management system. For details, see 7.7.1 Web Management. The EGW1520 has connected to the uplink network. For details, see 7.2 Connection Modes. You have configured the LAN information on the EGW1520. For details, see Configuration. Example Network Plan Example The following assumes that the EGW1520 is connected to the IMS, as shown in Figure 7-59. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 149 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Figure 7-59 EGW1520 network 7 Feature Description and Implementation Analog phones are connected to the PHONE ports of the EGW1520, and IP phones are connected to the EGW1520 through the switch. You can also use network cables to connect IP phones to LAN ports of the EGW1520. Data Plan Example Table 7-24 shows the user number plan. Table 7-24 Number plan example Phone Type/Port Internal No External No Registratio n Group Analog phone/PHONE IP phone/LAN2 (through the switch) IP phone/LAN2 (through the switch) 7100 8100 8101 008675599997100 008675599998100 008675599998101 0 1 1 Parameters in Table 7-24 are described as follows:

Phone Type/Port: Analog phones use ports PHONE, and IP phones use logic ports on the EGW1520 by using IP addresses. Internal No: This parameter is user-defined and configured on EGW1520 for making internal calls. External No: The parameter value is determined by the network carrier. In this example, the format of the calling number sent to the IMS is country code+area code+phone number. Registration Group: This parameter is specified by the EGW1520 administrator. The EGW1520 registers external numbers with the IMS or NGN in groups. Each external number must belong to a registration group. If numbers are registered with the IMS, Issue 01 (2012-05-15) Huawei Proprietary and Confidential 150 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation multiple numbers can be in the same registration group. If numbers are registered with the NGN, each number is in a unique registration group. Table 7-25 lists registration information on the IMS or NGN. Table 7-25 Registration information on the IMS or NGN Registration Information Example SIP Server Address Type: IP IP Domain: 192.169.10.90 Server Type: IMS SIP Group RegisterType: Group Authentication: MD5 Password: egw Sip Trunk ID: +8675599997100. The value is provided by the carrier. Sip Trunk Name: +8675599997100. The value is provided by the carrier. IMS Domain: huawei Procedure Step 1 Configure the Session Initiation Protocol (SIP) server. 1. On the web management system, choose Voice > SIP Server from the navigation tree. 2. Click

. The page shown in Figure 7-60 is displayed. Figure 7-60 SIP Server tab page UC Mode is set to Disable before the device is delivered. The synchronized user data is cleared when the system changes from the UC mode to the common mode. 3. Set parameters according to Table 7-26. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 151 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Table 7-26 Parameter description (1) Parameter Description Working Mode Master: active server. The server that is added first is the active server. Slave: standby server. Recovery Whether to enable the failback function. When the active server fails, resources and services will be automatically switched to the standby server. If this function is enabled, resources and services will be automatically switched back to the original active server after the original active server has been recovered. OptionInterval Interval for sending the option messages to the active server. The value ranges from 10 to 900, in seconds. The default value 60 is recommended. NOTE The option messages are sent to the active server only, and therefore this parameter is valid only for the active server. Address Type Address type. The options are IP and Domain. IP/Domain DNS Type IP address or DNS domain name of the SIP server. The value is provided by the network carrier. Mode for the DNS server to parse the IP address. This parameter is valid when Address Type is set to Domain. SRV: A domain name is configured to parse multiple IP address. The two IP addresses with the highest priorities are the IP addresses of the active SIP server and standby SIP server. NOTE If you set DNS Type to SRV, you do not need to configure the standby SIP server. HOST: One domain name corresponds to one IP address. To perform switchover between the active and standby servers, two SIP servers need to be configured. Server Type SIP network type. The value is provided by the network carrier. Port Port number of the SIP server. The value is provided by the network carrier. The default value 5060 is recommended. Expiration Time Time when the registration period expires. The value is negotiated by the EGW1520 and the SIP server. The value ranges from 0 to 14400, in seconds. The default value 360 is recommended. 4. Click to save the settings. Step 2 Configure a registration group. User numbers use a registration group to register with the IMS or NGN. After a registration group is configured, intra-office user can make outgoing calls controlled by the softswitch. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 152 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation 1. On the web management system, choose Voice > SIP Server from the navigation tree. 2. Click the SIP Group tab. 3. Click

. The page shown in Figure 7-61 is displayed. Figure 7-61 SIP Group tab page 4. Set parameters according to Table 7-27. Table 7-27 Parameter description (2) Parameter Description Register Type Registration type. This parameter is specified by the peer SIP server. Single: Only one user can exist in the registration group. The value of Register Type is Single for the NGN network. Group: Multiple users can exist in the registration group. Wildcard: Wildcard registration group. This registration group registers with the IMS or NGN based on certain wildcard rules, which are provided by the network carrier. Authentication Authentication mode used when a registration group registers with the IMS or NGN. The value is provided by the network carrier. Password The value is provided by the network carrier. Sip Trunk ID The value is provided by the network carrier. Sip Trunk Name The value is provided by the network carrier. IMS Domain The value is provided by the network carrier. Expiration Time Time when the SIP group expires. The value is negotiated by the EGW1520 and the SIP server. The EGW1520 must be registered with the SIP server at least once before the expiration time to ensure that the SIP server can exchange information with the EGW1520. 5. Click to save the settings. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 153 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Step 3 Configure an analog phone. 7 Feature Description and Implementation 1. On the web management system, choose Voice > Phone Allocation. The page shown in Figure 7-62 is displayed. Figure 7-62 Configuring an analog phone 2. Click

. The page shown in Figure 7-63 is displayed. Figure 7-63 Setting analog phone parameters 3. Set parameters according to Table 7-28. Table 7-28 Parameter description (5) Parameter Description Port Port number used by the analog phone to access the EGW1520. Internal No The internal number is used for the calls between intra-office subscribers. The value is a number of 1 to 30 digits, which can be user-defined. It cannot conflict with any service prefixes, emergency numbers, outer-office numbers, or other intra-office numbers. NOTE Table 7-30 lists Ireland's and New Zealand's emergency numbers. User Name A string of 1-64 characters, which can be user-defined. For example, Jack. Registration Group Registration group ID that is used when a POTS phone registers with the IMS/NGN network. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 154 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Parameter Description NOTE External No Digitmap If the required registration group does not exist, choose Voice > SIP Server, and click the SIP Group tab to add it. External number for outgoing and incoming calls. The value is provided by the network carrier. This parameter is valid after you set the Registration Group parameter. The external number cannot conflict with any service prefixes, emergency numbers, outer-office numbers, or other intra-office numbers. NOTE Registration Group bound to External No must correspond to Sip Trunk ID. If Sip Trunk ID starts with +, you need to change + to 00 when you configure External No. Table 7-30 lists Ireland's and New Zealand's emergency numbers. A dialing rule, which determines whether the range and length of the dialed number comply with the dialing rule. This parameter is valid after you set the Registration Group parameter. The EGW1520 allows users to dial numbers that are defined in the digitmap to make calls quickly. If the dialed number length is the same as that defined in the digitmap, the EGW1520 stops collecting digits and initiates the call, which reduces the connection duration. To configure digitmaps, use either of the following methods:

Enter a single digitmap containing a maximum of 32 characters. Enter multiple digitmaps containing a maximum of 128 characters and separate them with vertical bars (|). The default digitmap is [XABCD*#].T|[XABCD*#][XABCD*].#. See Table 7-31. User State User status (read only). The options are as follows:

Idle: The user is registered and idle. Busy: The user is registered and busy. Locked: The user is locked. For example, the user picks up the phone and does not dial numbers within a certain period. Idle But Failed Register to IMS/NGN: Internal numbers are registered and idle, but external numbers failed to be registered. Busy But Failed Register to IMS/NGN: Internal numbers are registered and busy, but external numbers failed to be registered. 4. Click to save the settings. Step 4 Configure IP phones. You can use either of the following methods to add IP phones:

Add IP phones one by one Add IP phones in batches You are advised to add multiple IP phones in batches. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 155 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation To add IP phones one by one, proceed as follows:

1. On the web management system, choose Voice > Phone Allocation. 2. Click the IP Phone tab. 3. Click

. The page shown in Figure 7-64 is displayed. Figure 7-64 Configuring an IP Phone 4. Set parameters according to Table 7-29. Table 7-29 Parameter description (3) Parameter Internal No User Name Authentication Password Description The internal number is used for the calls between intra-office subscribers. The value is a number of 1 to 30 digits, which can be user-defined. It cannot conflict with any service prefixes, emergency numbers, outer-office numbers, or other intra-office numbers. NOTE Table 7-30 lists Ireland's and New Zealand's emergency numbers. A string of 1-64 characters, which can be user-defined. For example, Jack. Authentication mode used when a SIP user registers with the EGW1520. The value must be the same as that set on the SIP terminal. Authentication password used when a SIP user registers with the EGW1520. The value must be the same as that set on the SIP terminal. Registration Group Registration group ID that is used when an IP phone registers with the IMS/NGN network. NOTE If the required registration group does not exist, choose Voice > SIP Server, and click the SIP Group tab to add it. External No External number for outgoing and incoming calls. The value is provided by the network carrier. This parameter is valid after you Issue 01 (2012-05-15) Huawei Proprietary and Confidential 156 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Parameter Description Digitmap set the Registration Group parameter. The external number cannot conflict with any service prefixes, emergency numbers, outer-office numbers, or other intra-office numbers. NOTE Registration Group bound to External No must correspond to Sip Trunk ID. If Sip Trunk ID starts with +, you need to change + to 00 when you configure External No. Table 7-30 lists Ireland's and New Zealand's emergency numbers. A dialing rule, which determines whether the range and length of the dialed number comply with the dialing rule. This parameter is valid after you set the Registration Group parameter. The EGW1520 allows users to dial numbers that are defined in the digitmap to make calls quickly. If the dialed number length is the same as that defined in the digitmap, the EGW1520 stops collecting digits and initiates the call, which reduces the connection duration. To configure digitmaps, use either of the following methods:

Enter a single digitmap containing a maximum of 32 characters. Enter multiple digitmaps containing a maximum of 128 characters and separate them with vertical bars (|). The default digitmap is

[XABCD*#].T|[XABCD*#][XABCD*].#. Table 7-31 lists digitmap rules. User State User status. The options are as follows:

Fault: The user failed to be registered. Idle: The user is registered and idle. Busy: The user is registered and busy. Locked: The user is locked. For example, the user picks up the phone and does not dial numbers within a certain period. Idle But Failed Register to IMS/NGN: Internal numbers are registered and idle, but external numbers failed to be registered. Busy But Failed Register to IMS/NGN: Internal numbers are registered and busy, but external numbers failed to be registered. IP Address IP address of the IP phone on the LAN. Table 7-30 Emergency numbers in different countries Country China Ireland Emergency Call Numbers 110, 119 999, 112 Issue 01 (2012-05-15) Huawei Proprietary and Confidential 157 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Country Emergency Call Numbers New Zealand 111 Table 7-31 Digitmap rules Parameter Description 0-9, *, #, A, B, C, D Characters that can be dialed. X

. (dot) T

[]

X.T X.#

The parameter can be any number from 0 to 9. The parameter can be any value. Dialing timeout. For example, X.T indicates that the IAD considers that the dialing ends when the dialing times out after the user dials some digits. Subset of the matching characters. For example, [1-357-9]

indicates any number among 1, 2, 3, 5, 7, 8, and 9. If the user stops dialing digits and the dialing times out, the EGW1520 considers that the dialing ends. The EGW1520 considers that the dialing ends when the user presses the pound key (#). 5. Click to save the settings. To change the configuration of a saved IP phone, select the IP phone and reset it. To add IP phones in batches, proceed as follows:

1. On the web management system, choose Voice > Phone Allocation. 2. Click the IP Phone tab. 3. Click

. The page shown in Figure 7-65 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 158 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Figure 7-65 Adding IP phones in batches 4. Set parameters according to Table 7-32. Table 7-32 Parameter description (4) Parameter Internal No Increment Amount Description The internal number is used for the calls between intra-office subscribers. The value is a number of 1 to 30 digits, which can be user-defined. It cannot conflict with any service prefixes, emergency numbers, outer-office numbers, or other intra-office numbers. NOTE Table 7-30 lists Ireland's and New Zealand's emergency numbers. Number increasing step. Count of numbers. A maximum of 20 numbers can be configured. 5. Click

. 6. Set parameters according to Table 7-29. 7. Click to save the settings. Step 5 Register the IP phones with the EGW1520. Set IP addresses and internal numbers of the IP phones, and IP address of the SIP server

(EGW1520) to register the IP phones with the EGW1520. For details, see related IP phone manuals. IP phones support signaling encryption but cannot be set to the forced encryption mode. The forced encryption mode will affect the communication.

----End Issue 01 (2012-05-15) Huawei Proprietary and Confidential 159 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Verification Verify internal numbers. 7 Feature Description and Implementation Use the analog phone and IP phone to call each other by dialing internal numbers. Verify external numbers. Use an analog or IP phone and a mobile phone to call each other on the EGW1520. Use the analog phone and IP phone to call each other by dialing external numbers on the EGW1520. Enabling Voice Services A user can configure and use voice services only after the voice services are enabled. Context Procedure By default, the call hold, call transfer, Call Forwarding Unconditional (CFU), Call Forwarding on Busy (CFB), Call Forwarding on No Reply (CFNR), and Calling Line Identity Presentation (CLIP), Do not Disturb (DND), and call waiting services are enabled. Step 1 On the web management system, choose Voice > Service Manager from the navigation tree. The page shown in Figure 7-66 is displayed. Figure 7-66 Service Rights tab page (1) Step 2 Click

. The page shown in Figure 7-67 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 160 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Figure 7-67 Selecting a user 7 Feature Description and Implementation Step 3 Select a user number. Step 4 Click

. The page shown in Figure 7-68 is displayed. Figure 7-68 Service Rights tab page (2) Step 5 Select the services that you want to enable. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 161 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Step 6 Click

.

----End Configuring and Using Voice Services This topic describes how to use and configure voice services that are provided by the EGW1520.

?.1.Service Conflicts The EGW1520 supports multiple voice services which may conflict with each other. This topic describes the conflicts between services. Figure 7-69 shows the conflicts between services. Figure 7-69 Service conflicts Issue 01 (2012-05-15) Huawei Proprietary and Confidential 162 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Glossary shows complete service names. You cannot set conflicting services at the same time on the web management system.

?.2.Call Hold If a user configures the call holding service, the user can suspend a call and resume it as required. The call holding duration is not limited. Configuring the Service After enabling the call holding service, users can directly use it without configuration. Using the Service Assume that user A is an EGW1520's voice user. During a call with user B, user A can:

1. Press Hold or the hook flash button (for example, the R/Recall key) to suspend the call. User B hears the music-on-hold. 2. Press Hold or the hook flash button (for example, the R/Recall key) to resume the call. The operations may differ on IP phones of different models. For details, see the related IP phone user guide.

?.3.Call Transfer The call transfer service allows a user to quit a call in progress and transfer it to a third party. Configuring the Service After enabling the call transfer service, users can directly use it without configuration. Using the Service Assume that user A, an EGW1520 voice user who has enabled the call transfer service, is in a call with user B. User A wants to transfer the call to user C. When using an analog phone, user A can:

1. Press the hook flash button and dial user C's number after hearing a dialing tone. User B hears a waiting tone. 2. Select an operation from the following:

Hang up the phone directly. If user C is connected, user C's phone rings and user B hears the Ring Back Tone

(RBT). After picking up the phone, user C talks with user B. If user C cannot be connected, user B hears a busy tone. Hang up the phone after user C is connected. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 163 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation User C's phone rings and user B hears the RBT. After picking up the phone, user C talks with user B. Hang up the phone after user C answers the call. User B talks with user C. Talk with user B again. If user C is busy or does not respond, user A can press the hook flash button or wait 20 seconds to talk with user B again. When using an IP phone, user A can use one of the following modes:

Unattend mode 1. User A presses the transfer key, dials the user C's number, and presses the send key. User A's phone hangs up automatically, user B hears the RBT, and user C's phone rings. The process goes to step 2. If user C is disconnected, the conversation between user A and user B resumes. 2. User C picks up the phone and talks with user B. Attend mode In this mode, user A must use a SIP phone that supports multiple lines, for example, Polycom. 1. User A presses another idle line key (the indicator is off), for example, line 2. The conversation between user A and user B is held, and user B hears a waiting tone. 2. User A dials the user C's number and presses the send key. User A hears the RBT and user C's phone rings. The process goes to step 3. If user C is busy, user A hears a busy tone. After pressing the line key that connects to user B (line 1), user A resumes the conversation with user B. 3. User C picks up the phone and talks with user B. The conversation between user A and user C occupies another line (line 2 in the preceding example). 4. User A presses the transfer key, dials the user C's number, and presses the send key. User A's phone hangs up automatically, and user B talks with user C. Semi-attend mode In this mode, user A must use a SIP phone that supports multiple lines, for example, Polycom. The procedure for user A to transfer a call in semi-attend mode is similar to that of attend mode. The only difference lies in that step 4 does not exist. In semi-attend mode, when user A hears the RBT (indicating that user C is connected), the call is transferred to user C.

?.4.Call Forwarding Unconditional After a user enables and configures the Call Forwarding Unconditional (CFU) service, all calls to the user will be forwarded to a preset number. Precautions The CFU service conflicts with some other services. For details, see Service Conflicts. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 164 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Configuring the Service Web mode 7 Feature Description and Implementation Before configuring a service, ensure that the service has been enabled. For details on how to enable voice services, see Enabling Voice Services. By default, the CFU service is enabled. Step 1 On the web management system, choose Voice > Service Manager from the navigation tree. Step 2 Click the Service Configuration tab. The page shown in Figure 7-70 is displayed. Figure 7-70 Configure Service tab page (1) Step 3 Click

. The page shown in Figure 7-71 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 165 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Figure 7-71 Selecting a user 7 Feature Description and Implementation Step 4 Select a user number, and click

. The procedure varies according to whether you have configured any forwarding services before. Without forwarding services before With forwarding services before If you have not configured any forwarding services before, the page shown in Figure 7-72 is displayed after you click

. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 166 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Figure 7-72 Without forwarding services before (1) The procedure is as follows:

1. Click Apply. The page shown in Figure 7-73 is displayed. Figure 7-73 Without forwarding services before (2) 2. Select CFU and enter the forwarded-to number. 3. Click

. Figure 7-74 shows the configuration result. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 167 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Figure 7-74 Configuration result To modify service configurations, click Configure corresponding to the service. If you have configured forwarding services before, the page shown in Figure 7-75 is displayed . Figure 7-75 With forwarding services before (1) The procedure is as follows:

1. Click Configure. The page shown in Figure 7-76 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 168 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Figure 7-76 With forwarding services before (2) 2. Select CFU and enter the forwarded-to number. 3. Click

. Figure 7-77 shows the configuration result. Figure 7-77 Configuration result To modify service configurations, click Configure corresponding to the service.

----End Issue 01 (2012-05-15) Huawei Proprietary and Confidential 169 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Service prefix dialing mode In addition to the preceding web mode, you can also dial a prefix to configure the service. For example, pick up the phone and dial default service prefix *21*number#. The number is forwarded number. To change the service prefix, see Changing Service Prefixes. Using the Service A call can be forwarded only twice consecutively. For example, user A can forward a call to user B and user B can forward the call to user C. User C, however, cannot forward the call to others. A call cannot be forwarded in a loop. For example, user A can forward a call to user B but user B cannot forward the call to user A. If user A has enabled and configured the CFU service, user A's calls are forwarded to the preset number. Canceling the Service Web mode Click Cancel on the Service Configuration tab page, as shown in Figure 7-78. Figure 7-78 Canceling the service Service prefix dialing mode A user picks up the phone and dials default service prefix #21#. To change the service prefix, see Changing Service Prefixes. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 170 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation

?.5.Call Forwarding on Busy 7 Feature Description and Implementation If a user configures the call forwarding on busy (CFB) service and is busy, all incoming calls are forwarded to a preset number. Precautions A call can be forwarded only twice consecutively. For example, user A can forward a call to user B and user B can forward the call to user C. User C, however, cannot forward the call to others. A call cannot be forwarded in a loop. For example, user A can forward a call to user B but user B cannot forward the call to user A. The CFB service conflicts with some other services. For details, see Service Conflicts. Configuring the Service Web mode Before configuring a service, ensure that the service has been enabled. For details on how to enable voice services, see Enabling Voice Services. By default, the CFB service is enabled. Step 1 On the web management system, choose Voice > Service Manager from the navigation tree. Step 2 Click the Service Configuration tab. The page shown in Figure 7-79 is displayed. Figure 7-79 Configure Service tab page Step 3 Click

. The page shown in Figure 7-80 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 171 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Figure 7-80 Selecting a user 7 Feature Description and Implementation Step 4 Select a user number, and click

. The procedure varies according to whether you have configured any forwarding services before. Without forwarding services before With forwarding services before If you have not configured any forwarding services before, the page shown in Figure 7-81 is displayed after you click

. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 172 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Figure 7-81 Without forwarding services before (1) The procedure is as follows:

1. Click Apply. The page shown in Figure 7-82 is displayed. Figure 7-82 Without forwarding services before (2) 2. Select CFB and enter the forwarded-to number. 3. Click

. Figure 7-83 shows the configuration result. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 173 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Figure 7-83 Configuration result 7 Feature Description and Implementation To modify service configurations, click Configure corresponding to the service. If you have configured forwarding services before, the page shown in Figure 7-84 is displayed after you click

. Figure 7-84 With forwarding services before (1) The procedure is as follows:

1. Click Configure. The page shown in Figure 7-85 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 174 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Figure 7-85 With forwarding services before (2) 2. Select CFB and enter the forwarded-to number. 3. Click

. Figure 7-86 shows the configuration result. Figure 7-86 Configuration result To modify service configurations, click Configure corresponding to the service.

----End Issue 01 (2012-05-15) Huawei Proprietary and Confidential 175 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Service prefix dialing mode 7 Feature Description and Implementation A user picks up the phone and dials *67*number#, where number is the forwarded-to number and *67* is the default service prefix. To change the service prefix, see Changing Service Prefixes. Using the Service Assume that user A has the CFB service right and configures the CFB service (forward calls to user C). If user A is busy, the call is forwarded to user C. Canceling the Service Web mode Click Cancel on the Service Configuration tab page, as shown in Figure 7-87. Figure 7-87 Canceling the service Service prefix dialing mode A user picks up the phone and dials default service prefix #67#. To change the service prefix, see Changing Service Prefixes.

?.6.Call Forwarding on No Reply If a user configures the call forwarding on no reply (CFNR) service and does not answer a call for a specified period (20s by default), the call is automatically forwarded to a preset number. Precautions A call can be forwarded only twice consecutively. For example, user A can forward a call to user B and user B can forward the call to user C. User C, however, cannot forward the call to others. A call cannot be forwarded in a loop. For example, user A can forward a call to user B but user B cannot forward the call to user A. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 176 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation The CFNR service conflicts with some other services. For details, see Service Conflicts. Configuring the Service Web mode Before configuring a service, ensure that the service has been enabled. For details on how to enable voice services, see Enabling Voice Services. Step 1 On the web management system, choose Voice > Service Manager from the navigation tree. Step 2 Click the Service Configuration tab. The page shown in Figure 7-88 is displayed. Figure 7-88 Configure Service tab page Step 3 Click

. The page shown in Figure 7-89 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 177 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Figure 7-89 Selecting a user 7 Feature Description and Implementation Step 4 Select a user number. Step 5 Click

. The procedure varies according to whether you have configured any forwarding services before. Without forwarding services before With forwarding services before If you have not configured any forwarding services before, the page shown in Figure 7-90 is displayed after you click

. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 178 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Figure 7-90 Without forwarding services before (1) 7 Feature Description and Implementation The procedure is as follows:

1. Click Apply. The page shown in Figure 7-91 is displayed. Figure 7-91 Without forwarding services before (2) 2. Select CFNR, and enter the forwarded-to number and waiting duration before forwarding (unit: second). 3. Click

. Figure 7-92 shows the configuration result. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 179 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Figure 7-92 Configuration result 7 Feature Description and Implementation To modify service configurations, click Configure corresponding to the service. If you have configured forwarding services before, the page shown in Figure 7-93 is displayed after you click

. Figure 7-93 With forwarding services before (1) The procedure is as follows:

1. Click Configure. The page shown in Figure 7-94 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 180 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Figure 7-94 With forwarding services before (2) 7 Feature Description and Implementation 2. Select CFNR, and enter the forwarded-to number and waiting duration before forwarding. 3. Click

. Figure 7-95 shows the configuration result. Figure 7-95 Configuration result To modify service configurations, click Configure corresponding to the service. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 181 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation

----End Service prefix dialing mode A user picks up the phone and dials *61*number*time#, where number is the forwarded-to number, time is set as waiting duration, and *61* is the default service prefix. To change the service prefix, see Changing Service Prefixes. Using the Service Assume that user A has enabled and configured the CFNR service (forward calls to user C). If user A does not answer a call, the call is forwarded to user C. Canceling the Service Web mode Click Cancel on the Service Configuration tab page, as shown in Figure 7-96. Figure 7-96 Canceling the service Service prefix dialing mode A user picks up the phone and dials default service prefix #61#. To change the service prefix, see Changing Service Prefixes.

?.7.Calling Line Identity Presentation If a user configures the calling line identity presentation (CLIP) service, the calling number is displayed on the user's phone when a call is received. Precautions The CLIP service conflicts with some other services. For details, see Service Conflicts. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 182 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Configuring the Service 7 Feature Description and Implementation After enabling the CLIP service, users can directly use it without configuration. Using the Service Assume that user A has the CLIP service right. When user B calls user A, user B's number is displayed on user A's phone. If user B has enabled the calling line identity restriction (CLIR) service, user B's number will not be displayed on user A's phone.

?.8.Calling Line Identity Restriction If a calling user configures the calling line identity restriction (CLIR) service, the calling number is not displayed on the called user's phone even if the called user has enabled the CLIP service. Precautions The CLIR service conflicts with some other services. For details, see Service Conflicts. Configuring the Service Before configuring a service, ensure that the service has been enabled. For details on how to enable voice services, see Enabling Voice Services. Step 1 On the web management system, choose Voice > Service Manager from the navigation tree. Step 2 Click the Service Configuration tab. The page shown in Figure 7-97 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 183 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Figure 7-97 Configure Service tab page (1) Step 3 Click

. The page shown in Figure 7-98 is displayed. Figure 7-98 Selecting a user Step 4 Select a user number, and click

. The page shown in Figure 7-99 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 184 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Figure 7-99 Configure Service tab page (2) Step 5 Click Apply. Figure 7-100 shows the configuration result. Figure 7-100 Configuration result

----End Using the Service If user A has the CLIR service right, the called user's phone does not display user A's number when user A calls the user. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 185 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Canceling the Service 7 Feature Description and Implementation Click Cancel on the Service Configuration tab page, as shown in Figure 7-101. Figure 7-101 Canceling the service

?.9.Connected Line Identification Presentation If a user configures the Connected Line Identification Presentation (COLP) service and receives a call, the user's phone displays the called number or forwarded-to number. Precautions The COLP service conflicts with some other services. For details, see Service Conflicts. Configuring the Service After enabling the COLP service, users can directly use it without configuration. For details on how to enable voice services, see Enabling Voice Services. Using the Service Assume that user A has the COLP service right and user B has enabled the call forwarding service (forward to user C). When user A calls user B, the call is forwarded to user C and user A's phone displays user C's number. Only the specified phone models support the COLP service, such as Polycom and Snom.

?.10.Connected Line Identity Restriction If a user configures the Connected Line Identification Restriction (COLR) service and receives a call, the user's number is not displayed on the calling user's phone. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 186 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Precautions 7 Feature Description and Implementation The COLR service conflicts with some other services. For details, see Service Conflicts. Configuring the Service After enabling the COLR service, users can directly use it without configuration. For details on how to enable voice services, see Enabling Voice Services. Using the Service Assume that user B has enabled the call forwarding service (forward to user C) and user C has the COLR service right. When user A calls user B, user A's phone does not display user C's number even if user A has enabled the COLP service. If the COLR service is set by the called user, the calling user's phone model is specified, such as Polycom and Snom.

?.11.Call Completion on Busy Subscriber If user A configures the call completion on busy subscriber (CCBS) service and user B calls user A but user A is busy, user B can select callback upon busy as prompted. Then the EGW1520 calls user A when user A is idle. After user A picks up the phone, the EGW1520 calls user B. Then user B picks up the phone and talks with user A. Precautions The CCBS service conflicts with some other services. For details, see Service Conflicts. Configuring the Service Web mode Before configuring a service, ensure that the service has been enabled. For details on how to enable voice services, see Enabling Voice Services. Step 1 On the web management system, choose Voice > Service Manager from the navigation tree. Step 2 Click the Service Configuration tab. The page shown in Figure 7-102 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 187 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Figure 7-102 Configure Service tab page (1) Step 3 Click

. The page shown in Figure 7-103 is displayed. Figure 7-103 Selecting a user Step 4 Select a user number, and click

. The page shown in Figure 7-104 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 188 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Figure 7-104 Configure Service tab page (2) Step 5 Click Apply. The page shown in Figure 7-105 is displayed. Figure 7-105 Configure Service tab page (3) Step 6 Click service. to set the user number or user number prefix for triggering the CCBS Issue 01 (2012-05-15) Huawei Proprietary and Confidential 189 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation If you do not set a user number or user number prefix, all calling users can trigger the CCBS service. If you set it, only users with the preset user number or user number prefix can trigger the CCBS service. Step 7 Click

. Figure 7-106 shows the configuration result. Figure 7-106 Configuration result

----End Service prefix dialing mode A user picks up the phone and dials service prefix *37#, where *37# is the default service prefix. To change the service prefix, see Changing Service Prefixes. Using the Service Assume that user A has enabled and configured the CCBS service. If user A configures the CCBS service and user B calls user A but user A is busy, user B can select callback upon busy as prompted. Then the EGW1520 calls user A when user A is idle. After user A picks up the phone, the EGW1520 calls user B. Then user B picks up the phone and talks with user A. Canceling the Service Web mode Click Cancel on the Service Configuration tab page, as shown in Figure 7-107. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 190 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Figure 7-107 Canceling the service 7 Feature Description and Implementation Service prefix dialing mode A user picks up the phone and dials default service prefix #37#. To change the service prefix, see Changing Service Prefixes.

?.12.Do Not Disturb After a user enables the Do Not Disturb (DND) service, the EGW1520 will block all incoming calls to the user. If a user uses an IP phone and enables the DND function on the IP phone, the user will not receive any calls even if the DND service is not enabled on the EGW1520. For details on how to enable the DND function on an IP phone, see the IP phone user guide. Precautions The DND service conflicts with some other services. For details, see Service Conflicts. Configuring the Service Web mode Before configuring a service, ensure that the service has been enabled. For details on how to enable voice services, see Enabling Voice Services. By default, the DND service is enabled. Step 1 On the web management system, choose Voice > Service Manager from the navigation tree. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 191 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Step 2 Click the Service Configuration tab. The page shown in Figure 7-108 is displayed. Figure 7-108 Configure Service tab page (1) Step 3 Click

. The page shown in Figure 7-109 is displayed. Figure 7-109 Selecting a user Step 4 Select a user number. Step 5 Click

. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 192 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation The page shown in Figure 7-110 is displayed. Figure 7-110 Configure Service tab page (2) Step 6 Click Apply. Figure 7-111 shows the configuration result. Figure 7-111 Configuration result

----End Service prefix dialing mode Issue 01 (2012-05-15) Huawei Proprietary and Confidential 193 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation In addition to the preceding web mode, you can also dial a prefix to configure the service. For example, pick up the phone and dial default service prefix *56#. To change the service prefix, see Changing Service Prefixes. Using the Service Assume that user A has enabled and configured the DND service. When other users call user A, they will hear the DND announcement but user A can still make calls. Canceling the Service Web mode Click Cancel on the Service Configuration tab page, as shown in Figure 7-112. Figure 7-112 Canceling the service Service prefix dialing mode Pick up the phone and dial the default service prefix #56#. To change the service prefix, see Viewing and Changing Service Prefixes.

?.13.Call Waiting When a user that uses the call waiting service in a conversation receives a new call, the user can follow the phone prompt to suspend or end the original call within 15 seconds to answer the new called user. Precautions The call waiting service conflicts with some other services. For details, see Service Conflicts. Configuring the Service Web mode Issue 01 (2012-05-15) Huawei Proprietary and Confidential 194 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Before configuring a service, ensure that the service has been enabled. For details on how to enable voice services, see Enabling Voice Services. By default, the call waiting service is enabled. Step 1 On the web management system, choose Voice > Service Manager from the navigation tree. Step 2 Click the Service Configuration tab. The page shown in Figure 7-113 is displayed. Figure 7-113 Configure Service tab page (1) Step 3 Click

. The page shown in Figure 7-114 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 195 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Figure 7-114 Selecting a user 7 Feature Description and Implementation Step 4 Select a user number. Step 5 Click

. The page shown in Figure 7-115 is displayed. Figure 7-115 Configure Service tab page (2) Step 6 Click Apply. Figure 7-116 shows the configuration result. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 196 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Figure 7-116 Configuration result

----End Service prefix dialing mode In addition to the preceding web mode, you can also dial a prefix to configure the service. For example, pick up the phone and dial default service prefix *43#. To change the service prefix, see Changing Service Prefixes. Using the Service Assume that user A is talking with user B. User C calls user A and user A listens to a prompt tone which indicates that a new call is received. The process of using the service varies according to the phone that user A uses. The call waiting service is unavailable if user A is using the night service. When using an analog phone, user A can:

Press the hook flash button to suspend the call with user B for a while. Press 2 after hearing a dial tone to talk with user C. Press the hook flash button to end the call with user B. Press 1 to talk with user C. Reject user C's call. Method 1: Continue the conversation with user B. The prompt tone automatically disappears after 15 seconds and user C hears a busy tone. Method 2: Press the hook flash button and press 0. When using an IP phone, user A can:

1. The indicator corresponding to another line on the IP phone turns on. 2. To talk with user C, user A presses the key representing user C's call. During the call with user C, if user A presses the key representing user B's call, the call with user B resumes and the call with user C is held. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 197 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Canceling the Service Web mode 7 Feature Description and Implementation Click Cancel on the Service Configuration tab page, as shown in Figure 7-117. Figure 7-117 Canceling the service Service prefix dialing mode Pick up the phone and dial the default service prefix #43#. To change the service prefix, see Viewing and Changing Service Prefixes.

?.14.Malicious Caller Identification After acknowledging a malicious call, a user can press the hook flash button and dial an access code to record the calling user information to the system for subsequent query and download. Precautions The EGW1520 supports a maximum of 512 malicious call records. A user can save a maximum of 25 malicious call records. Configuring the Service After enabling the Malicious Caller Identification (MCID) service, users can directly use it without configuration. For details on how to enable voice services, see Enabling Voice Services. Using the Service Record a malicious call. Assume that user A has the right to use the MCID service. To record a malicious call from user B, proceed as follows:

Issue 01 (2012-05-15) Huawei Proprietary and Confidential 198 Copyright Huawei Technologies Co., Ltd.

 

 

eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Step 1 User A presses the hook flash button and dials service prefixes *34# as prompted. To change the service prefix, see Changing Service Prefixes. Step 2 The system plays an announcement, indicating that the malicious call is recorded successfully. If user A wants to continue the call, press the hook flash button again.

----End View, download, and delete a malicious call. Step 1 On the web management system, choose Voice > Service Manager from the navigation tree. Step 2 Click the Service Configuration tab. The page shown in Figure 7-118 is displayed. Figure 7-118 Configure Service tab page (1) Step 3 Click

. The page shown in Figure 7-119 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 199 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Figure 7-119 Selecting a user 7 Feature Description and Implementation Step 4 Select a user number, and click

. The page shown in Figure 7-120 is displayed. Figure 7-120 Configure Service tab page (2) Step 5 Click ShowRecords. The page shown in Figure 7-121 is displayed. You can view, download, or delete all malicious call records. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 200 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Figure 7-121 Configure Service tab page (3) Step 6 (Optional) Click Download Records, and download malicious call records as prompted. Step 7 (Optional) Click Clear Records to clear call malicious call records, or click to delete a single record. Step 8 Click to close the page.

----End

?.15.Anonymous Call Rejection After a user enables the anonymous call rejection service, the EGW1520 will block all anonymous calls to the user. Precautions The anonymous call rejection service conflicts with some other services. For details, see Service Conflicts. Configuring the Service Web mode Issue 01 (2012-05-15) Huawei Proprietary and Confidential 201 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Before configuring a service, ensure that the service has been enabled. For details on how to enable voice services, see Enabling Voice Services. Step 1 On the web management system, choose Voice > Service Manager from the navigation tree. Step 2 Click the Service Configuration tab. The page shown in Figure 7-122 is displayed. Figure 7-122 Configure Service tab page (1) Step 3 Click

. The page shown in Figure 7-123 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 202 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Figure 7-123 Selecting a user 7 Feature Description and Implementation Step 4 Select a user number. Step 5 Click

. The page shown in Figure 7-124 is displayed. Figure 7-124 Configure Service tab page (2) Step 6 Click Apply. Figure 7-125 shows the configuration result. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 203 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Figure 7-125 Configuration result

----End Service prefix dialing mode In addition to the preceding web mode, you can also dial a prefix to configure the service. For example, pick up the phone and dial default service prefix *41#. To change the service prefix, see Changing Service Prefixes. Using the Service Assume that user A has enabled and configured the anonymous call rejection service and that user B is an anonymous user (for example, user B enables the CLIR service). User B's calls to user A will be blocked. Canceling the Service Web mode Click Cancel on the Service Configuration tab page, as shown in Figure 7-126. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 204 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Figure 7-126 Canceling the service Service prefix dialing mode A user picks up the phone and dials default service prefix #41#. To change the service prefix, see Changing Service Prefixes.

?.16.Automatic Call Rejection After a user enables and configures the automatic call rejection service, the calls from a preset number will be rejected automatically. Precautions The automatic call rejection service conflicts with some other services. For details, see Service Conflicts. Configuring the Service Web mode Before configuring a service, ensure that the service has been enabled. For details on how to enable voice services, see Enabling Voice Services. Step 1 On the web management system, choose Voice > Service Manager from the navigation tree. Step 2 Click the Service Configuration tab. The page shown in Figure 7-127 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 205 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Figure 7-127 Configure Service tab page (1) Step 3 Click

. The page shown in Figure 7-128 is displayed. Figure 7-128 Selecting a user Step 4 Select a user number, and click

. The page shown in Figure 7-129 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 206 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Figure 7-129 Configure Service tab page (2) Step 5 Click Apply. The page shown in Figure 7-130 is displayed. Figure 7-130 Configure Service tab page (3) Step 6 Click

, and enter a number that you want to reject. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 207 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation You can enter a complete number or the first several digits of a number in the Number text box. For example, if you enter 8100, the number 8100 and numbers that start with 8100 are rejected. A maximum of 10 numbers can be added. The length of each number must be equal to or less than 30 characters. When no rejected number is configured, the system saves the settings of the Automatic Call Rejection (ACR) service but does not reject the calls from any numbers. Step 7 Click

. Figure 7-131 shows the configuration result. Figure 7-131 Configuration result To modify the configuration, click Configure.

----End Service prefix dialing mode In addition to the preceding web mode, you can also dial a prefix to configure the service. For example, pick up the phone and dial *97*number1*number2*number3#, where number1, number2, and number3 indicate numbers that you want to reject and *97* is the default service prefix. The length of each number must be equal to or less than 27 characters. To change the service prefix, see Viewing and Changing Service Prefixes. Using the Service Assume that user A has enabled and configured the automatic call rejection service and user B's number is rejected. User A's phone will automatically reject calls made by user B. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 208 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Canceling the Service Web mode 7 Feature Description and Implementation Click Cancel on the Service Configuration tab page, as shown in Figure 7-132. Figure 7-132 Canceling the service Service prefix dialing mode A user picks up the phone and dials #97# to cancel the rejection of all preset numbers. A user picks up the phone and dials #97*number1*number2*number3#, where number1, number2, and number3 indicate numbers that the user does not want to reject any longer and #97* is the default service prefix. To change the service prefix, see Changing Service Prefixes.

?.17.Night Service If a user configures the night service, all incoming calls at night are forwarded to the voice mailbox or a preset number. Precautions The night service conflicts with some other services. For details, see Service Conflicts. Before configuring a service, ensure that the service has been enabled. For details on how to enable voice services, see Enabling Voice Services. Configuring the Service Step 1 On the web management system, choose Voice > Service Manager from the navigation tree. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 209 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Step 2 Click the Service Configuration tab. The page shown in Figure 7-133 is displayed. Figure 7-133 Configure Service tab page (1) Step 3 Click

. The page shown in Figure 7-134 is displayed. Figure 7-134 Selecting a user Step 4 Select a user number, and click

. The page shown in Figure 7-135 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 210 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Figure 7-135 Configure Service tab page (2) Step 5 Click Apply. The page shown in Figure 7-136 is displayed. Figure 7-136 Configure Service tab page (3) Step 6 Enter the forwarded-to number or voice mailbox prefix in the Service Number text box, and set Week Range and Time Range. The default voice mailbox prefix is 9898 (inner mailbox) or 9899 (network mailbox). To change the voice mailbox prefix, see Viewing and Changing Service Prefixes. Step 7 Click

. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 211 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Figure 7-137 shows the configuration result. Figure 7-137 Configuration result To modify service configurations, click Configure corresponding to the service.

----End Using the Service Assume that user A has enabled and configured the night service. User A's incoming calls at night are forwarded to the voice mailbox or a preset number. Canceling the Service Click Cancel on the Service Configuration tab page, as shown in Figure 7-138. Figure 7-138 Canceling the service Issue 01 (2012-05-15) Huawei Proprietary and Confidential 212 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation

?.18.Three-Party Calling 7 Feature Description and Implementation A user in a call can invite a third party to start a three-party conversation. An EGW1520 supports a maximum of two concurrent three-party calls. Configuring the Service After enabling the three-party call service, users can directly use it without configuration. For details on how to enable voice services, see Enabling Voice Services. POTS users on the EGW1520 cannot initiate three-party calls. If a SIP user initiates a three-party call, the audio mixing is performed on the IP phone. Using the Service Assume that user A who is talking with user B has the three-party call service right. The process of using the service varies according to the phone that user A uses. 1. Press an idle line key (the indicator is off), dial user C's number, and press the Send key. 2. If user C is connected (the corresponding indicator is on), press the CONF key and the related line key (connecting users A and C) to start a three-party call. If user C is not connected, press the related line key (connecting users A and B) to continue the talk with user B. If user B (user C) hangs up the phone during the three-party call, user A talks with user C (user B). If user A hangs up the phone during the three-party call, users B and C listen to a busy tone. Operations vary according to IP phone model. For details, see the related IP phone user guide.

?.19.Call Pickup After dialing the call pickup access code and the called user's number, a user can answer the call for the called user whose phone is ringing. Configuring the Service After enabling the call pickup service, users can directly use it without configuration. For details on how to enable voice services, see Enabling Voice Services. Using the Service Assume that user A has the call pickup service right. Step 1 User C dials user B, and user B's phone rings. Step 2 User A picks up the phone and dials *11*TN# (TN is user B's number). User B's phone stops ringing, and user A talks with user C. In the preceding number, *11* is the default access code. To change the service prefix, see Changing Service Prefixes.

----End Issue 01 (2012-05-15) Huawei Proprietary and Confidential 213 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation

?.20.Call Barring 7 Feature Description and Implementation The call barring service limits calls to specified outer-office numbers. After the call barring service is enabled, the calls whose numbers match the restricted prefix are not accessible to the IMS or NGN. Configuring the Service Step 1 On the web management system, choose Voice > Service Manager from the navigation tree. The page shown in Figure 7-139 is displayed. Figure 7-139 Service Rights tab page (1) Step 2 Click

. The page shown in Figure 7-140 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 214 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Figure 7-140 Selecting a user 7 Feature Description and Implementation Step 3 Select a user number, and click

. The page shown in Figure 7-141 is displayed. Figure 7-141 Service Rights tab page (2) Step 4 Select Call Barring. The page shown in Figure 7-142 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 215 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Figure 7-142 Call barring 7 Feature Description and Implementation Step 5 Set outer-office numbers to which calls are blocked according to Table 7-33. Table 7-33 Parameter description Parameter Description All Limit Calls are blocked to all outer-office numbers. Prefix Limit Calls are blocked to certain outer-office prefixes. You can set one or more service prefixes. If you add service prefix 81, calls made by internal users to outer-office numbers starting 81 will be rejected. NOTE The call barring service limits calls to specified outer-office numbers. Calls to intra-office numbers, however, are not limited. Step 6 Click

. Figure 7-143 shows the configuration result. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 216 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Figure 7-143 Configuration result To modify the configuration, click

.

----End Using the Service Assume that user A has configured the call barring service and that the restricted prefix is 88. When user A calls outer-office user C on the IMS or NGN whose number starts with 88, the call will fail. Canceling the Service To remove the call barring right, deselect Call Barring on the Service Rights tab page.

?.21.Voice Mailbox After you configure the voice mailbox service, the voice mailbox can automatically answer incoming calls and ask the calling users to leave voice messages. Then the phone displays a message indicating that you have a voice message. The user can dial an access code to listen to the voice message. Precautions The voice mailbox service conflicts with some other services. For details, see Service Conflicts. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 217 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation An EGW1520 allows a maximum of 24 users to enable the voice mailbox service. The maximum duration of a voice message is 30 seconds. An EGW1520 user can leave at least one voice message. All EGW1520 users can leave 120 voice messages. When the number of voice messages reaches 120, no more voice messages are allowed. To leave new voice messages, you must delete old ones. If the CFU service is configured for your voice mailbox, you do not need to configure the call transfer to voice message on busy (CTVMB) service and call transfer to voice mailbox on no reply (CTVMNR) service. Configuring the Service Web mode Before configuring a service, ensure that the service has been enabled. For details on how to enable voice services, see Enabling Voice Services. Step 1 On the web management system, choose Voice > Service Manager from the navigation tree. Step 2 Click the Service Configuration tab. The page shown in Figure 7-144 is displayed. Figure 7-144 Configure Service tab page (1) Step 3 Click

. The page shown in Figure 7-145 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 218 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Figure 7-145 Selecting a user 7 Feature Description and Implementation Step 4 Select a user number. Step 5 Click

. The page shown in Figure 7-146 is displayed. Figure 7-146 Configure Service tab page (2) Step 6 Click Apply. The page shown in Figure 7-147 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 219 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Figure 7-147 Configure Service tab page (3) Step 7 Set parameters according to Table 7-34. Table 7-34 Parameter description Parameter Description Type Mailbox type. Inner: voice mailbox on the EGW1520 Network: voice mailbox of a carrier Password Password for a user to retrieve messages, consisting of 4 to 8 digits. Step 8 Click

. Figure 7-148 shows the configuration result. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 220 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Figure 7-148 Configuration result 7 Feature Description and Implementation Step 9 When configuring the call forwarding or night service, you can set the forwarded-to number to the voice mailbox prefix. The default voice mailbox prefix is 9898 (inner mailbox) or 9899

(network mailbox). To change the voice mailbox prefix, see Viewing and Changing Service Prefixes. For details on how to configure call forwarding services, see Call Forwarding on Busy, Call Forwarding on No Reply, and Call Forwarding Unconditional. For details on how to configure the night service, see Night Service.

----End Service prefix dialing mode A user picks up the phone and configures a forwarding service. The forwarded-to number is a voice mailbox prefix 9898 or 9899. To change the service prefix, see Changing Service Prefixes. To configure forwarding services, see Call Forwarding on Busy, Call Forwarding on No Reply, and Call Forwarding Unconditional. When you set the forwarded-to number to a voice mailbox prefix in the night service, you can only use the web mode. Using the Service Assume that user A has enabled and configured the voice mailbox service. If user B is an outer-office user, the process of using the voice mailbox service is as follows:

1. User B calls user A. After listening to the message-taking voice prompt, user B takes a voice message and then presses the pound key (#). 2. User B listens to an announcement saying that the voice message is taken successfully, and then hangs up. User B can also play the recorded voice message, take a voice message again, and cancel the voice message. 3. User A finds that the phone received a new voice message and dials access code 91001 to retrieve it from the EGW1520 voice mailbox or 91002 from the carrier's voice Issue 01 (2012-05-15) Huawei Proprietary and Confidential 221 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation mailbox. User A enters the retrieving ID (user number) and password as prompted, and presses the pound key (#). Then user A can listen to the voice message and perform other settings, such as changing the password, as prompted. The default access codes for retrieving messages are 91001 and 91002. To change the access code, see Viewing and Changing Service Prefixes. 4. After the voice message is played, user A can delete it as prompted. Canceling the Service Click Cancel on the Service Configuration tab page, as shown in Figure 7-149. Figure 7-149 Canceling the service

?.22.Fixed Mobile Convergence The Fixed Mobile Convergence (FMC) service allows users to configure the simultaneous ringing, sequential ringing, call toggling, and voice mailbox services. Introduction Simultaneous ringing Configure a mobile number as the simultaneous ringing number of a fixed-line phone. When a user receives a call, the mobile phone and the fixed-line phone ring together. The user can pick up either of the phones to answer the call. A user can be only configured with one simultaneous ringing number. Sequential ringing Configure a mobile number as the sequential ringing number of a fixed-line phone. When a user receives a call, the fixed-line phone rings. If the user does not pick up the fixed-line phone for a specified period, the mobile phone rings. A user can be only configured with one sequential ringing number. Call toggling Issue 01 (2012-05-15) Huawei Proprietary and Confidential 222 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Configure a mobile number as the toggling number of a fixed-line phone. When a user is in a call, the user can release the call after toggling it to the mobile phone. Voice mailbox After you configure the voice mailbox service, the voice mailbox can automatically answer incoming calls and ask the calling users to leave voice messages. Then the phone displays a message indicating that you have a voice message. To listen to the voice message, dial an access code. Precautions The FMC service conflicts with some other services. For details, see Service Conflicts. Configuring the Service Before configuring a service, ensure that the service has been enabled. For details on how to enable voice services, see Enabling Voice Services. Step 1 On the web management system, choose Voice > Service Manager from the navigation tree. Step 2 Click the Service Configuration tab. The page shown in Figure 7-150 is displayed. Figure 7-150 Configure Service tab page (1) Step 3 Click

. The page shown in Figure 7-151 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 223 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Figure 7-151 Selecting a user 7 Feature Description and Implementation Step 4 Select a user number. Step 5 Click

. The page shown in Figure 7-152 is displayed. Figure 7-152 Configure Service tab page (2) Step 6 Click Apply. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 224 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Figure 7-153 Configure Service tab page (3) Step 7 Set parameters according to Table 7-35. Table 7-35 Parameter description Parameter Description Mobile Number Indicates the mobile number that you associate with the fixed-line number in the simultaneous ringing, sequential ringing, and call toggling services. Simultaneous Ringing When a user receives a call, the mobile phone and the fixed-line phone ring together. The user can pick up either of the phones to answer the call. Sequential Ringing If a user does not answer an incoming call for a specified period, the fixed-line phone stops ringing and the mobile phone starts ringing. Call Toggling A user can press the hook flash button and dial an access code to switch the call to the mobile phone. VoiceMailBox Allows you to set the voice mailbox information. For details, see Voice Mailbox. Step 8 Click

. Figure 7-154 shows the configuration result. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 225 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Figure 7-154 Configuration result 7 Feature Description and Implementation To modify the configuration, click Configure.

----End Using the Service Simultaneous ringing Assume that user A has configured the simultaneous ringing service and user B's mobile number is the simultaneous ringing number. When user C calls user A, user A's and user B's phones ring at the same time. Both user A's and user B's phone can answer the call. When a phone is picked up, the other phone stops ringing. Sequential ringing Assume that user A has configured the sequential ringing service and user B's mobile number is the sequential ringing number. When user C calls user A but user A does not answer within 20 seconds, user A's phone stops ringing and user B's phone starts to ring. User B can answer the call from user C. Call toggling Assume that user A has configured the call toggling service and that user B is the one to whom the call is toggled. User A can exit the conversation with user C and enable user B to talk with user C. The process is as follows:

1. User A presses the hook flash button and dials default service prefix *19# after hearing a dialing tone. To change the service prefix, see Changing Service Prefixes. 2. User B's phone rings. User B picks up the phone to talk with user C and user A releases the call. Voicemail For details on how to configure and use the voicemail service, see Voice Mailbox. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 226 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Canceling the Service 7 Feature Description and Implementation Click Cancel on the Service Configuration tab page, as shown in Figure 7-155. Figure 7-155 Canceling the service

?.23.Instant Conference Call The EGW1520 support an instance conference call that allows a maximum of six participants

(including the moderator) to join. The moderator can invite other participants to join the conference. Assigning the Conference Moderator Right The conference moderator right is assigned by the enterprise IT administrator, and no configuration is required. For details, see Enabling Voice Services. The moderator must be an intra-office user. Initiating an Instance Conference Call Step 1 Log in to the web management system. For details, see 7.7.1 Web Management. Step 2 Enter the user name and password. (Both the initial user name and password for the moderator are the moderator's internal number.) The page shown in Figure 7-156 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 227 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Figure 7-156 Conference page 7 Feature Description and Implementation You are advised to change the initial password to ensure security. To change the initial password, click Change password in Figure 7-156. If you forget the password, contact the enterprise IT administrator to reset the password. For details, see Enabling Voice Services. Step 3 Click

. The page shown in Figure 7-157 is displayed. Figure 7-157 Joining a conference Step 4 Click

. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 228 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation The page shown in Figure 7-158 is displayed. Figure 7-158 Adding participants Step 5 Set User Name and User No of a participant. A participant can be an intra-office or outer-office user (such as a PSTN, IMS, or NGN user). To invite an outer-office user to join the conference through the FXO port on EGW1520, you must set User No based on the FXO dialing rules, such as set User No to the outgoing prefix and the outer-office user's number. Step 6 Click to start the conference. The page shown in Figure 7-159 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 229 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Figure 7-159 Conference participants

----End Self-Service Prerequisites The self-service function allows users to configure voice services that have been enabled. Voice services have been enabled by the enterprise IT administrator. Using the Self-Service Function Step 1 Log in to the web management system. For details, see 7.7.1 Web Management. Step 2 Enter the user name and password. (Both the initial user name and password are a user's internal number.) The page shown in Figure 7-160 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 230 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Figure 7-160 Self-service 7 Feature Description and Implementation You are advised to change the initial password to ensure security. To change the initial password, click Change password in Figure 7-160. If you forget the password, contact the enterprise IT administrator to reset the password. Step 3 Configure voice services as required. For details, see Configuring and Using Voice Services.

----End Viewing and Changing Service Prefixes This topic describes how to view and change service prefixes. Users can configure and use voice services by dialing service prefixes. You have logged in to the web management system. For details, see 7.7.1 Web Management. Prerequisites Procedure Step 1 On the web management system, choose Voice > Service Prefix from the navigation tree. Step 2 Click in the Operation column. The page shown in Figure 7-161 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 231 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Figure 7-161 Current service prefix For meanings and use of service prefixes, see Configuring and Using Voice Services. Step 3 Change the service prefix in the Prefix column. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 232 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Service prefix change rule: The asterisk (*) and number sign (#) cannot be changed. You can change numerals only. Service prefixes related to the voice mailbox cannot contain an asterisk

(*) or a number sign (#). Therefore, a service prefix cannot conflict with any internal numbers, external numbers (including all outer-office numbers), or emergency numbers. Table 7-36 lists Ireland's and New Zealand's emergency numbers. Table 7-36 Ireland's and New Zealand's emergency numbers Country Ireland New Zealand Emergency call numbers 999, 112 111 Step 4 Click to save the settings.

----End 7.4.2 FXO Port Description Principle This topic describes the principle, implementation, specification, and limitation for the FXO port on the EGW1520 and how to configure the FXO port. The EGW1520 provides four FXO ports used to connect to PSTN networks, allowing voice users on the EGW1520 to communicate with PSTN users. The EGW1520 provides an FXO port for connecting to the PSTN network. An intra-office user can dial an outgoing prefix and the number of an outer-office user to make an outgoing call through the FXO port. An outer-office user dials the number that the PSTN network carrier allocates to any FXO port of the four FXO ports on the EGW1520 to make an incoming call. The EGW1520 supports the switchboard, DDI, and dedicated line functions. By default, the switchboard function is enabled. An intra-office user can be a POTS user or a SIP user. Implementation for the Switchboard Figure 7-162 shows the application scenario for the switchboard. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 233 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Figure 7-162 Application scenario for the switchboard 7 Feature Description and Implementation The call process for the switchboard is as follows:

Outgoing call 1. An intra-office user dials the outgoing prefix for the FXO port (for example, 0) and the number of an outer-office user. 2. The EGW1520 automatically queries an idle non-dedicated FXO port for the user to make the outgoing call. A non-dedicated FXO port is a port for which the dedicated line is not configured. For details about the dedicated line, see Implementation for the Dedicated Line. 3. The outer-office user answers the call. The number that the PSTN network carrier allocates to the FXO port (that is, the switchboard number) is displayed to the called party. 4. One party hangs up the phone to end the call. Incoming call 1. An outer-office user dials the number that the PSTN network carrier allocates to the FXO port, that is, the switchboard number. The outer-office user hears an announcement, for example, "Thanks for calling XX company. Please dial the extension number. To query numbers, dial 9. End the number with a pound key."

2. The outer-office user dials an extension number (internal number) or dials 9 (to connect to the preset attendant number) as prompted, and presses the pound key (#). 3. The intra-office user or attendant answers the call. 4. One party hangs up the phone to end the call. Implementation for the DDI The DDI binds an intra-office user to an FXO port. When an outer-office user makes an incoming call to the intra-office user through the FXO port, the call is directly connected to the intra-office user. After the DDI is configured for an FXO port, other users can still make outgoing calls through the FXO port. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 234 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Figure 7-163 shows the application scenario for the DDI. Figure 7-163 Application scenario for the DDI The call process for the DDI is as follows:

Outgoing call 1. An intra-office user dials the outgoing prefix for the FXO port (for example, 0) and the number of an outer-office user. 2. The EGW1520 automatically queries an idle non-dedicated FXO port for the user to make the outgoing call. A non-dedicated FXO port is a port for which the dedicated line is not configured. For details about the dedicated line, see Implementation for the Dedicated Line. 3. The outer-office user answers the call. The number that the PSTN network carrier allocates to the FXO port (that is, the switchboard number) is displayed to the called party. 4. One party hangs up the phone to end the call. Incoming call 1. An outer-office user dials the number that the PSTN network carrier allocates to the FXO port. 2. The phone of the DDI user bound to the FXO port (for example, intra-office user 1 in Figure 7-163) rings. 3. The DDI user answers the call. 4. One party hangs up the phone to end the call. The number that the PSTN network carrier allocates to the FXO port is displayed to the called party. Implementation for the Dedicated Line The dedicated line binds an intra-office user to an FXO port and sets the FXO port to be a dedicated port. When an outer-office user makes an incoming call to the intra-office user Issue 01 (2012-05-15) Huawei Proprietary and Confidential 235 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation through the FXO port, the call is directly connected to the intra-office user. Only the intra-office user can use the FXO port to make outgoing calls. Figure 7-164 shows the application scenario for the dedicated line. Figure 7-164 Application scenario for the dedicated line The call process for the dedicated line is as follows:

Outgoing call 1. A dedicated user (for example, intra-office user 1 in Figure 7-164) dials the FXO outgoing prefix (configurable, for example, 0) and an outer-office user's number. 2. The EGW1520 automatically queries the FXO port bound to the user for the user to make the outgoing call. If the bound FXO port is unavailable (for example, no phone line is connected to the FXO port), the EGW1520 automatically queries an idle non-dedicated FXO port for the user to make the outgoing call. 3. The outer-office user answers the call. The number that the PSTN network carrier allocates to the FXO port is displayed to the called party. 4. One party hangs up the phone to end the call. Incoming call 1. An outer-office user dials the number that the PSTN network carrier allocates to the FXO port. 2. The phone of the dedicated user bound to the FXO port (for example, intra-office user 1 in Figure 7-164) rings. 3. The dedicated user answers the call. 4. One party hangs up the phone to end the call. Specification Four FXO ports.. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 236 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Limitation The FXO port supports only the one-stage dialing mode. Each FXO port allows one user to make an outgoing or incoming call through the FXO port at the same time. Configuring an Outgoing Prefix This topic describes how to configure an outgoing prefix for the FXO port on the EGW1520. After the outgoing prefix is configured, an intra-office user can dial the outgoing prefix and the number of an outer-office user to make an outgoing call through the FXO port. Prerequisite Background Procedure You have logged in to the web management system. For details, see 7.7.1 Web Management. For details about the function of outgoing prefixes and how to use outgoing prefixes, see Description. Step 1 On the web management system, choose Voice > FXO Configuration from the navigation tree. Step 2 Click

. The page shown in Figure 7-165 is displayed. Figure 7-165 Configuring an outgoing prefix for the FXO port Step 3 Set parameters according to Table 7-37. Table 7-37 FXO prefix parameters Parameter Description Prefix Outgoing prefix for the FXO port. The value is a number consisting of 1 to 30 digits. An intra-office user can dial the outgoing prefix to make an Issue 01 (2012-05-15) Huawei Proprietary and Confidential 237 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Parameter Description outgoing call through the FXO port. Assume that the outgoing prefix is 0 and the number of an outer-office user is 12345678. To call this user, an intra-office user dials 12345678. NOTE A maximum of 16 outgoing prefixes can be configured for the FXO port on the EGW1520. An intra-office user can use any one of the outgoing prefixes to make an outgoing call through the FXO port. The outgoing prefix cannot conflict with internal numbers and emergency numbers. If an internal number is the same as the outgoing prefix plus an outer-office number, the internal user is connected. Delete Yes: The outgoing prefix is deleted for outgoing calls. Assume that the outgoing prefix is 0 and the number of an outer-office user is 12345678. To call this user, an intra-office user dials 012345678. No: The outgoing prefix is not deleted for outgoing calls. This mode is applicable to the situation where the outgoing prefix is the same as the first digit in the outer-office number. Assume that the outgoing prefix is 1 and the number of an outer-office user is 12345678. To call this user, an intra-office user dials 12345678. NOTE The number that the PSTN carrier allocates to the FXO port is displayed to the called party. Step 4 Click to save the settings.

----End Verification Step 1 An intra-office user dials the outgoing prefix for the FXO port (for example, 0) and the number of an outer-office user. Step 2 The outer-office user answers the call.

----End Verify that the call is set up successfully; otherwise, check the configuration. Configuring the Switchboard This topic describes how to configure the switchboard on the EGW1520. Prerequisite You have logged in to the web management system. For details, see 7.7.1 Web Management. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 238 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Background 7 Feature Description and Implementation For details about the application scenario and call process for the switchboard, see Description. The switchboard function conflicts with the DDI and dedicated line functions. If the DDI or dedicated line function is enabled, choose Voice > FXO Configuration and delete the binding number on the FXO Toggle tab page before configuring the switchboard function. The switchboard takes effect automatically after the dedicated line is disabled. No special configuration is required. The following describe how to configure an attendant number. If you do not need to configure an attendant number, skip the following procedure. Default voice prompts are loaded on the EGW1520 before delivery. To customize voice prompts, see Customizing Voice Prompts for the Switchboard. Procedure If you want to make an outgoing call, configure an outgoing prefix when you configure the switchboard. For the configuration method, see Configuring an Outgoing Prefix. Step 1 On the web management system, choose Voice > FXO Configuration from the navigation tree. Step 2 Click the Operator Configure tab. The page shown in Figure 7-166 is displayed. Figure 7-166 Configuring an attendant Step 3 Click

. The page shown in Figure 7-167 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 239 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Figure 7-167 Selecting a user 7 Feature Description and Implementation Step 4 Select an internal number as the attendant number, and click

. For details about how to add an internal number, see Adding Voice Users. Step 5 Click to save the settings. Verification

----End Incoming call Step 1 An outer-office user dials the number that the PSTN network carrier allocates to the FXO port, that is, the switchboard number. Step 2 The outer-office user dials an extension number (internal number) or dials 9 (to connect to the preset attendant number) as prompted, and presses the pound key (#). Step 3 The intra-office user or attendant answers the call.

----End Verify that the call is set up successfully; otherwise, check the configuration. Outgoing call Issue 01 (2012-05-15) Huawei Proprietary and Confidential 240 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Step 1 An intra-office user dials the outgoing prefix for the FXO port (for example, 0) and the number of an outer-office user. Step 2 The outer-office user answers the call.

----End Verify that the call is set up successfully; otherwise, check the configuration. Configuring the DDI and Dedicated Line This topic describes how to configure the DDI and dedicated line on the EGW1520. Prerequisite Background You have logged in to the web management system. For details, see 7.7.1 Web Management. For details about the application scenario and call process for the DDI and dedicated line, see Description. The priority of the DDI or dedicated line is higher than that of the switchboard. When the DDI or dedicated line is configured, the switchboard automatically becomes invalid. Procedure If you want to make an outgoing call, configure an outgoing prefix when you configure the DDI and dedicated line. For the configuration method, see Configuring an Outgoing Prefix. Step 1 On the web management system, choose Voice > FXO Configuration from the navigation tree. Step 2 Click the FXO Toggle tab. The page shown in Figure 7-168 is displayed. Figure 7-168 Configuring the FXO binding number Step 3 Select the FXO port you want to configure, set parameters according to Table 7-38. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 241 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Table 7-38 Configuring the DDI and dedicated line Parameter Toggle Number Private Line Description Internal number bound to the FXO port. NOTE For details about how to add an internal number, see Adding Voice Users. Indicates whether to enable the dedicated line function. Step 4 Click to save the settings. Verification

----End Incoming call Step 1 An outer-office user dials the number that the PSTN network carrier allocates to the FXO port. Step 2 The phone of the intra-office user whose number is bound to the FXO port rings. Step 3 The intra-office user answers the call.

----End Verify that the call is set up successfully; otherwise, check the configuration. Outgoing call Step 1 The intra-office user whose number is bound to the FXO port dials the outgoing prefix for the FXO port (for example, 0) and the number of an outer-office user. Step 2 The outer-office user answers the call.

----End Verify that the call is set up successfully; otherwise, check the configuration. 7.4.3 Power-off Survival The FXO1 port of the EGW1520 can be used as a power-off survival port. When the EGW1520 is powered off, the analog phone connected to the PHONE port can be connected to the PSTN through the FXO1 port. Principle and Implementation When the EGW1520 is powered off, the PHONE port automatically connects to the FXO1 port. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 242 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Generally, the EGW1520 power-off survival function is available once the cables are connected. You do not need to configure the function on the web management system. The cables are connected as follows:

The FXO1 port on the EGW1520 has been connected to the PSTN. An analog phone has been connected to the PHONE port on the EGW1520. When the EGW1520 is powered off, it automatically connects the analog phone connected to the PHONE port to the PSTN, as shown in Figure 7-169. Figure 7-169 Power-off survival When the power-off survival function is enabled, the number of the analog phone connected to the PHONE port changes from the external number to the FXO1 port number, and the dialing rule changes from the EGW1520 dialing rule to the PSTN dialing rule. After the power-off survival function is enabled, the ongoing call does not end after the EGW1520 powers on again, but the voice services cannot be used until the call ends. After the power-off survival function is enabled, the FXO switchboard, DDI, and dedicated line functions cannot be used. To verify that the power-off survival function is enabled, perform the following steps:

1. Cut the power supply of the EGW1520. 2. Use an analog phone that is connected to the PHONE port to call an external number. If the call is connected, the power-off survival function is enabled. If the call is disconnected, check the connections between the PHONE port and the analog phone, and between the EGW1520 FXO1 port and the PSTN. Specification One PSTN Power-off survival port. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 243 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Limitation 7 Feature Description and Implementation The Power-off survival function is available only when a power off occurs. Only the Analog Phone that connects to the PHONE port supports Power-off survival function. 7.4.4 Fax Service The EGW1520 supports fax service. Description Principle Fax is a form of telegraphy for the transmission of fixed images with a view to their reproduction in a permanent form. In ITU-RV.662, faxing is defined as a form of telecommunication for the reproduction at a distance of graphic documents in the form of other graphic documents geometrically similar to the original. This topic describes the principle, implementation, specification, and limitation of the fax service. By transmission rate, faxes are divided into low-speed faxes (<= 14.4 kbit/s) and high-speed faxes (> 14.4 kbit/s). Low-speed faxes on an IP network are divided into transparently transmitted faxes (using G.711A or G.711u) and T.38 faxes. High-speed faxes, however, can only use G.711A or G.711u featuring low compression rate due to the requirement for high quality. The EGW1520 supports T.38 and transparent fax. The fax service establishes a voice channel and switches the voice channel to a fax channel, including the IP address, port, codec, and channel types (audio, fax, and data). The voice channel is switched to a fax channel after the access device detects fax signals. The access device checks fax signals to determine whether the current fax is a high-speed or low-speed fax, and then delivers the fax signals to the NGN or IMS. The EGW1520 supports T.38 and transparent fax. Transparent fax: Fax signals are transmitted transparently as G.711 packets. G.711 faxes feature low delay and simple implementation, but they occupy a high bandwidth (fixed at 64 kbit/s) and are easily affected by network conditions. Therefore, G.711 faxes are recommended on a good network condition and not recommended when network jitter or packet loss frequently occur. G.711 faxes are applicable to high-speed and low-speed faxes. T.38 fax: T.30 fax signals are converted to T.38 packets for transmission on a packet switching network. T.38 faxes occupy a low bandwidth, provide high reliability with redundant frames and forward error checking (FEC), and are slightly affected by the network condition. However, the implementation is complicated. T.38 faxes are applicable only to low-speed fax services due to delay generated by the packet switching network. Implementation When a fax machine connected to the EGW1520 communicates with an outer-office machine, the NGN or IMS controls the call process. Figure 7-170 shows the network diagram. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 244 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Figure 7-170 EGW1520 outer-office faxing The NGN or IMS controls call signaling. The EGW1520 detects fax signals and encodes and decodes IP voice packets. After a fax call is established, fax media streams are transmitted over an IP network. The process for making a fax call is similar to that for making an inter-office call. After the fax call is complete, the EGW1520 detects the fax ending signals and sends them to the NGN or IMS. The NGN or IMS negotiates with the calling and called users about the fax media information. After the negotiation is successful, the EGW1520 switches to the fax channel according to the NGN or IMS's signaling to establish a fax call. After the fax call is complete, the EGW1520 detects the fax ending signals and sends them to the NGN or IMS. Then the NGN or IMS switches to the voice channel. Specification Standards supported by fax service:

One FXS ports for fax machines T.30 T.38 V.17/V.21/V.27/V.29/V.34 Limitation N/A Configuring the Fax Service Generally, the EGW1520 faxing function is available once the cables are connected, you do not need to configure the function on the web management system. This topic describes how to set the advanced parameters for faxing. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 245 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Prerequisites 7 Feature Description and Implementation You have logged in to the web management system. For details, see 7.7.1 Web Management. Configuring the Priority Step 1 On the web management system, choose Voice > Voice Parameters from the navigation tree. Step 2 Click the DSP tab. The page shown in Figure 7-171 is displayed. Figure 7-171 DSP tab page Step 3 Set parameters according to Table 7-39. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 246 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Table 7-39 DSP parameters Parameter Description Codec DSP codec type. If multiple options are selected, the system sends messages based on the specified codec rank. By default, all options are selected. NOTE Compared with other codec types, G729, G726, and G722 consume more DSP resources. Codec Ptime (ms) For each codec type, you can change the duration of packaging voice streams to 10 ms, 20 ms, or 30 ms. The default value is 20 ms. Echo Cancellation Indicates the echo cancellation switch. The options are Enable and Disable, and the default value is Enable. The high-speed transparent transmission mode has the echo processing mechanism. You are advised to disable the echo cancellation function for the high-speed transparent transmission mode and enable this function for low-speed transparent transmission mode. Enable Silence Suppress Indicates the silence suppression switch. The options are Enable and Disable. The default value is Enable, which indicates that the system sends silence packets if no voice packet is available. Receive Gain (dB) Indicates the receiving gain of DSP chips. The value ranges from 14 to 6. The default value is 0. Send Gain (dB) Indicates the sending gain of DSP chips. The value ranges from 14 to 6. The default value is 0. Fax Prior Mode Indicates the fax transmission mode. The options are as follows:

T38: Only T38 is supported. VBD: Only voice band data (VBD) is supported. T38-VBD: Both T38 and VBD are supported, and T38 has a higher priority. VBD-T38: Both T38 and VBD are supported, and VBD has a higher priority. The default value is VBD-T38. Media Negotiation Mode Indicates the priority used in media negotiation. Prefer remote codec: During media negotiation, the codec priority at the remote end is preferred. Prefer local codec: During media negotiation, the codec priority at the local end is preferred. The default value is Prefer remote codec. DTMF Transfer Mode Indicates the transmission mode in a session. RFC2833: RFC2833 transmission mode. Transfer: transparent transmission mode. Dialing tones are transmitted transparently as voice signals. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 247 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Parameter Description The default value is RFC2833. VBD Mode Indicates the codec type for transparent transmission. The options are G711A and G711U, and the default value is G711A. Step 4 Click to save the settings.

----End Viewing T38 Fax Parameters Step 1 On the web management system, choose Voice > Voice Parameters from the navigation tree. Step 2 Click the T38 tab. The page shown in Figure 7-172 is displayed. Figure 7-172 T38 tab page Step 3 Set parameters according to Table 7-40. Table 7-40 T.38 fax parameters Parameter Description Fax Rate UDPEC Max Rate Indicates the faxing rate mode. Value transferredTcf indicates remote training mode. Indicates the UDP redundancy correction capability. The EGW1520 supports t38udpredundancy. If the redundancy correction capability is carried in fax negotiation signals, the EGW1520 uses the redundancy technology to send T38 data when the peer end also supports redundancy. Indicates the maximum faxing rate. If the maximum faxing rate at the peer end is smaller than that at the local end, use the smaller one; otherwise, use the value of this parameter. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 248 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Parameter Description Transport Protocol Indicates the transmission protocol. The EGW1520 supports UDP.

----End 7.4.5 Voice Parameters This topic describes how to set voice parameters. Only network administrators can change the parameter settings. To ensure the normal running of the EGW1520, you are advised to use the default settings. Prerequisites You have logged in to the web management system. For details, see 7.7.1 Web Management. Configuring the Region On the Region tab page, specify analog phone standards in different countries. Dialing tones and signal tone frequency vary according to area and country. Configure the parameters based on requirement. Step 1 On the web management system, choose Voice > Voice Parameters from the navigation tree. The page shown in Figure 7-173 is displayed. Figure 7-173 Region tab page Issue 01 (2012-05-15) Huawei Proprietary and Confidential 249 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Step 2 Set parameters according to Table 7-41. Table 7-41 Region parameters Parameter Description Current Country Country name. Slic Gain RX (dB) Receiving gain of an analog phone. The value ranges from -12 dB to +6 dB. Slic Gain TX (dB) Sending gain of an analog phone. The value ranges from -12 dB to

+6 dB. FlashHook Max (ms) Maximum interval for pressing the hook flash button. The value ranges from 0 to 1000, in milliseconds. If the hook flash button is not pressed within the duration specified by this parameter, the call will end. FlashHook Min (ms) Minimum interval for pressing the hook flash button. The value ranges from 0 to 1000, in milliseconds. If the interval is smaller than the value of this parameter, the hook flash operation does not take effect. OnHook Min (ms) Minimum interval for confirming hang-up. The value ranges from 0 to 2000, in milliseconds. If the hang-up interval is smaller than the value of this parameter, the hang-up operation does not take effect. OffHook Min (ms) Minimum interval for confirming pickup. The value ranges from 0 to 2000, in milliseconds. If the pickup interval is smaller than the value of this parameter, the pickup operation does not take effect. Step 3 Click to save the settings.

----End Configuring the DSP On the DSP tab page, configure voice quality information about DSP chips, such as codec type, noise and echo cancellation, silence suppression, and gains. Step 1 On the web management system, choose Voice > Voice Parameters from the navigation tree. Step 2 Click the DSP tab. The page shown in Figure 7-174 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 250 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Figure 7-174 DSP tab page 7 Feature Description and Implementation Step 3 Set parameters according to Table 7-42. Table 7-42 DSP parameters Parameter Description Codec DSP codec type. If multiple options are selected, the system sends messages based on the specified codec rank. By default, all options are selected. NOTE Compared with other codec types, G729, G726, and G722 consume more DSP resources. Codec Ptime (ms) For each codec type, you can change the duration of packaging voice streams to 10 ms, 20 ms, or 30 ms. The default value is 20 ms. Echo Cancellation Echo cancellation switch. The options are Enable and Disable, and the default value is Enable. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 251 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Parameter Description Enable Silence Suppress Silence suppression switch. The options are Enable and Disable. The default value is Enable, which indicates that the system sends silence packets if no voice packet is available. Receive Gain (dB) Receiving gain of DSP chips. The value ranges from -14 to 6. The default value is 0. Send Gain (dB) Sending gain of DSP chips. The value ranges from -14 to 6. The default value is 0. Fax Prior Mode Fax transmission mode. The options are as follows:

T38: Only T38 is supported. VBD: Only voice band data (VBD) is supported. T38-VBD: Both T38 and VBD are supported, and T38 has a higher priority. VBD-T38: Both T38 and VBD are supported, and VBD has a higher priority. The default value is VBD-T38. Priority used in media negotiation. Prefer remote codec: During media negotiation, the codec priority at the remote end is preferred. Prefer local codec: During media negotiation, the codec priority at the local end is preferred. The default value is Prefer remote codec. Media Negotiation Mode DTMF Transfer Mode Transmission mode in a session. RFC283: RFC2833 transmission mode. Transfer: transparent transmission mode. Dialing tones are transmitted transparently as voice signals. The default value is RFC2833. VBD Mode Codec type for transparent transmission. The options are G711A and G711U, and the default value is G711A. Step 4 Click to save the settings.

----End Configuring RTP On the RTP tab page, set the parameters used for playing voices on analog phones such as the maximum and minimum media port numbers. Step 1 On the web management system, choose Voice > Voice Parameters from the navigation tree. Step 2 Click the RTP tab. The page shown in Figure 7-175 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 252 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Figure 7-175 RTP tab page 7 Feature Description and Implementation Step 3 Set parameters according to Table 7-43. Table 7-43 RTP parameters Parameter Description Min UDP Port Max UDP Port Minimum media port number used for playing voices on analog phones. Maximum media port number used for playing voices on analog phones. DTMF (RFC2833) Whether RFC2833 is used for encryption. The options are Enable and Disable. Payload Type: payload for RFC2833 used for encryption. The value must be unique on the EGW1520. It is recommended that you set this parameter to the payload type of the softswitch. If the parameter value is different from that on the softswitch, call connections may fail to be set up. Whether to enable the RTCP function. The options are Enable and Disable. The default value is Disable. RTCP After changing the UDP port number, restart the device to make the configuration take effect. Step 4 Click to save the settings.

----End Issue 01 (2012-05-15) Huawei Proprietary and Confidential 253 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Viewing T38 Fax Parameters 7 Feature Description and Implementation On the T38 tab page, you can view T.38 fax parameters. Step 1 On the web management system, choose Voice > Voice Parameters from the navigation tree. Step 2 Click the T38 tab. The page shown in Figure 7-176 is displayed. Figure 7-176 T38 tab page Step 3 Set parameters according to Table 7-44. Table 7-44 T38 fax parameters Parameter Description Fax Rate UDPEC Max Rate Faxing rate mode. Value transferredTcf indicates remote training mode. UDP redundancy correction capability. The EGW1520 supports t38udpredundancy. If the redundancy correction capability is carried in fax negotiation signals, the EGW1520 uses the redundancy technology to send T38 data when the peer end also supports redundancy. Maximum faxing rate. If the maximum faxing rate at the peer end is smaller than that at the local end, use the smaller one; otherwise, use the value of this parameter. Transport Protocol Transmission protocol. The EGW1520 supports UDP.

----End Configuring SIP On the SIP tab page, configure the timeout interval for local SIP users to register with the EGW1520. Step 1 On the web management system, choose Voice > Voice Parameters from the navigation tree. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 254 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Step 2 Click the SIP tab. The page shown in Figure 7-177 is displayed. Figure 7-177 SIP tab page 7 Feature Description and Implementation Step 3 Set parameters according to Table 7-45. Table 7-45 SIP parameters Parameter Description SIP Register Expire

(s) Timeout interval for local SIP users to register with the EGW1520. Min: Minimum timeout interval for local SIP users to register with the EGW1520. The default value is 120. Max: Maximum timeout interval for local SIP users to register with the EGW1520. The default value is 3600. Local Subscribe Expire (s) Timeout interval for local SIP users to subscribe to a service (such as voice message and voice mailbox) with the EGW1520 Min: Minimum timeout interval for local SIP users to subscribe to a service with the EGW1520. The default value is 120. Max: Maximum timeout interval for local SIP users to subscribe to a service with the EGW1520. The default value is 3600. Network Subscribe Expire (s) Default timeout interval for the EGW1520 to subscribe to a service with the NGN or IMS. SIP Session Timer Whether to use the session timer. The session timer is disabled by default. When the session timer is enabled, the two parties can check the conversation status using the update or reinvite signaling. Step 4 Click to save the settings.

----End Issue 01 (2012-05-15) Huawei Proprietary and Confidential 255 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Configuring SIP ALG 7 Feature Description and Implementation On the SIP ALG tab page, configure SIP servers in an outer office. Step 1 On the web management system, choose Voice > Voice Parameters from the navigation tree. Step 2 Click the SIP ALG tab. The page shown in Figure 7-178 is displayed. Figure 7-178 SIP ALG tab page Step 3 Set parameters according to Table 7-46. Table 7-46 SIP ALG parameters Parameter Description Server port Master: Port number used by the active SIP server to send and receive packets. Slave: Port number used by the standby SIP server to send and receive packets. Extended: Extended port number used by the SIP ALG to send and receive packets. RTP port Min: Minimum media port that can be used by the RTP server. Max: Maximum media port that can be used by the RTP server. Step 4 Click to save the settings.

----End Issue 01 (2012-05-15) Huawei Proprietary and Confidential 256 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7.5 Data 7 Feature Description and Implementation This topic describes EGW1520 data features and how to configure the features. 7.5.1 LAN The EGW1520 provides four LAN ports to connect terminals such as computers and IP phones. In addition, the EGW1520 can function as a Dynamic Host Configuration Protocol

(DHCP) server to allocate private IP addresses to terminals. After network address translation

(NAT), terminals are connected to the IP network and the IP network connects the terminals to the Internet or IMS/NGN. Description Principle This topic describes the principle, implementation, specification, and limitation of LAN ports. The EGW1520 complies with IEEE802.3u 100Base-T. Implementation The EGW1520 provides four LAN ports to connect terminals such as computers and IP phones, as shown in Figure 7-179. The EGW1520 can function as a DHCP server to allocate private IP addresses to terminals. After NAT, terminals are connected to the IP network and the IP network connects the terminals to the Internet, IMS, or NGN. Figure 7-179 LAN diagram Issue 01 (2012-05-15) Huawei Proprietary and Confidential 257 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation For details about the DHCP server and trunk, see the DHCP Feature Description. Specification Four 10/100 Mbit/s self-adaptive LAN ports. Default IP address of LAN ports: 192.168.1.1; subnet mask: 255.255.255.0. DHCP server function, allocating IP addresses to computers and IP phones that connect to LAN ports. Standards supported by LAN ports:

MAC Address (IEEE 802.3) IPv4 Internet Protocol v4 (RFC 791) ARP Address Resolution Protocol (RFC 826) ICMP Internet Control Message Protocol (RFC 792) An Ethernet Address Resolution Protocol (RFC 0826) A Standard for the Transmission of IP Datagrams over Ethernet Networks (RFC 0894) A Standard for the Transmission of IP Datagrams over IEEE 802 Networks (RFC 1042) DHCP (RFC 2131), TCP Transmission Control Protocol (RFC 793) UDP User Datagram Protocol (RFC 768) Limitation The LAN port supports half-duplex and full-duplex self adaptation, but cannot be forced to use full duplex or half duplex. IPv6 is not supported. Configuration This topic describes how to configure a LAN. Prerequisites Background You have logged in to the web management system. For details, see 7.7.1 Web Management. LAN configuration for the EGW1520 includes:

Set the IP address of the LAN gateway. For details, see Setting the IP Address of the LAN Gateway. Configure the EGW1520 as the DHCP server or DHCP relay. For details, see Configuring the DHCP Server and Configuring the DHCP Relay. Setting the IP Address of the LAN Gateway Terminals such as PCs and IP phones use the IP address of the LAN gateway to communicate with other networks and to connect to the EGW1520. The default IP address of the LAN gateway is 192.168.1.1. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 258 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Step 1 On the web management system, choose Network > LAN from the navigation tree. The page shown in Figure 7-180 is displayed. Figure 7-180 Setting the IP address of the LAN gateway Step 2 Set parameters according to Table 7-47. Table 7-47 Parameter description Parameter IP Address Description Indicates the IP address of the LAN gateway. Terminals use it to connect to the LAN port on the EGW1520. The default value is 192.168.1.1. You can change this value. CAUTION The IP addresses of the LAN gateway, ADSL port, and WAN port cannot be on the same network segment. The IP address of the LAN gateway cannot conflict with that of any other device on the same network segment. Subnet Mask Indicates the subnet mask of the IP address of the LAN gateway. The default value is 255.255.255.0. Web Access Mode Indicates the protocol that is used to access the web page of the EGW1520. Http: The web browser interacts with the EGW1520 using HTTP. Https: The web browser interacts with the EGW1520 using HTTPS, which ensures user information security. The HTTPS protocol is used by default. LAN Side Firewall Enable: Enable the firewall on the LAN side. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 259 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Parameter Description NOTE When this function is enabled, the firewall blocks all packets that are sent to the upstream network or the EGW1520 over the LAN network. To allow specified packets to pass the firewall, choose Advanced > Security and set related parameters on the Filter incoming IP tab page. Disable: Disable the firewall on the LAN side. By default, this function is disabled. LAN Side ICMP Enable: ICMP packets on the LAN side can be sent to the EGW1520. Disable: ICMP packets on the LAN side cannot be sent to the EGW1520. By default, this function is enabled.

----End Configuring the DHCP Server After you configure the EGW1520 as the DHCP server, terminals such as PCs and IP phones that connect to the EGW1520 obtain the IP address information through the EGW1520. Step 1 Click Advanced on the LAN Setup page. The page shown in Figure 7-181 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 260 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Figure 7-181 Configuring the DHCP server (1) Step 2 Set parameters according to Table 7-48. Table 7-48 Parameter description Parameter Description Start IP Address End IP Address Leased Time (hour) Indicates the start IP address in the address pool. It must be on the same network segment as the LAN gateway. The default value is recommended. Indicates the end IP address in the address pool. It must be on the same network segment as the LAN gateway. The default value is recommended. Indicates the IP address lease interval. If the lease expires and the DHCP client does not renew the lease, the DHCP server releases the IP addresses that are granted to the DHCP client for other clients. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 261 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Step 3 (Optional) Allocate IP addresses by binding them with MAC addresses statically. After configuration, the DHCP server finds the IP address based on the bound MAC address and allocates the IP address to the corresponding DHCP client. This mode is applicable to clients that require a fixed IP address such as the FTP server. 1. Click

. The page shown in Figure 7-182 is displayed. Figure 7-182 Configuring the DHCP server (2) 2. Enter the MAC address of the DHCP client and the IP address that you want to bind with the MAC address. 3. Click to save the settings. To obtain the MAC address of a PC, choose Start > Run, type cmd, and press Enter. On the command-line interface (CLI) that is displayed, run the ipconfig /all command. The value of Physical Address corresponding to the 192.168.x.y indicates the MAC address. To obtain the MAC address of other network devices such as IP phones, see the related document. Step 4 Click to save the settings.

----End Configuring the DHCP Relay If the DHCP server has been deployed but it is on a different network segment from terminals

(such as PCs and IP phones), configure the EGW1520 as the DHCP relay. After configuration, the EGW1520 forwards terminals' DHCP requests to the DHCP server. The DHCP server sends the IP address allocation information to the EGW1520, and the EGW1520 forwards the information to terminals. The DHCP client enables terminals that connect to the EGW1520 and DHCP clients on other networks to use the same DHCP server. This reduces costs and simplifies management. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 262 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation The DHCP relay conflicts with the NAT function. Before configuring the EGW1520 as the DHCP relay, you must disable the NAT function. When configuring the EGW1520 as the DHCP relay, ensure that a reachable route exists between the EGW1520 and DHCP server. Step 1 Click Enable DHCP Server Relay, as shown in Figure 7-183. Figure 7-183 Configuring the DHCP relay Step 2 Enter the IP address of the DHCP server. Step 3 Click to save the settings.

----End LAN Setting Example (EGW1520 as DHCP Server) Network Requirements PCs use the LAN switch to connect to the LAN port on the EGW1520, while the IP phone and FTP server connect to the LAN port on the EGW1520 directly. The EGW1520 functions as the DHCP server and automatically allocates IP addresses for the PCs, IP phone, and FTP server. After configuration, the FTP server obtains a fixed IP address, while the IP phone and PCs obtain dynamic IP addresses through the EGW1520. Typical Network Figure 7-184 shows the typical network. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 263 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Figure 7-184 Typical network (1) Procedure Step 1 Configure that the FTP server, IP phone, and PCs obtain IP addresses automatically. For details, see the related user guide. Step 2 Configure the EGW1520 as the DHCP server. For details, see step 1 in Configuring the DHCP Server. Step 3 Query and record the MAC address of the FTP server. For details, see Obtain the MAC address. Step 4 Allocate the IP address that is bound to the MAC address to the FTP server. For details, see step 2 in Configuring the DHCP Server.

----End Verification Verify that the FTP server, PCs, and IP phone have obtained IP addresses and that IP address that the FTP server obtains is bound to its MAC address. LAN Setting Example (EGW1520 as DHCP Relay) Network Requirements Issue 01 (2012-05-15) Huawei Proprietary and Confidential 264 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation The DHCP server (IP address: 192.168.2.1) is deployed on the network. The LAN port on the EGW1520 connects to the DHCP server through a router. The PCs, IP phone, and FTP server directly connect to the LAN port on the EGW1520. The EGW1520 functions as the DHCP relay and allocates IP addresses for the PCs, IP phone, and FTP server. After configuration, the FTP server obtains a fixed IP address, while the IP phone and PCs obtain dynamic IP addresses through the EGW1520. Typical Network Figure 7-185 shows the typical network. Figure 7-185 Typical network (2) Procedure Step 1 Configure that the FTP server, IP phone, and PCs obtain IP addresses automatically. For details, see the related user guide. Step 2 Configure the EGW1520 as the DHCP relay, and set the IP address of the DHCP server to 192.168.2.1. For details, see Configuring the DHCP Relay. Step 3 Add a static route on the EGW1520, and set the destination network segment to 192.168.2.0/24. For details, see 7.5.5 Static Route. Step 4 Set the gateway IP address to 192.168.2.2/24 on the DHCP server. For details, see the DHCP server user guide. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 265 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Step 5 Add an address pool whose start IP address is 192.168.1.0 and end IP address is 192.168.1.24 for the DHCP server, and allocate the IP address that is bound to the MAC address to the FTP server. For details, see the DHCP server user guide.

----End Verification Verify that the FTP server, PCs, and IP phone have obtained IP addresses in the network segment 192.168.1.0/24, and that IP address that the FTP server obtains is bound to its MAC address. 7.5.2 DHCP Dynamic Host Configuration Protocol (DHCP) is a protocol for dynamically managing and configuring users in a centralized manner. It uses the Client/Server structure. A DHCP client sends the DHCP server a request to apply for parameter settings, including the IP address, subnet mask, and default gateway. Then the DHCP server sends the parameter settings to the DHCP client. The EGW1520 can function as a DHCP server or a DHCP relay to allocate IP addresses to PCs, IP phones, and Wi-Fi terminals that are connected to the EGW1520. The EGW1520 can also function as a DHCP client. Description Principle This topic describes the principle, implementation, specification, and limitation of the DHCP. Network scales and complexity grow fast, and therefore the network configurations become increasingly complicated. For example, the locations of hosts such as portable computers and wireless terminals frequently change, and the number of hosts often exceeds the number of available IP addresses. The DHCP was developed to solve these problems. The DHCP uses the Client/Server structure. A DHCP client sends the DHCP server a request to apply for parameter settings. Then the DHCP server sends the parameter settings such as the IP address information to the DHCP client. This achieves dynamic IP address allocation. Implementation DHCP client The EGW1520 can function as a DHCP client and dynamically obtain IP addresses and configuration data from the DHCP server, as shown in Figure 7-186. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 266 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Figure 7-186 DHCP client 7 Feature Description and Implementation DHCP server The EGW1520 can also function as a DHCP server, allocating IP addresses to DHCP clients dynamically or statically. A DHCP client requests an IP address and applies for a lease period for this IP address. During the release period, the DHCP server will not allocate the IP address to another client unless the DHCP client releases the IP address before lease expiration. When the first half of the lease period passes, the DHCP client sends a lease renewal request to the DHCP server. After a negotiation, the DHCP client continues to use this IP address in a new lease period until half of this lease period passes or client releases the IP address, as shown in Figure 7-187. Figure 7-187 DHCP server The DHCP server allocates IP addresses to DHCP clients in the following order of priority:

1. 2. IP addresses in the DHCP server's database that are statically bound to DHCP clients'

MAC addresses IP addresses allocated to DHCP clients before, namely, IP addresses specified in the Requested IP Addr Option field in the DHCP_Discover packet sent by DHCP clients 3. Allocatable IP addresses in the DHCP address pool If the DHCP address pool has no available IP address, the DHCP server searches timeout and conflicting IP addresses in sequence for an unused IP address, and then allocates the IP address to the DHCP client. If all the IP addresses are used, an error is reported. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 267 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation DHCP relay 7 Feature Description and Implementation The initial DHCP protocol applies to scenarios where DHCP clients and their DHCP server are on the same network segment. Therefore, to implement dynamic host configuration, you must configure a DHCP server on each network segment, which requires high investment. To solve this problem, you can use the DHCP relay function to connect DHCP clients on different network segments to the only DHCP server. DHCP packets on different network segments are sent to the same target DHCP server or client. By doing so, DHCP clients can use the same DHCP server, which is cost-effective and convenient for centralized management. Figure 7-188 shows a DHCP relay. Figure 7-188 DHCP relay The DHCP relay works as follows:

1. After being initialized, the DHCP client broadcasts configuration request packets on the local network. 2. 3. If a DHCP server exists on the local network, the DHCP client communicates with the DHCP server without the DHCP relay. If there is no DHCP server on the local network, a local device enabled with the DHCP relay function processes the broadcast packets, and then forwards the packets to the specified DHCP server on another network. 4. The DHCP server sets parameters in the packets and sends the configuration to the DHCP client through the DHCP relay. Specification As a DHCP server, the EGW1520 can configure an IP address pool. The default IP address ranges from 192.168.1.2 to 192.168.1.254. As a DHCP relay, the EGW1520 complies with RFC 3361. As a DHCP client, the EGW1520 supports Option42/43/60/61/66/67/120/125/150. Limitation N/A Configuration This topic describes how to configure the EGW1520 as a DHCP Server, DHCP client, or DHCP Relay. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 268 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Prerequisites 7 Feature Description and Implementation You have logged in to the web management system. For details, see 7.7.1 Web Management. Configuring the DHCP Client The EGW1520 uses an ADSL or a WAN port to connect to the IP network. You can configure the EGW1520 as a DHCP client. After configuration, the EGW1520 obtains configurations such as the IP address information from the DHCP server. For details, see DHCP(ADSL) and DHCP(WAN). Configuring the DHCP Server After you configure the EGW1520 as the DHCP server, terminals such as PCs and IP phones that connect to the EGW1520 obtain the IP address information through the EGW1520. Step 1 Click Advanced on the LAN Setup page. The page shown in Figure 7-189 is displayed. Figure 7-189 Configuring the DHCP server (1) Issue 01 (2012-05-15) Huawei Proprietary and Confidential 269 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Step 2 Set parameters according to Table 7-49. Table 7-49 Parameter description Parameter Description 7 Feature Description and Implementation Start IP Address End IP Address Leased Time (hour) Indicates the start IP address in the address pool. It must be on the same network segment as the LAN gateway. The default value is recommended. Indicates the end IP address in the address pool. It must be on the same network segment as the LAN gateway. The default value is recommended. Indicates the IP address lease interval. If the lease expires and the DHCP client does not renew the lease, the DHCP server releases the IP addresses that are granted to the DHCP client for other clients. Step 3 (Optional) Allocate IP addresses by binding them with MAC addresses statically. After configuration, the DHCP server finds the IP address based on the bound MAC address and allocates the IP address to the corresponding DHCP client. This mode is applicable to clients that require a fixed IP address such as the FTP server. 1. Click

. The page shown in Figure 7-190 is displayed. Figure 7-190 Configuring the DHCP server (2) 2. Enter the MAC address of the DHCP client and the IP address that you want to bind with the MAC address. 3. Click to save the settings. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 270 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation To obtain the MAC address of a PC, choose Start > Run, type cmd, and press Enter. On the command-line interface (CLI) that is displayed, run the ipconfig /all command. The value of Physical Address corresponding to the 192.168.x.y indicates the MAC address. To obtain the MAC address of other network devices such as IP phones, see the related document. Step 4 Click to save the settings.

----End Configuring the DHCP Relay If the DHCP server has been deployed but it is on a different network segment from terminals

(such as PCs and IP phones), configure the EGW1520 as the DHCP relay. After configuration, the EGW1520 forwards terminals' DHCP requests to the DHCP server. The DHCP server sends the IP address allocation information to the EGW1520, and the EGW1520 forwards the information to terminals. The DHCP client enables terminals that connect to the EGW1520 and DHCP clients on other networks to use the same DHCP server. This reduces costs and simplifies management. The DHCP relay conflicts with the NAT function. Before configuring the EGW1520 as the DHCP relay, you must disable the NAT function. When configuring the EGW1520 as the DHCP relay, ensure that a reachable route exists between the EGW1520 and DHCP server. Step 1 Click Enable DHCP Server Relay, as shown in Figure 7-191. Figure 7-191 Configuring the DHCP relay Step 2 Enter the IP address of the DHCP server. Step 3 Click to save the settings.

----End LAN Setting Example (EGW1520 as DHCP Server) Network Requirements PCs use the LAN switch to connect to the LAN port on the EGW1520, while the IP phone and FTP server connect to the LAN port on the EGW1520 directly. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 271 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation The EGW1520 functions as the DHCP server and automatically allocates IP addresses for the PCs, IP phone, and FTP server. After configuration, the FTP server obtains a fixed IP address, while the IP phone and PCs obtain dynamic IP addresses through the EGW1520. Typical Network Figure 7-192 shows the typical network. Figure 7-192 Typical network (1) Procedure Step 1 Configure that the FTP server, IP phone, and PCs obtain IP addresses automatically. For details, see the related user guide. Step 2 Configure the EGW1520 as the DHCP server. For details, see step 1 in Configuring the DHCP Server. Step 3 Query and record the MAC address of the FTP server. For details, see Obtain the MAC address. Step 4 Allocate the IP address that is bound to the MAC address to the FTP server. For details, see step 2 in Configuring the DHCP Server.

----End Issue 01 (2012-05-15) Huawei Proprietary and Confidential 272 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation LAN Setting Example (EGW1520 as DHCP Relay) Network Requirements The DHCP server (IP address: 192.168.2.1) is deployed on the network. The LAN port on the EGW1520 connects to the DHCP server through a router. The PCs, IP phone, and FTP server directly connect to the LAN port on the EGW1520. The EGW1520 functions as the DHCP relay and allocates IP addresses for the PCs, IP phone, and FTP server. After configuration, the FTP server obtains a fixed IP address, while the IP phone and PCs obtain dynamic IP addresses through the EGW1520. Typical Network Figure 7-193 shows the typical network. Figure 7-193 Typical network (2) Procedure Step 1 Configure that the FTP server, IP phone, and PCs obtain IP addresses automatically. For details, see the related user guide. Step 2 Configure the EGW1520 as the DHCP relay, and set the IP address of the DHCP server to 192.168.2.1. For details, see Configuring the DHCP Relay. Step 3 Add a static route on the EGW1520, and set the destination network segment to 192.168.2.0/24. For details, see 7.5.5 Static Route. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 273 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Step 4 Set the gateway IP address to 192.168.2.2/24 on the DHCP server. For details, see the DHCP server user guide. Step 5 Add an address pool whose start IP address is 192.168.1.0 and end IP address is 192.168.1.24 for the DHCP server, and allocate the IP address that is bound to the MAC address to the FTP server. For details, see the DHCP server user guide.

----End 7.5.3 WLAN The EGW1520 can connect to the wireless network to provide Wi-Fi services. This provides small enterprises with a network solution integrating wired and wireless technologies. This topic describes the principle, implementation, specification, and limitation of the EGW1520 WLAN. Description Principle A WLAN is a LAN using wireless channels. It is an important supplement to wired network access. WLAN is widely used in areas requiring mobile data processing or ease of installation. As an interoperability standard of WLAN, Wireless Fidelity (Wi-Fi) works in short-distance wireless areas such as offices and homes. The EGW1520 complies with IEEE802.11b/g/n. Implementation The EGW1520 functions as an Access Point (AP) to provide WLAN services. It encapsulates data into packets and sends the packets to the carrier network through an IP network. Wi-Fi terminals are connected to the EGW1520 in wireless mode. The EGW1520 connects these Wi-Fi terminals to the Internet by providing WLAN services, as shown in Figure 7-194. Figure 7-194 WLAN network diagram A Wi-Fi terminal connects to an EGW1520 in three phases: Scan, Authentication, and Association, as shown in Figure 7-195. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 274 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Figure 7-195 Connection phases 7 Feature Description and Implementation The phases are as follows:

1. Scan The Wi-Fi terminal uses a wireless network adapter that complies with IEEE802.11 b/g/n to scan available EGW1520s. The following scan modes are provided:

Active scan The Wi-Fi terminal sends Probe Request frames in all channels to search for an AP that has the same service set identifier (SSID). The Wi-Fi terminal does not stop sending Probe Request frames until a required AP is found. When receiving a Probe Request frame, the AP sends a Probe Response frame to the Wi-Fi terminal. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 275 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Passive scan 7 Feature Description and Implementation The Wi-Fi terminal passively receives Beacon frames (with a broadcast or hidden SSID) that are sent by APs periodically. When the Wi-Fi terminal finds an AP with the same SSID, authentication starts. Specification When finding multiple APs, the Wi-Fi terminal connects to the AP whose signals are the strongest. 2. Authentication The Wi-Fi terminal sends an authentication message to the AP. The AP authenticates the Wi-Fi terminal based on the message that is received. If the authentication is successful, the AP sends the success notification to the Wi-Fi terminal. 3. Association After receiving the authentication success response, the Wi-Fi terminal sends an association request to the AP. The AP processes the request, sets up a connection, and sends a response to the Wi-Fi terminal. After the association, the Wi-Fi terminal can use the AP to send data frames to the network. IEEE802.11b, IEEE802.11g, and IEEE802.11n are supported. IEEE802.11b, with the maximum transmission rate of 11 Mbit/s and frequency of 2.4 GHz IEEE802.11g, with the maximum transmission rate of 54 Mbit/s and frequency of 2.4 GHz (compatible with IEEE802.11b) IEEE802.11n, with the maximum transmission rate of 300 Mbit/s and Multi-Input Multi-Output (MIMO) supported A maximum of 16 WiFi terminals can be connected. Four service set identifiers (SSIDs) are supported and SSID broadcast and hiding are supported. The default value of the primary SSID is eSpace EGW_XXXX. Three subordinate SSIDs are eSpace EGW_XXXX_S1, eSpace EGW_XXXX_S2, and eSpace EGW_XXXX_S3. XXXX is the last four bits in the WLAN MAC address. A maximum of 16 MAC addresses can be filtered. Wi-Fi authentication standards:

64 bit or 128 bit Wired Equivalent Privacy (WEP) WPA-PSK, WPA2-PSK, and Combination of WPA-PSK and WPA2-PSK Maximum transmit power:

802.11b/g/n (SISO): 162 dBm 802.11n (MIMO): 182 dBm Wi-Fi Protected Setup (WPS) Issue 01 (2012-05-15) Huawei Proprietary and Confidential 276 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Limitation Wi-Fi bridging is not supported. 7 Feature Description and Implementation Configuring the WLAN Function for the EGW1520 The EGW1520 uses WLAN to connect WLAN terminals, such as PCs and mobile phones. If the EGW1520 connects to the upstream network, it functions as an access point (AP), which allows terminals to access the Internet. Prerequisite Context You have logged in to the web management system. For details, see 7.7.1 Web Management. The following describes how to enable and configure the WLAN function. For terminal configuration, see the user guide of each WLAN terminal. Enable the WLAN Function Step 1 On the web management system, choose Network > WLAN from the navigation tree. The page shown in Figure 7-196 is displayed. Figure 7-196 Enabling the WLAN function Step 2 Set parameters according to Table 7-50. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 277 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Table 7-50 Parameter description Parameter Description WLAN Enables or disables the WLAN function. The options are as follows:

Enable Disable By default, the WLAN function is enabled. Hide Access Point Hides the access point EGW1520. When connecting a Wi-Fi terminal to an AP, enter the service set identifier (SSID) of the AP. Isolate Clients Isolates Wi-Fi terminals connected to the EGW1520 to disable the data communication among terminals. Disable WMM (Wi-Fi MultiMedia) Disables the Wi-Fi Multimedia (WMM) advertising function. Packets of this service are marked priorities. In response to these markings, routers and switches use various queuing strategies to tailor performance to requirements. Enable Wireless Multicast Forwarding

(WMF) SSID BSSID Country Max Clients Enables the WMF function. Indicates the ID of the EGW1520, which is displayed on the terminal when searching for an AP. The default value is eSpace EGW_****, where **** indicates the last four digits in the MAC address of the Wi-Fi AP. The value can be defined by users. NOTE EGW1520 supports four SSIDs to divide subnets. Indicates the MAC address of the AP. Indicates the country name. The Wi-Fi frequency band is determined by the WLAN frequency band of the country. Indicates the maximum number of WLAN terminals(16) accessing to the EGW1520. Step 3 Click to save the settings.

----End Configure the WLAN Security The WLAN security configuration prevents unauthorized users from accessing or listening on your wireless network. Step 1 On the web management system, choose Network > WLAN from the navigation tree. Step 2 Click the Security tab. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 278 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation The page shown in Figure 7-197 is displayed. Figure 7-197 Configuring the WLAN security Step 3 Set parameters according to Table 7-51. Table 7-51 Parameter description Parameter Description Select SSID NetWork Authentication Indicates the SSID. The default value is eSpace EGW_****

where **** indicates the last four digits in the MAC address. Authenticates the network. Open: All Wi-Fi terminals can access the WLAN network. Shared: A shared key is used to authenticate the network access. 802.1X: a protocol for port-based network access control. Clients connected to the port can have access to the network only after being authenticated. WPA: a new technology that inherits the features and overcomes the shortcomings of WEP. It enhances the algorithm for generating keys. In WPA, keys are frequently changed to achieve higher security. WPA-PSK: Simplified WPA mode is used to authenticate the network access. The EGW1520 uses WPA to pre-share a key for encrypting all communications. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 279 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Parameter Description 7 Feature Description and Implementation WPA2: latest WPA version, which provides CCMP, a standard encryption protocol, for access to wireless LANs. CCMP is more secure than the WEP protocol and TKIP protocol of WPA. WPA2-PSK: Simplified WPA2 mode is used to authenticate the network access. The EGW1520 uses WPA2 to pre-share a key for encrypting all communications. Mixed WPA2/WPA: The WPA2 and WPA are used together to authenticate network access. Mixed WPA2/WPA-PSK: The WPA2-PSK and WPA-PSK are combined to authenticate the network access. The default value is Mixed WPA2/WPA-PSK. Parameters relating to the preceding authentication modes are described on web pages. Step 4 Enable the Wi-Fi Protect Setup (WPS) function according to Table 7-52. The WPS quickly sets up an encrypted connection between a wireless terminal and the EGW1520. You do not need to set an encryption mode or a key for the WPS function. Instead, enter the correct PIN code and use the Push-Button to access the wireless network. By default, the WPS function is disabled. The WPS works only when the wireless terminal has a proper network adapter. For details, see the network adapter description. Table 7-52 Parameter description Parameter Description WPS Enables or disables the WPS function. The options are as follows:

Enable Disable By default, the WPS function is disabled. After enabling or disabling the WPS function, click setting. to save the Push-Button Use the Push-Button to connect to the network. The procedure is as follows:

Select Push-Button, and click or press the Wi-Fi button on the EGW1520 for six seconds or longer. Press the WPS button on the network adapter of the wireless terminal within two minutes. STA PIN Enter the STA PIN code to connect to the network. If you want Issue 01 (2012-05-15) Huawei Proprietary and Confidential 280 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Parameter Description to use this mode, you must know the STA PIN code of the wireless network. The procedure is as follows:

Select STA PIN and enter the STA PIN code of the wireless terminal in the right text box. Click

. Set Authorized Station MAC: Used to authenticate the Wi-Fi client. AP PIN Enter the PIN code to connect to the network. The procedure is as follows:

Select PIN and click

. Enter the PIN code of the EGW1520 (AP) on the wireless terminal.

----End Configuring the WLAN MAC Address Filter The WLAN MAC address filter prevents users accessing the wireless network with unauthorized MAC addresses. Step 1 On the web management system, choose Network > WLAN from the navigation tree. Step 2 Click the MAC Filter tab. The page shown in Figure 7-198 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 281 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Figure 7-198 Configuring the WLAN MAC address filter (1) Step 3 Set parameters according to Table 7-53. Table 7-53 Parameter description Parameter MAC Filter Policy Description Enables or disables the MAC address filter function. The options are as follows:

Enable: Enable MAC address filtering. Disable: Disable MAC address filtering. Include: WLAN terminals in the MAC address list can access the WLAN. Exclude: WLAN terminals in the MAC address list cannot access the WLAN. Step 4 Click to save the settings. Step 5 Click

. The page shown in Figure 7-199 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 282 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Figure 7-199 Configuring the WLAN MAC address filter (2) Step 6 Enter the MAC address of the WLAN terminal that needs to be filtered and click

.

----End Checking the Status of the WLAN Terminals Connected to the EGW1520 Step 1 On the web management system, choose Network > WLAN from the navigation tree. Step 2 Click the Station Info tab. The page shown in Figure 7-200 is displayed. Figure 7-200 Checking the WLAN terminal status

----End Connecting a PC to the EGW1520 Wirelessly This topic describes how to use a WLAN card to connect a PC that runs the Windows XP to the EGW1520. Prerequisites The WLAN function has been enabled and configured on the EGW1520. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 283 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation The EGW1520 has been connected to the upstream network so that the computer can access the Internet through the EGW1520. For details, see 7.2 Connection Modes. A WLAN card has been installed on the PC. Procedure Step 1 Right-click My Network Places and choose Properties. The page shown in Figure 7-201 is displayed. Figure 7-201 Configuring the wireless connection (1) Step 2 Double-click

. The page shown in Figure 7-202 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 284 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Figure 7-202 Configuring the wireless connection (2) If no available wireless network (for example, eSpace EGW_1613 in Figure 7-202) is listed, click Refresh network list. Step 3 Select eSpace EGW_1613 and click

. The page shown in Figure 7-203 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 285 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Figure 7-203 Configuring the wireless connection (3) Step 4 Enter a key that is the same as that on the EGW1520, and click

. The page shown in Figure 7-204 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 286 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Figure 7-204 Configuring the wireless connection (4) Information Connected indicates that the PC is connected to the EGW1520. The page shown in Figure 7-205 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 287 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Figure 7-205 Configuring the wireless connection (5) 7 Feature Description and Implementation

----End Verification Start the Microsoft Internet Explorer, and enter IP address of the EGW1520. The default value is 192.168.1.1. If the EGW1520 login page is displayed, the wireless connection is successful. If the page is not displayed, verify that all prerequisites are met. For details, see Prerequisite. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 288 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Advanced Configurations 7 Feature Description and Implementation This topic describes the advanced WLAN configurations. Only network administrators can change the advanced parameter settings. To ensure the normal running of the EGW1520, you are advised to use the default settings. Prerequisite Procedure You have logged in to the web management system. For details, see 7.7.1 Web Management. Step 1 On the web management system, choose Network > WLAN from the navigation tree. Step 2 Click the Advanced tab. The page shown in Figure 7-206 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 289 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Figure 7-206 Advanced WLAN configurations Issue 01 (2012-05-15) Huawei Proprietary and Confidential 290 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Step 3 Set parameters according to Table 7-54. Table 7-54 Advanced WLAN parameters Parameter Description Current Channel Indicates the channel that is being used. Channel Value Auto indicates that the system automatically selects the best channel from all channels for use. CAUTION If multiple EGW1520sare deployed, set channels of neighboring EGW1520s to different values. For example, set the channel of the first EGW1520to 1, and the channel of the neighboring EGW1520 to 6 or 11. Auto Channel Timer

(min) Any non-zero values indicate that the system reselects a channel when the timer times out. 802.11n/EWC Indicates whether the EGW1520 supports 802.11n. Value Auto indicates that support for 802.11n varies according to network environment. Current Bandwidth Displays the current bandwidth. Bandwidth Sets the frequency bandwidth. Current Control Sideband Indicates the current sideband control mode. Control Sideband Indicates the sideband control mode. 802.11n Rate Indicates the Wi-Fi rate. Value Auto indicates that the system automatically selects an optimal rate. 802.11n Protection Indicates the 802.11n protection mechanism. Support 802.11n Client Only RIFS Advertisement OBSS Co-Existence Only clients that comply with 802.11n are supported. Provides a shorter delay between OFDM transmissions than in 802.11g. Both 20 MHz and 40 MHz overlapping Basic Service Set

(OBSS) are supported on the WLAN network. When a user sets 40 MHz BSS on the network supporting 20 MHz BSS, the bandwidth automatically decreases from 40 MHz to 20 MHz. RX Chain Power Save Power is saved in the receiving channel. RX Chain Power Save Quiet Time Indicates the quiet time of the power saving in the receiving channel. RX Chain Power Save PPS Indicates the maximum number of packets per second that can be processed by the WLAN port for a duration specified by Quiet Time. Radio Power Save Power is saved in the sending channel. Radio Power Save Quiet Time Indicates the quiet time of the power saving in the sending channel. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 291 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Parameter Description Radio Power Save PPS Indicates the maximum number of packets per second that can be processed by the WLAN port for a duration specified by Quiet Time. Radio Power Save On Time Indicates the time when the power saving takes effect in the sending channel. 54g Rate Indicates the 54g rate. Multicast Rate Basic Rate Fragmentation Threshold Indicates the multi-antenna transmission rate. Value Auto indicates that the system automatically selects an optimal rate. Value All indicates that the EGW1520 automatically selects 1 Mbit/s or 2 Mbit/s based on the network environment. Indicates the threshold for triggering the fragmentation. RTS Threshold Indicates the threshold for triggering the transmission. DTIM Interval Indicates the multi-point transmission interval. Beacon Interval Indicates the interval between two consecutive beacons. Global Max Clients Indicates the maximum number of clients supported by the EGW1520. XPress Technology Indicates the wireless multimedia extension technology. Transmit Power Indicates the transmission power. WMM (WiFi Multimedia) WMM No Acknowledgment Indicates the Wi-Fi multi-media (WMM) application. Value Auto indicates that the system automatically selects a Wi-Fi network based on the network environment. Indicates the WMM mode without the Ack message. WMM APSD Indicates WMM Automatic Power Shutdown (APSD). Step 4 Click to save the settings.

----End 7.5.4 DNS The Domain Name System (DNS) is a hierarchical naming system built on a distributed database. It translates human-friendly domain names into IP addresses and is applicable to TCP/IP programs. The EGW1520 can function as a DNS client to resolve domain names on the DNS server. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 292 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Configuration 7 Feature Description and Implementation To configure the DNS server without changing the ADSL or WAN configuration, perform the following steps:

Prerequisites You have logged in to the web management system. For details, see 7.7.1 Web Management. Procedure Step 1 On the web management system, choose Network > DNS from the navigation tree. The page shown in Figure 7-207 is displayed. Figure 7-207 Configuring a DNS server Step 2 Configure a DNS server. The system provides the following configuration methods:

Method 1: Obtain the IP address of the DNS server through the interface that connects to the DNS server. Method 2: Set the IP address of the DNS server manually. The IP address of the DNS server is provided by the network carrier. Method 2 is applicable when you know the IP address of the DNS server. Step 3 Click to save the settings.

----End Issue 01 (2012-05-15) Huawei Proprietary and Confidential 293 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7.5.5 Static Route 7 Feature Description and Implementation This topic describes how to configure the static route in a simple network. Compared with the dynamic route, the static route uses less network resources, saves bandwidth, and is easy to configure. The static route can improve the network performance and ensure the bandwidth for important applications. When the network is unavailable or the topology is changed, the management personnel must change the static route manually. Configuration Prerequisites You have logged in to the web management system. For details, see 7.7.1 Web Management. Procedure Step 1 On the web management system, choose Network > Routing from the navigation tree. The page shown in Figure 7-208 is displayed. Figure 7-208 Configuring the static route (1) Step 2 Click to add a static route. The page shown in Figure 7-209 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 294 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Figure 7-209 Configuring the static route (2) Step 3 Set parameters according to Table 7-55. Table 7-55 Parameter description Parameter Description Destination IP address[/prefix length]

Interface Indicates the destination IP address and subnet mask length of the static route, for example, 192.168.2.0/24. Indicates the outbound port of the static route through which packets are sent to the destination network segment. The options are as follows:

br0/br0: ports on the LAN side (LAN ports 14 and Wi-Fi port). pppoe_0_0_35/ppp1: ADSL port. Gateway IP address Indicates the next hop IP address for the static route. Metric Indicates the route metric, which must be an integer. If there are multiple routes to a destination IP address, the route with the smaller route metric has the higher priority. This parameter is optional. Step 4 Click to save the settings. Figure 7-210 shows the configuration result. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 295 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Figure 7-210 Configuration result

----End 7.5.6 VPN EGW1520 can connect a branch network to the headquarters network using a VPN tunnel. This topic describes the principle, implementation, specification, and limitation of the VPN features supported by the EGW1520. Description Principle Virtual Private Network (VPN) is a virtual network established based on the existing public network. As a private network, a VPN exclusively occupies network resources. Additionally, internal data in a VPN cannot be accessed by external devices. Figure 7-211 shows the typical VPN networking. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 296 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Figure 7-211 VPN networking A VPN has the following advantages:

It ensures data transmission security between the headquarters and remote users, remote branches, partners, and suppliers. The VPN reduces communication costs for enterprises because it is set up based on the public network. VPN users can be added and deleted by software configuration, without modifying hardware. Remote users can access the VPN any time and anywhere. Implementation EGW1520 uses the IP Security (IPSec) protocol to set up site-to-site (gateway to gateway) VPN tunnels between small branches and headquarters. EGW1520 can set up VPN tunnels using the following methods. Method Usage Scenario Remarks The initiator and responder use fixed public IP address to set up VPN tunnels. Both ends can specify the peer public IP address to initiate negotiation. The initiator and responder are not fixed. The two ends can only use tunnels to match traffic based on traffic characteristics. Only large enterprises can apply fixed IP addresses for branches. EGW1520 is located on small branches, so it does not need to apply fixed IP addresses. Therefore, this scenario is rarely used. The initiator uses a dynamic public IP address, and the responder uses a The initiator EGW1520 accesses the Internet using a dynamic method, for example, PPPoE. The initiator's IP address The initiator's IP address is not fixed, so VPN streams (the streams to be protected by IPSec) must be configured on Issue 01 (2012-05-15) Huawei Proprietary and Confidential 297 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Method Usage Scenario Remarks fixed public IP address. The initiator uses the 3G mode, and the responder uses a fixed public IP address. The initiator uses domain names to set up VPN tunnels with the responder. changes every time it performs PPPoE dial-up. Therefore, the responder cannot specify the initiator's IP address. The responder does not need to specify the initiator's IP address, but the initiator must specify the responder's IP address;

otherwise, negotiation will fail. The two ends can only use tunnels to match traffic based on traffic characteristics. When EGW1520 uses a 3G data card to dial up, it obtains a private IP address. The EGW1520 is the initiator and obtains IP addresses dynamically. Therefore, this scenario is similar to scenario 2. The initiator must know the domain name of the responder. The initiator uses domain names to set up VPN tunnels with the responder. the initiator. The responder does not need to be configured with VPN streams because it can accept the VPN streams sent by the initiator during negotiation. Because the EGW1520 obtains a private IP address, IKE negotiation must use the aggressive mode and NAT traversal must be enabled. The responder uses a dynamic IP address and supports domain names. Specification Limitation EGW1520 can connect to the headquarters using IPSec VPN tunnels. EGW1520 uses IPSec to set up site-to-site tunnels with the headquarters. As the initiator of VPN tunnels, EGW1520 uses the peer IP address or fully qualified domain name

(FQDN) as the ID for IKE negotiation. A maximum of 6 IPSec VPN tunnels are supported. The throughput of the IPSec VPN tunnel is not lower than 2 Mbit/s. A maximum of 32 concurrent connections are supported in an IPSec VPN. Configuration This topic describes how to set up VPN tunnels between branches and the headquarters. Prerequisites You have logged in to the web management system. For details, see 7.7.1 Web Management. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 298 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Procedure 7 Feature Description and Implementation If the authentication method is Certificate, configure the certificate according to 7.5.7 Certificate. Step 1 On the web management system, choose Network > VPN from the navigation tree. The page shown in Figure 7-212 is displayed. Figure 7-212 Configuring the VPN (1) Step 2 Click

. The page shown in Figure 7-213 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 299 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Figure 7-213 Configuring the VPN (2) Step 3 Set parameters according to Table 7-56. Both ends must use the same IPSec policies, including authentication methods, encryption methods, and negotiation modes. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 300 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Table 7-56 VPN parameters Parameter Description IPSec Connection Name Indicates the name of an IPSec tunnel, which is similar to a VPN ID. It is unique and can be customized. The value consists of numerals, letters, and underlines, and cannot start with a space, numeral, or underline. Tunnel Mode Indicates the security protocol used to create a tunnel. AH: implements data origin authentication, data integrity check, and packet anti-replay. It prevents data modification, but does not encrypt data. AH applies to non-confidential data transmission. ESP: implements data encryption, data origin authentication, and packet anti-replay. ESP applies to confidential data transmission. AH-ESP: AH and ESP are used together to protect data. Remote IPSec Gateway Type Remote IPSec Gateway Address

(IPv4 address in dotted decimal):

Remote IPSec Gateway Name Tunnel access from local IP addresses Indicates the remote gateway type:

IP Name Indicates the peer gateway IP address. Indicates the remote gateway domain name. Indicates the filtering mode used by the local end to set up a VPN tunnel:

Subnet: network segment where data needs to be transmitted over the VPN tunnel. Single Address: IP address of a terminal, such as PC. IP Address for VPN Indicates the network segment that the local device belongs to or fixed IP address of a terminal device. IP Subnetmask Indicates the subnet mask on the local end. Tunnel access from remote IP addresses Indicates the filtering mode used by the remote end to set up the VPN tunnel:

Subnet: network segment where data needs to be transmitted over the VPN tunnel. Single Address: IP address of a terminal, such as PC. IP Address for VPN Indicates the network segment that the remote device belongs to or fixed IP address of a terminal device. IP Subnetmask Indicates the subnet mask on the remote end. Local ID Type Indicates the authentication type on the local end:

IP Address: The IP address is used for IKE negotiation. Name: The domain name is used for IKE negotiation, which can be customized. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 301 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Parameter Description NOTE If the name is used as gateway ID, the Mode field in Advanced IKE Settings must be set to Aggressive. Remote ID Type Indicates the authentication type on the remote end:

IP Address: The IP address is used for IKE negotiation. Name: The domain name is used for IKE negotiation. NOTE The domain names on the local end and remote end must be the same. If the name is used as gateway ID, the Mode field in Advanced IKE Settings must be set to Aggressive. Indicates the method of setting up secure communication:

Manual: The configuration is complex. All SA information must be manually configured. The IPSec function is implemented independent of IKE. This mode is applicable when there are a few communicating devices on networks or the network size is small. Auto (IKE): The configuration is simple. You only need to configure an IKE policy. The SA is set up and maintained through IKE negotiation. The IKE mode is recommended. Indicates the authentication method:

Pre-Shared Key: Use pre-shared key to perform authentication. Certificate(X.509): Use certificate to perform authentication. Local certificate must be configured. For details, see 7.5.7 Certificate. NOTE The CA certificates on the two ends must be the same. Key Exchange Method Authentication Method Pre-Shared Key Indicates the pre-shared key value, which can be entered by a user. The pre-shared keys on the two ends must be the same. Perfect Forward Secrecy Diffie-Hellman (DH) algorithm is a public key algorithm. The two communicating parties do not transmit a key but exchange data to calculate a shared key. The DH algorithm enables communicating parties to securely obtain public information. Advanced IKE Settings Indicates advanced parameters of VPN tunnels. For details, see Web Parameters Reference. Step 4 Confirm the settings and click to save the settings.

----End Configuring VPN Streams VPN implements secure communication between the headquarters and branches. You can configure VPN streams so that branches can communicate through the VPN. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 302 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Step 1 On the web management system, choose Network > VPN from the navigation tree. Step 2 Click the VPN Stream tab. The page shown in Figure 7-214 is displayed. Figure 7-214 Configuring VPN streams (1) Step 3 Click

. The page shown in Figure 7-215 is displayed. Figure 7-215 Configuring VPN streams (2)

`

Step 4 Set parameters according to Table 7-57. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 303 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Table 7-57 VPN stream parameters Parameter Description VPN Stream Name Indicates the name of a VPN stream, which can be customized. The value consists of numerals, letters, and underlines, and cannot start with a space, numeral, or underline. IPSec Policy Indicates the IPSec policy applied to VPN streams. Tunnel access from local IP addresses Indicates the filtering mode used by the local end to set up a VPN tunnel:

Subnet: network segment where data needs to be transmitted over the VPN tunnel. Single Address: IP address of a terminal, such as PC. IP Address for VPN Indicates the fixed IP address in the local network segment or LAN. IP Subnet mask Indicates the subnet mask on the local end. Tunnel access from remote IP addresses Indicates the filtering mode used by the remote end to set up the VPN tunnel:

Subnet: network segment where data needs to be transmitted over the VPN tunnel. Single Address: IP address of a terminal, such as PC. IP Address for VPN Indicates the fixed IP address in the remote network segment or LAN. IP Subnetmask Indicates the subnet mask on the remote end. Step 5 Click to save the settings.

----End Typical Configuration Example Network Requirements EGW1520 communicates with the headquarters through a VPN tunnel. The LAN port address of the EGW1520 belongs to 192.168.20.0/24 and the gateway address on the WAN port is 2.17.1.24. The SVN server at the headquarters is located on 192.168.30.0/24, and the gateway address is 6.16.5.6. Typical Network Figure 7-216 shows the typical network. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 304 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Figure 7-216 Typical VPN network Table 7-58 lists the data plan. Table 7-58 Parameter settings Paramet er Example Local device Remote IPSec gateway type IP Remote IPSec gateway address Tunnel access from local IP addresses Headquarters gateway address: 6.16.5.6 Subnet Source address Network segment where the local device is located, for example, 192.168.20.0 Tunnel access from remote IP addresses Subnet Destination address Network segment where the remote device is located, for example, 192.168.30.0 Issue 01 (2012-05-15) Huawei Proprietary and Confidential 305 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Remote device Remote IPSec gateway type IP 7 Feature Description and Implementation Remote IPSec gateway address Tunnel access from local IP addresses Peer gateway IP address, for example, 2.17.1.24 Subnet Source address Network segment where the local device is located, for example, 192.168.30.0 Tunnel access from remote IP addresses Subnet Destination address Network segment where the remote device is located, for example, 192.168.20.0 Configure the local end:

Step 1 Choose VPN > IPSec Connect. Step 2 Set Remote IPSec Gateway Type to IP. Enter headquarters gateway address 6.16.5.6 in Remote IPSec Gateway Address (IPv4 address in dotted decimal). Step 3 Set Tunnel access from local IP addresses to Subnet and enter local end network segment 192.168.20.0 in IP Address for VPN. Step 4 Set Tunnel access from remote IP addresses to Subnet and enter remote end network segment 192.168.30.0 in IP Address for VPN. Step 5 Retain the default values for other parameters. Step 6 Click to save the settings.

----End Configure the remote end:

In this example, the remote end is also an EGW1520. Step 1 Set Remote IPSec Gateway Type to IP. Enter the remote gateway address 2.17.1.24 in Remote IPSec Gateway Address (IPv4 address in dotted decimal). Step 2 Set Tunnel access from local IP addresses to Subnet and enter remote end network segment 192.168.30.0 in IP Address for VPN. Step 3 Set Tunnel access from remote IP addresses to Subnet and enter EGW1520 network segment 192.168.20.0 in IP Address for VPN. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 306 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Step 4 Retain the default values for other parameters. Step 5 Click to save the settings.

----End Verifying the Configuration The PCs at the EGW1520 side can communicate with the PCs at the headquarters. Checking Monitoring Information VPN monitoring information includes the connection status and traffic characteristics of the VPN tunnel. Step 1 On the web management system, choose Network > VPN from the navigation tree. Step 2 Click the IPSec Info tab. The page shown in Figure 7-217 is displayed. Figure 7-217 Checking monitoring information Step 3 View the parameters by referring to Table 7-59. Table 7-59 VPN monitoring parameters Parameter Description Connection Name Indicates the name of an IPSec tunnel. Remote Addresses Indicates the gateway IP address or domain name of the remote device. Phase 1 Connection States Phase 2 Connection States Indicates the phase 1 connection status in advanced settings. Indicates the phase 2 connection status in advanced settings. The Latest Error Indicates the last connection error of the VPN tunnel. Type Indicates the source address/subnet mask and destination Issue 01 (2012-05-15) Huawei Proprietary and Confidential 307 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Parameter Description address/subnet mask. SPI Indicates the Security Parameter Index (SPI) value. An SPI is a 32-bit string uniquely identifying an SA. It is transmitted in AH or ESP headers. NOTE After SPIs are deleted, the packet statistics are not cleared. Out/Int Packets Indicates the total number of packets sent and received by the VPN tunnel. Out/In Bytes Indicates the total number of bytes sent and received by the VPN tunnel. The phase 1 and 2 connection status is displayed only when IKE negotiation mode is enabled.

----End 7.5.7 Certificate The EGW1520 can use certificates to authenticate the VPN tunnel. The local certificate is used to authenticate the VPN tunnel set up between the EGW1520 and remote device. The local certificate requires the CA certificate signature. Both the local certificate and CA certificate need to be configured. CA Certificate A CA certificate is issued by a certificate authority to authenticate the users attempting to access the virtual gateway. Prerequisites Procedure You have logged in to the web management system. For details, see 7.7.1 Web Management. Step 1 On the web management system, choose Network > Certificate from the navigation tree. Step 2 Click the CA certificate tab. The page shown in Figure 7-218 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 308 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Figure 7-218 Configuring CA certificate (1) Step 3 Click

. The page shown in Figure 7-219 is displayed. Figure 7-219 Configuring CA certificate (2) Issue 01 (2012-05-15) Huawei Proprietary and Confidential 309 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Step 4 Enter the certificate name (customized) and paste the CA certificate into the Certificate text box. The page shown in Figure 7-220 is displayed. Figure 7-220 Configuring CA certificate (3) Obtain a CA certificate from a certificate authority. Step 5 Click to save the settings. The page shown in Figure 7-221 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 310 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Figure 7-221 Configuring CA certificate (4)

----End Local Certificate Local certificate is used to authenticate VPN tunnels. It uses CA certificate to authenticate the users attempting to access the virtual gateway. You have logged in to the web management system. For details, see 7.7.1 Web Management. Prerequisites Procedure Step 1 On the web management system, choose Network > Certificate from the navigation tree. Step 2 Click the Local certificate tab. The page shown in Figure 7-222 is displayed. Figure 7-222 Configuring the local certificate (1) Issue 01 (2012-05-15) Huawei Proprietary and Confidential 311 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Step 3 Select the certificate mode. 7 Feature Description and Implementation The local certificate can be created in either of the following ways:

Certificate Request Import Certificate If the Certificate Request mode is selected, perform the following operations:

1. Click to create a certificate request. The page shown in Figure 7-223 is displayed. Figure 7-223 Configuring the local certificate (2) 2. Set parameters according to Table 7-60. Table 7-60 Certificate parameters Parameter Description Certificate Name Indicates the name of the created certificate, which can be customized. Common Name Indicates the common name of the certificate. For example, if the common name is a, a can contain the certificate names b and c. Organization Name Indicates the company name. NOTE This is the name of the company that applies for the CA certificate. Indicates the province where the company is located. State/Province Name Issue 01 (2012-05-15) Huawei Proprietary and Confidential 312 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Parameter Description Indicates the country where the company is located. Country/Region Name 3. Click to generate the certificate request file. The page shown in Figure 7-224 is displayed. Figure 7-224 Configuring the local certificate (3) This step only creates a certificate request file, but cannot make the certificate effective. To implement the certificate function, a CA signature is required. The CA signature is obtained using the dedicated software, such as OpenSSL. 4. Click

. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 313 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation The page shown in Figure 7-225 is displayed. Figure 7-225 Configuring the local certificate (4) 5. Paste the signed certificate into the Certificate text box and click to save the settings. If the Import Certificate mode is selected, perform the following operations:

Ensure that a valid certificate file has been loaded to the local device. 1. Click

. The page shown in Figure 7-226 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 314 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Figure 7-226 Configuring the local certificate (5) 7 Feature Description and Implementation 2. Enter the certificate name (customized), paste the certificate into the Certificate and Private Key text boxes. 3. Click to save the settings. If the two ends cannot communicate with each other after the certificates are configured, change the system time in the EGW1520 systems according to 9.1 Configuring the System Time. The changed time must be later than the current time.

----End Issue 01 (2012-05-15) Huawei Proprietary and Confidential 315 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7.5.8 VLAN 7 Feature Description and Implementation The VLAN technology divides a LAN to multiple virtual LANs (VLANs). Communication between hosts in a VLAN is the same as that in a LAN. A VLAN cannot directly communicate with another one. The EGW1520 supports port-based VLANs. Ports on the EGW1520 are classified into different VLANs, which separates users and creates virtual work groups. Description Principle This topic describes the principle, implementation, specification, and limitation of the virtual local area network (VLAN) technology. Based on Carrier Sense Multiple Access (CSMA) or Collision Detect (CD), Ethernet defines the data network communication technology related to media sharing. Numerous hosts may cause serious conflicts, excessive broadcast packets, and poor performance, and even network unavailability. Using switches to connect LANs reduces conflicts but cannot separate broadcast packets. In this background, the VLAN technology is generated to divide a LAN to multiple VLANs. The VLAN is a technology to implement virtual work groups. The VLAN technology divides LAN devices to several logical network segments instead of physical network segments. Each VLAN is a broadcast domain. Hosts in a VLAN communicate with each other as if they were in a LAN. Hosts in different VLANs cannot directly communicate with each other, as shown in Figure 7-227. Figure 7-227 VLAN diagram The VLAN has the following advantages:

Restricts the broadcast domain Issue 01 (2012-05-15) Huawei Proprietary and Confidential 316 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation The broadcast domain is restricted to a VLAN, which saves bandwidth and improves network's processing ability. Enhances LAN security Packets in a VLAN are separated from another VLAN. This makes users between VLANs unable to communicate with each other directly. A Layer 3 device (such as a router or a Layer 3 switch) is required to achieve cross-VLAN communication. Creates virtual work groups The VALN classifies users to different work groups. Users in a work group are not limited to a certain physical scope, which makes network creating and maintenance flexible. Implementation VLANS can be created based on the port, MAC address, protocol, IP address mapping, multicast, or policy. The EGW1520 supports only port-based VLANs. Ports connected to users are added to different VLANs so that users are separated and virtual work groups are divided. When forwarding packets, ports process the tags contained in packets. Based on the processing mode, ports are classified into the following types:

Access: Ports of this type can be added to only one VLAN, and are always connected to PCs and switches. Trunk: Ports of this type can be added to multiple VLANs, and are always connected to other EGW1520s or switches. Two ports that are connected must belong to the same VLAN. Type Processing for a Received Packet Processing for a Packet to Be Sent Access port Packet Without a Tag Adds the VLAN ID of the port to the packet as the tag. Trunk port Adds the VLAN ID of the port to the packet as the Packet with a Tag Accepts the packet when the VLAN ID of the packet is the same as the VLAN ID of the port. Discards the packet when the VLAN ID of the packet is different from the VLAN ID of the port. Accepts the packet when the VLAN ID of the packet is allowed to pass Removes the tag and sends the packet. Removes the tag and sends the packet when the VLAN ID of the packet is the same as the VLAN ID of the port and the VLAN ID is Issue 01 (2012-05-15) Huawei Proprietary and Confidential 317 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Type Processing for a Received Packet Processing for a Packet to Be Sent Packet Without a Tag tag. Packet with a Tag through the port. Discards the packet when the VLAN ID of the packet is not allowed to pass through the port. allowed to pass through the port. Retains the tag and sends the packet when the VLAN ID of the packet is different from the VLAN ID of the port and the VLAN ID is allowed to pass through the port. Specification A maximum of four ports used to assign VLANs Restriction The VLAN ports support only the port-based VLANs. Configuration This topic describes how to change the default VLAN for a port and add a port to a VLAN. You have logged in to the web management system. For details, see 7.7.1 Web Management. Prerequisites Procedure Step 1 On the web management system, choose Network > VLAN from the navigation tree. The page shown in Figure 7-228 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 318 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Figure 7-228 Configuring the VLAN (1) Step 2 Click corresponding to the port to be configured in the Operation column. The page shown in Figure 7-229 is displayed. Figure 7-229 Configuring the VLAN (2) Step 3 Set parameters according to Table 7-61. Table 7-61 VLAN parameters Parameter Description Port Indicates the LAN port on the EGW1520. The EGW1520 provides four LAN ports (LAN1 to LAN4). Issue 01 (2012-05-15) Huawei Proprietary and Confidential 319 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Parameter Description VLAN ID Indicates the VLAN that port belongs to. The default value is 1. Priority Indicates the 802.1p priority based on which devices that connect to the port (such as a switch) process packets. The value ranges from 0 to 3. A larger value indicates a higher priority. Link type The options are as follows:

Access: Ports of this type can be added to only one VLAN, and are always connected to PCs and switches. Trunk: Ports of this type can be added to multiple VLAN, and can identify and transmit packets that belong to multiple VLANs based on the VLAN tag. Permit VLAN ID Indicates the VLAN ID that is allowed to pass through the port. This parameter is configurable only when Link type is set to Trunk. Step 4 Click to save the settings.

----End Typical Configuration Example Network Requirements VLAN3 is a cross-device VLAN. VLAN2 contains LAN1 and LAN2 on the EGW1520 A. VLAN3 contains LAN3 on EGW1520 A and LAN1 on EGW1520 B. The requirement is that hosts in the same VLAN can communicate with each other. Hosts in VLAN2 can communicate with each other and hosts in VLAN3 can communicate with each other. Typical Network Figure 7-230 shows the typical network. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 320 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Figure 7-230 Typical VLAN network Procedure 1. Change the VLAN IDs to VLAN 2 for LAN1 and LAN2, and to VLAN 3 for LAN3 on EGW1520 A. Set the connection type to Access. 2. Change the connection type to Trunk for LAN4 on EGW1520 A, and set the VLAN changing range to 3. 3. Click to save the settings. Figure 7-231 shows the configuration result. Figure 7-231 Configuration result (1) 4. Change the VLAN IDs to VLAN 3 for LAN1 on EGW1520 B. Set the connection type to Access. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 321 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation 5. Change the connection type to Trunk for LAN4 on EGW1520 B, and set the VLAN changing range to 3. 6. Click to save the settings. Figure 7-232 shows the configuration result. Figure 7-232 Configuration result (2) Verification Hosts in the same VLAN can communicate with each other. 7.5.9 QoS The EGW1520 provides a comprehensive QoS mechanism, for example, make QoS policies as required. This ensures precedence of core services. In addition, the EGW1520 limits bandwidth for ordinary services (such as web upload) and saves it for core services (such as voice streams). The EGW1520 supports the following Diff-Serv-based QoS technologies:

priority mark, congestion management, and traffic policy. Description Principle This topic describes the principle and implementation of QoS. Traditional IP network handles all packets equally and uses the First In First Out (FIFO) method to transfer packets. Resources used to forward packets are allocated in the arrival order of packets. All packets share network resources, for example, bandwidth. The quantity of the resources that can be obtained depends on the arrival time of packets. This policy is called Best-Effort (BE). The device in this mode transmits packets to the destination. The BE mode, however, does not ensure the short delay, jitter, packet loss ratio, or high reliability. With the rapid development of the computer network, an increasing number of networks access the Internet. The Internet expands greatly in size, scope, and user quantity. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 322 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation More and more users use the Internet as a platform for data transmission and implementation of various applications. Apart from traditional applications such as WWW, email, and File Transfer Protocol (FTP), the Internet has been expanded to provide other services such as eLearning, eHealth, video calling, video conferencing, and video on demand (VoD). Enterprise users want to join their branches in different areas through a Virtual Private Network (VPN) to access an enterprise's databases. In addition, the headquarters of the enterprise can manage remote devices through Telnet. In addition, service providers also want to develop new services to increase revenues. The new services pose special requirements for bandwidth, delay, and jitter. For example, video conferencing and VoD require a high bandwidth, low packet loss ratio, short delay, and low jitter. Key tasks (such as transaction processing and Telnet) do not require a high bandwidth. They, however, focus on short delays and preferential handling in case of congestion. New services pose higher requirements for the IP network's service capability. Users are not only satisfied with packet transmission to the destination. They need better services, for example, dedicated bandwidth, lower packet loss ratio, management and avoidance of network congestion, and network traffic control. These requirements demand better service capabilities from the network. QoS is used to assess the ability of the network to transmit packets. It provides various functions, such as priority mark, congestion management, and traffic policing. Implementation The EGW1520 provides a comprehensive QoS mechanism, for example, make QoS policies as required. This ensures precedence of core services. In addition, the EGW1520 limits bandwidth for ordinary services (such as web upload) and saves it for core services (such as voice streams). EGW1520 forwards voice data first when network congestion occurs. The EGW1520 supports the following Diff-Serv-based QoS technologies: priority mark, congestion management, and traffic policy. Priority Mark EGW1520 marks priorities of packet categories as a user requires. For example, increase the voice packet priority to achieve short delay and low jitter, and to ensure call quality. Priorities can be marked with a differentiated services code point (DSCP) value, DSCP value ranges from 0 to 63. Congestion Management Congestion management is a solution to resource competition. Packets are buffered in queues and a scheduling algorithm is used to determine the packet forwarding sequence. Congestion management is applied to the outbound interface. EGW1520 uses the Priority Queue (PQ) scheduling mechanism. For the IP network, PQ classifies packets based on the IP precedence, quintuple information, and DSCP value. Then PQ sends packets to queues by packet type. When leaving queues, packets with a low priority are not sent until packets with a higher priority have been sent, as shown in Figure 7-233. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 323 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Figure 7-233 PQ scheduling 7 Feature Description and Implementation If a new packet comes when packets with a lower priority are being sent, the new packet will be sent immediately while packets with the lower priority stop to be sent. This enables the packets related to cores services (such as VoIP) to be handled earlier. The packets related to ordinary services (such as email) are handled when core services are all handled and the network is idle. By doing so, key services are handled earlier and network resources are also fully used. Traffic Policing EGW1520 can limit the upstream and downstream bandwidth for the specified flows. Configuration This topic describes how to configure the QoS function. Only network administrators can change the QoS setting. To ensure the normal running of the EGW1520, you are advised to use the default settings. Prerequisite Context You have logged in to the web management system. For details, see 7.7.1 Web Management. Table 7-62 describes an example of QoS configuration. The actual configuration varies according to service requirement. Table 7-62 Configuring QoS Data Flow Classification Interface Classification Parameter QoS Interface QoS Scheme Local SIP signaling data flow generated on an analog phone WAN, ADSL Protocol: User Datagram Protocol

(UDP); Port number: UDP port number 5060 RTP/RTCP service flow generated on an Local Protocol: UDP;

Port number:

UDP port WAN, ADSL Put the flow to a queue, the precedence value of which is 1. Mark the Differentiated Services Code Point (DSCP) value of the packets. Put the flow to a queue, the precedence Issue 01 (2012-05-15) Huawei Proprietary and Confidential 324 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Data Flow Classification Interface Classification Parameter analog phone number QoS Interface QoS Scheme Local Data flow generated by management and support operations on EGW1520 SIP signaling data flow generated on an IP phone LAN

(Eth0Eth3 RTP/RTCP service flow generated on an IP phone LAN

(Eth0Eth3) LAN

(Eth0Eth3) Data flow generated on the terminals

(such as, HTTP, Email, and P2P) WAN, ADSL WAN, ADSL WAN, ADSL WAN, ADSL Select the protocol and port number based on the actual situation. Source IP address;

Protocol: UDP;

Port number:

UDP port number 5060. Source IP address;

Protocol: UDP;

Port number:

UDP port number Select the protocol and port number based on the actual situation. Procedure Step 1 Enable the QoS function. 1. On the web management system, choose Network > QoS from the navigation tree. The page shown in Figure 7-234 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 325 Copyright Huawei Technologies Co., Ltd. value of which is 2. Mark the DSCP value of the packets. Put the flow to a queue, the precedence value of which is 3. Mark the DSCP value of the packets. Put the flow to a queue, the precedence value of which is 1. Mark the DSCP value of the packets. Put the flow to a queue, the precedence value of which is 2. Mark the DSCP value of the packets. Put the flow to a queue, the precedence value of which is 3. Mark the DSCP value of the packets and set the upper limit of transmission rate. eSpace EGW1520 Enterprise Gateway Product Documentation Figure 7-234 Enabling the QoS function globally 7 Feature Description and Implementation 2. Click Enable. 3.

(Optional) Select a DSCP value from the Select Default DSCP Mark drop-down list box. To allow an upstream device to implement QoS, you must mark packets that match no QoS rule with a DSCP value. For example, if AF13(001110) is selected, packets that do not match any QoS rule are marked with AF13(001110). 4. Click

. Step 2 Set a precedence value to a queue. 1. Click the Queues Configuration tab. The page shown in Figure 7-235 is displayed. Figure 7-235 Setting the queue priority on interfaces (1) Issue 01 (2012-05-15) Huawei Proprietary and Confidential 326 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation 2. Click

. The page shown in Figure 7-236 is displayed. Figure 7-236 Setting the queue priority on interfaces (2) 3. Set parameters according to Table 7-63. Table 7-63 Parameter description Parameter Description Name Interface Indicates the name of a queue. Indicates the interface that takes QoS behaviors. The options are as follows:

eth-lan: LAN port. LAN ports 14 are available. eth-wan(wan): WAN port. atm0: ADSL port. Queue Indicates whether to enable the queue. The options are as follows:

Enable Disable 4. Click to save the settings. Step 3 Classify data flows and add a data flow in a queue. 1. Click the Classification Setup tab. The page shown in Figure 7-237 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 327 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Figure 7-237 Classifying data flows (1) 2. Click

. The page shown in Figure 7-238 is displayed. Figure 7-238 Classifying data flows (2) 3. Set parameters according to Table 7-64. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 328 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Table 7-64 Parameter description Parameter Description Traffic Class Name Name of a data flow class. Rule Order Order for sending data flows. The Last value indicates a data flow is the last one to be sent. Rule Status Whether to enable the rule. The options are as follows:

Enable Disable Class Interface Port that requires data flow classification. LAN: LAN ports 14 and Wi-Fi port. WAN: ADSL and WAN ports. local: data flows that the EGW1520 generates. eth-lan: LAN ports 14. wl0: WLAN port. atm0: ADSL port. eth-wan: WAN port. Ether Type Type of packets that need to be classified. IP(0x800): IP packets. ARP(0x806): ARP packets. IPv6(0x86DD): IPv6 packets. PPPoE_DISC(0x8863): packets in the PPPoE discovery stage. PPPoE_SES(0x8864): packets in the PPPoE session stage. 8865(0x8865): 8865 packets. 8866(0x8866): 8866 packets. 8021Q(0x8100): 802.1q packets. NOTE The following uses IP packets as an example. Source MAC Address Source MAC address in the packet. Source MAC Mask Source MAC mask in the packet. Destination MAC Address Destination MAC address in the packet. Destination MAC Mask Indicates the destination MAC mask in the packet. Assign Classification Queue Adds the packet to a configured queue. Mark DSCP Marks the packet with a DSCP value. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 329 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation For details about other parameters, see Web Parameter Reference. 4. Click

----End to save the settings. Typical Example: Transmitting Voice Service Packets First Network Requirements The EGW1520 uses an ADSL port to connect to the Internet. The IP address of the WAN port is 11.11.11.1. Computers and IP phones use LAN ports to connect to the EGW1520. As the DHCP server, the EGW1520 allocates IP addresses for the computers and IP phones. Configure the QoS to make voice service packets transmitted before data service packets. Voice service packets are transmitted first during heavy-traffic periods. Typical Network Figure 7-239 shows the typical network. Figure 7-239 QoS typical network Configuration Procedure For details on how to use an ADSL port to connect to the upstream network, see 7.2.1 ADSL. For details on how to configure the DHCP server, see Configuration. For details on how to add SIP users, see Adding Voice Users. 1. Enable the QoS function. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 330 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation 2. Configure two queues (queue-voice1 and queue-voice2) for the voice flow. Set the LAN and ADSL ports to where the QoS works, and set the two queues to the highest precedence (0). For details, see Set a precedence value to a queue. 3. Determine fields in the voice flow according to the network requirements. For example, the source IP address (IP address of the IP phone), protocol type (UDP) and port number

(5060) of IP phone's SIP signaling. 4. Configure the voice flow classification field. Add the matching voice flow to the queues with higher precedence (queue-voice1 and queue-voice2). In addition, mark the DSCP flag of the voice flow with the highest precedence. For details, see Configure data flow classification parameters and add a data flow in a queue. After the configuration is complete, the EGW1520 transmits voice flow through the ADSL and LAN ports. Based on the DSCP flag, the network device that supports QoS (Router A in this example) performs QoS scheduling for the voice flow that the EGW1520 transmit. Typical Example: Limiting Bandwidth for Web Upload Service Network Requirements The EGW1520 uses a WAN port to connect to the Internet. The IP address of the WAN port is 11.11.11.1. Computers and IP phones use LAN ports to connect to the EGW1520. As the DHCP server, the EGW1520 allocates IP addresses for the computers and IP phones. QoS is required to limit bandwidth for the web upload service. Typical Network Figure 7-240 shows the typical network. Figure 7-240 QoS typical network Configuration Procedure Issue 01 (2012-05-15) Huawei Proprietary and Confidential 331 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation For details on how to use a WAN port to connect to the upstream network, see 7.2.2 WAN. For details on how to configure the DHCP server, see Configuration. For details on how to add SIP users, see Adding Voice Users. 1. Enable the QoS function. 2. Configure a queue (queue-web) for web upload service packets. Set the WAN port to where the QoS works, and set the queue to a low precedence (for example, 3). For details, see Set a precedence value to a queue. 3. Determine fields in the web upload data flow according to the network requirements. For example, the source IP address (IP address of the computer), protocol type (TCP) and port number (80) of web upload data flow. 4. Configure the web upload data flow classification field. Add the matching web upload data flow to the queue-web. In addition, set the maximum rate for transmitting web upload data flow (for example, 10 kbit/s). For details, see Configure data flow classification parameters and add a data flow in a queue. When configuring QoS, enter the source or destination IP addresses of the flows to be matched. After the configuration is complete, the EGW1520 transmits the web upload data flow through the WAN port at a lower precedence, and limits the bandwidth within 10 kbit/s. 7.5.10 Anti-attack The EGW1520 can protect networks against various attacks such as flood attack and malformed packet attack, ensuring normal operation of internal networks and systems. Description The EGW1520 can prevent the following attacks. Type Description Special source IP attack An attacker sends packets with forged source IP address 0.0.0.0, 255.255.255.255, X.X.X.0, or X.X.X.255. Large ICMP packet attack An attacker sends oversized ICMP packets to the target system. Some systems or devices cannot process oversized ICMP packets. If they receive such packets, they may stop responding, crash, or restart. Unknown protocol attack The protocol type field in an IP header is set to an invalid value, which cannot be identified by the target system. Frequent processing of this type of packets wastes system resources and causes performance deterioration. ICMP Flood attack SYN Flood attacks An attacker sends a large number of ICMP packets, such as ping packets, to a server. As a result, the server is overloaded and cannot process normal data packets. The TCP/IP protocol stack permits limited TCP connections due to resource restriction. Taking advantage of the defect of TCP/IP, the SYN Flood attack forges a SYN packet whose source address is a bogus or non-existent address and initiates a connection to the server. Accordingly, the server will not receive the ACK packet for its SYN-ACK packet, which forms a semi-connection. A large number of Issue 01 (2012-05-15) Huawei Proprietary and Confidential 332 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Type Description semi-connections will exhaust network resources. As a result, authorized users cannot access the network until the semi-connections time out. The SYN Flood attack also occurs in the applications whose connection number is not limited to consume the system resources such as memories. UDP Flood attack When initiating a UDP flood attack, the attacker sends a large number of UDP packets to the specific target in a short time so that the target system is unable to transmit valid packets. Land attack Fraggle attack ICMP-Redirect attack Land attack sets both the source and destination addresses of a TCP SYN packet to the IP address of the attacked target. The target then sends the SYN-ACK message and sends back the ACK message to itself. This creates a null connection. Each null connection will be saved until timeout. Different attacked targets have different responses to the Land attack. For example, UNIX hosts may crash and Windows NT hosts will slow down. UDP port 7 (Echo) and port 19 (Chargen) respond after receiving UDP packets. When port 7 receives a packet, it returns the received contents. When port 19 receives a packet, it generates a character flow. Similar to ICMP, these two UDP ports generate massive useless response messages, exhausting network bandwidth. The attacker may send a UDP packet to the network where the target host is located. The source IP address is the target host, the destination IP address is the broadcast address or network address of the subnet where the target host resides, and the destination port is port 7 or port 19. On the subnet, each system enabled with UDP 7 or 19 sends a response message to the target host. Therefore, heavy traffic is generated, congesting the target network or making the target host crash. Systems not enabled with UDP 7 or 19 return ICMP unreachable messages, which also occupy bandwidths. A network device sends an ICMP-redirect packet to the hosts on the same subnet, requesting the hosts to change routes. Generally, network devices do not send ICMP-redirect packets to the devices except hosts. However, some malicious attackers cross a network segment and send a fraudulent ICMP-redirect packet to the hosts of another network. In this way, the attackers change the routing tables of the hosts and cause interference to normal IP packet forwarding on the hosts. Tracert attack Tracert attack traces the path of an ICMP timeout packet returned when the value of Time To Live (TTL) is 0 or traces a returned ICMP port-unreachable packet. In this way, the attacker obtains the network structure. ICMP-Unreachab le attack After receiving the ICMP-unreachable packets, some systems consider the route to this destination as unreachable. The systems then disconnect the destination from the host. Procedure Step 1 On the web management system, choose Network > AntiAttack from the navigation tree. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 333 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation The page shown in Figure 7-241 is displayed. Figure 7-241 Anti-attack (1) Step 2 Select Enable and click

. The page shown in Figure 7-242 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 334 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Figure 7-242 Anti-attack (2) 7 Feature Description and Implementation Step 3 Select packet types. Step 4 Click to save the settings.

----End 7.6 Security This topic describes EGW1520 security features. 7.6.1 NAT Network Address Translation (NAT) is the process of converting a private IP address in an IP packet header to a public IP address. This function enables computers with private IP addresses to connect to a public network. NAT solves the problem of insufficient IP addresses and prevents the attack from other networks, hiding and protecting computers on the private network. Principle In applications, private networks use private IP addresses. Network Address Translation (RFC) 1918 reserves the following private IP address ranges:

Issue 01 (2012-05-15) Huawei Proprietary and Confidential 335 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Class A: 10.0.0.0 to 10.255.255.255 (10.0.0.0/8) Class B: 172.16.0.0 to 172.31.255.255 (172.16.0.0/12) Class C: 192.168.0.0 to 192.168.255.255 (192.168.0.0/16) IP addresses in the preceding ranges are not allocated on the Internet. They can be used freely inside a company or on the intranet. Enterprises do not need to apply for them to the Internet Service Provider (ISP) or the registration center. Figure 7-243 shows a basic NAT application. Figure 7-243 Basic NAT Application An NAT server, for example, EGW1520, is located at the boundary between a private network and a public network. All packets sent between an internal PC and an external server will be sent to the NAT server. The address translation process is as follows:

1. After datagram 1 sent from the internal computer at 192.168.1.3 to the external server at 202.120.10.2 reaches the NAT server, the NAT server checks the content in the header 1 and finds that datagram 1 is destined for the external network. 2. The NAT server replaces the private source address 192.168.1.3 in datagram 1 with the public address 202.169.10.1 on the Internet. The NAT server sends datagram 1 to the external server and records the mapping entry in the network address translation table. 3. After receiving datagram 1, the external server sends a response packet (datagram 2) to the internal computer. The destination address of datagram 2 is 202.169.10.1. 4. After receiving datagram 2, the NAT server checks the content in the header and searches for the network address translation table. The NAT server replaces the destination IP address with 192.168.1.3 and sends datagram 2 to the internal computer. The network translation process is transparent for the internal computer and the external server. This means that the internal computer considers that the packets exchanged with the external server are not processed by the NAT server; the external server considers that the IP address of the internal computer is 202.169.10.1, not 192.168.1.3. Implementation NAT implementation modes consist of static translation, dynamic translation, and Network Address Port Translation (NAPT). At present, EGW1520 uses only one public IP address and therefore uses NAPT to perform many-to-one address translation. NAPT is used to map Issue 01 (2012-05-15) Huawei Proprietary and Confidential 336 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation several private IP addresses to different port numbers of the same public IP address, as shown in Figure 7-244. Figure 7-244 NAPT implementation on EGW1520 Figure 7-244In the preceding figure, datagrams 1 and 2 come from the same private IP address but have different source port numbers; datagrams 3 and 4 come from different private IP addresses but have the same source port number. When NAT is performed, the four datagrams are sent to the same public IP address, which has four different source port numbers. When response packets arrive, the NAT server checks their destination addresses and port numbers to distinguish the four datagrams. Then the NAT server translates IP addresses in the packets and then forwards them to internal computers. By doing this, if only one public IP address is available, EGW1520 still allows several computers or other network elements (NEs) to access the same public network concurrently. Specification Limitation A maximum of 1024 NAT table entries. N/A For details on how to enable the NAT function, see Configuring the ADSL and Configuring the WAN. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 337 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation 7.6.2 Incoming Packet Filter This topic describes how to deploy an incoming packet filer on the network ingress to filer packets that are sent to the EGW1520. Description If the firewall is enabled on the LAN side, the firewall blocks packets that are sent to the EGW1520 or upstream device. If the firewall is enabled on the WAN side, the firewall blocks packets that are sent to the EGW1520 or downstream device. To enable specified packets to pass the firewall on the LAN side and WAN side, configure the incoming packet filter. The following describes the effect after you configure the incoming packet filter when the firewall is enabled on the LAN side or WAN side. Enable the firewall on the LAN side. If you do not configure the incoming packet filter function, the firewall blocks all packets that are sent to the EGW1520 and upstream device, for example packets A and B are blocked, as shown in Figure 7-245. By configuring the incoming packet filter function, you can specify packets that can be sent through the firewall on the LAN side, such as packet B in Figure 7-246. Figure 7-245 Incoming packet filter function not enabled The firewall on the LAN side can block only packets sent to an upstream device or an EGW1520. It cannot block packets within the LAN. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 338 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Figure 7-246 Incoming packet filter function enabled 7 Feature Description and Implementation Enable the firewall on the WAN side. If you do not configure the incoming packet filter function, the firewall blocks all packets that are sent to the EGW1520 and downstream device,for example packets A and B are blocked, as shown in Figure 7-247. By configuring the incoming packet filter function, you can specify packets that can be sent through the firewall on the WAN side, such as packet B in Figure 7-248. Figure 7-247 Incoming packet filter function not enabled Issue 01 (2012-05-15) Huawei Proprietary and Confidential 339 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Figure 7-248 Incoming packet filter function enabled Configuration Prerequisites You have enabled the firewall on the LAN side (see Configuring the LAN for details) or on the WAN side (see Configuring the ADSL or Configuring the WAN for details). You have logged in to the web management system. For details, see 7.7.1 Web Management. Procedure Step 1 On the web management system, choose Network > Security from the navigation tree. The page shown in Figure 7-249 is displayed. Figure 7-249 Configuring the incoming packet filter (1) Step 2 Click to be filtered out. to add a filter. The fileter is used to identify packets that need The page shown in Figure 7-250 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 340 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Figure 7-250 Configuring the incoming packet filter (2) Step 3 Set parameters according to Table 7-65. Table 7-65 Parameter description Parameter Filter Name Protocol Source IP Address/Segment Description Indicates the filter name, which can be changed. Indicates the protocol type based on which packets are filtered. The options are as follows:

TCP/UDP: TCP/UDP packets can be sent to the upstream network from the EGW1520. TCP: TCP packets can be sent to the upstream network from the EGW1520. UDP: UDP packets can be sent to the upstream network from the EGW1520. ICMP: ICMP packets can be sent to the upstream network from the EGW1520, such as messages indicating whether the network is connected, whether the route to the host is reachable, and whether the route is available. Indicates the source IP address (for example, 192.168.1.2), or source IP address/subnet mask length (for example, 192.168.1.0/24). Value 192.168.1.2 indicates that packets whose source IP addresses are 192.168.1.2 can be sent to the upstream network from the EGW1520. Value 192.168.1.0/24 indicates that packets whose source IP addresses are on the 192.168.1.0 network segment can be sent to the upstream network from the EGW1520. If this parameter is left blank, all packets can be sent to the upstream network from the EGW1520. Source Port(port or port:port) Indicates the source port number (for example, 80), or source port number range (for example, 80:90). Issue 01 (2012-05-15) Huawei Proprietary and Confidential 341 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Parameter Description Destination IP Address/Segment Value 80 indicates that packets whose source port numbers are 80 can be sent to the upstream network from the EGW1520. Value 80:90 indicates that packets whose source port numbers range from 80 to 90 can be sent to the upstream network from the EGW1520. If this parameter is left blank, all packets can be sent to the upstream network from the EGW1520. Indicates the destination IP address (for example, 192.168.1.1), or destination IP address/subnet mask length

(for example, 192.168.1.0/24). Value 192.168.1.1 indicates that packets whose destination IP addresses are 192.168.1.1 can be sent to the upstream network from the EGW1520. Value 192.168.1.0/24 indicates that packets whose destination IP addresses are on the 192.168.1.0 network segment can be sent to the upstream network from the EGW1520. If this parameter is left blank, all packets can be sent to the upstream network from the EGW1520. Destination Port(port or port:port) Indicates the destination port number (for example, 90), or destination port number range (for example, 90:100). Value 90 indicates that packets whose destination port numbers are 90 can be sent to the upstream network from the EGW1520. Value 90:100 indicates that packets whose destination port numbers range from 90 to 100 can be sent to the upstream network from the EGW1520. If this parameter is left blank, all packets can be sent to the upstream network from the EGW1520. Interface to Apply This Rule Indicates the interface where the filter takes effect. For example, br0/br0: ports on the LAN side (LAN ports 14 and Wi-Fi port). When you select br0/br0, the filter filters the packets that are sent to the EGW1520 and upstream device through the LAN port. pppoe_0_0_35/ppp1: ADSL port. When you select pppoe_0_0_35/ppp1, the filter filters the packets that are sent to the EGW1520 and upstream device through the ADSL port. Step 4 Click to save the settings. Figure 7-251 shows the configuration result. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 342 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Figure 7-251 Configuring the incoming packet filter (3)

----End 7.6.3 Outgoing Packet Filter This topic describes how to deploy an outgoing packet filer on the network egress to filer packets that are sent to the upstream device through the LAN port. Description The outgoing packet filter allows you to disable specified packets from being sent to an upstream device through the LAN port when the firewall on the LAN side disabled. If you enable the firewall on the LAN side, the firewall will block all packets sent to an upstream device through the LAN port. Packet A in Figure 7-252 can be prevented from being sent to an upstream device through the LAN port when the firewall on the LAN side disabled. Figure 7-252 Filtering outgoing packets Configuration Prerequisites You have logged in to the web management system. For details, see 7.7.1 Web Management. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 343 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Procedure 7 Feature Description and Implementation Step 1 On the web management system, choose Network > Security from the navigation tree. Step 2 Click the Filter Outgoing IP tab. The page shown in Figure 7-253 is displayed. Figure 7-253 Configuring the outgoing packet filter (1) Step 3 Click be filtered out. to add a filter. The filter is used to identify packets that need to The page shown in Figure 7-254 is displayed. Figure 7-254 Configuring the outgoing packet filter (2) Step 4 Set parameters according to Table 7-66. Table 7-66 Parameter description Parameter Filter Name Description Indicates the filter name, which can be changed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 344 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Parameter Protocol Source IP Address/Segment Description Indicates the protocol type based on which packets are filtered. The options are as follows:

TCP/UDP: TCP/UDP packets cannot be sent to the upstream network through the LAN port. TCP: TCP packets cannot be sent to the upstream network through the LAN port. UDP: UDP packets cannot be sent to the upstream network through the LAN port. ICMP: ICMP packets cannot be sent to the upstream network through the LAN port, such as messages indicating whether the network is connected, whether the route to the host is reachable, and whether the route is available. Indicates the source IP address (for example, 192.168.1.2), or source IP address/subnet mask length (for example, 192.168.1.0/24). Value 192.168.1.2 indicates that packets whose source IP addresses are 192.168.1.2 cannot be sent to the upstream network through the LAN port. Value 192.168.1.0/24 indicates that packets whose source IP addresses are on the 192.168.1.0 network segment cannot be sent to the upstream network through the LAN port. Source Port(port or port:port) Indicates the source port number (for example, 80), or source port number range (for example, 80:90). Destination IP Address/Segment Value 80 indicates that packets whose source port numbers are 80 cannot be sent to the upstream network through the LAN port. Value 80:90 indicates that packets whose source port numbers range from 80 to 90 cannot be sent to the upstream network through the LAN port. Indicates the destination IP address (for example, 192.168.1.1), or destination IP address/subnet mask length

(for example, 192.168.1.0/24). Value 192.168.1.1 indicates that packets whose destination IP addresses are 192.168.1.1 cannot be sent to the upstream network through the LAN port. Value 192.168.1.0/24 indicates that packets whose source IP addresses are on the 192.168.1.0 network segment cannot be sent to the upstream network through the LAN port. Destination Port(port or port:port) Indicates the destination port number (for example, 90), or destination port number range (for example, 90:100). Value 90 indicates that packets whose destination port numbers are 90 cannot be sent to the upstream network through the LAN port. Value 90:100 indicates that packets whose destination port numbers range from 90 to 100 cannot be sent to the upstream network through the LAN port. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 345 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Step 5 Click to save the settings. Figure 7-255 shows the configuration result. Figure 7-255 Configuring the outgoing packet filter (3)

----End 7.6.4 MAC Address Filter If the ADSL service is in Bridge mode, you can configure MAC address filter to prevent the ADSL port from forwarding certain data frames. Description To configure the MAC address filter, configure both the MAC address filtering policy and filtering rule. The MAC address filtering policy specifies the mode of filtering data frames, and the MAC address filtering rule specifies the data frames to be filtered. EGW1520 supports the following MAC address filtering policies:

FORWARD: The ADSL port forwards all data frames except those specified in the filtering rule. BLOCKED: The ADSL port forwards only the data frames specified in the filtering rule. The default filtering policy is FORWARD. Configuring MAC Address Filter Prerequisites The ADSL service is in Bridge mode. For details, see Basic Configuration. You have logged in to the web management system. For details, see 7.7.1 Web Management. Procedure Step 1 Modify the MAC address filtering policy. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 346 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation When the MAC address filtering policy for a port is modified, the MAC address filtering rule for this port is automatically deleted. You must re-create the MAC address filtering rule. 1. On the web management system, choose Network > Security from the navigation tree. 2. Click the Filter MAC tab. The page shown in Figure 7-256 is displayed. Figure 7-256 Filter MAC tab page (1) 3. Select an MAC address filtering policy, for example, BLOCKED. 4. Click to save the new policy. Figure 7-257 shows the configuration result. Figure 7-257 Configuration result Issue 01 (2012-05-15) Huawei Proprietary and Confidential 347 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Step 2 Create the MAC address filtering rule. 1. On the web management system, choose Network > Security from the navigation tree. 2. Click the Filter MAC tab. The page shown in Figure 7-258 is displayed. Figure 7-258 Filter MAC tab page (2) 3. Click to add a filter. The page shown in Figure 7-259 is displayed. Figure 7-259 Filter MAC tab page (3) 4. Set parameters according to Table 7-67. Table 7-67 Parameter description Parameter Description Protocol Type Indicates the protocol type based on which MAC addresses are filtered. The options are as follows:

PPPoE: Point-to-Point Protocol over Ethernet, which is used by remote devices to manage and charge users. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 348 Copyright Huawei Technologies Co., Ltd.

 

 

eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Parameter Description IPv4: Internet Protocol version 4, which is the first widely used protocol version and is at the core of standards-based Internet technology. AppleTalk: A proprietary suite of protocols developed by Apple Inc. to provide communication services for Apple computers, such as file transfer, printing, email, and other network services. IPX: Internet Packet Exchange (IPX) protocol stack, which is supported by Novell's NetWare operating system. NetBEUI: Network Basic Input/Output System (NetBIOS) Extended User Interface, which is a non-routable protocol developed for the IBM to transfer NetBIOS messages. IGMP: Internet Group Management Protocol, which is used by hosts and neighboring routers on IP networks to establish multicast group memberships. Indicates the destination MAC address. For example, value 00:01:6C:4C:58:FE indicates that the ADSL port filters data frames whose destination MAC addresses are 00:01:6C:4C:58:FE. If this parameter is left blank, the ADSL port filters the destination MAC addresses for all data frames. Indicates the source MAC address. For example, value 90:FB:A6:14:9E:5A indicates that the ADSL port filters data frames whose source MAC addresses are 90:FB:A6:14:9E:5A. If this parameter is left blank, the ADSL port filters the source MAC addresses for all data frames. Destination MAC Address Source MAC Address Frame Direction Indicates the direction in which a data frame is transmitted. The options are as follows:

LAN<=>WAN: The ADSL port filters the MAC addresses for data frames that are transmitted mutually between the LAN and WAN ports. WAN=>LAN: The ADSL port filters the MAC addresses for data frames that are transmitted from the WAN ports to the LAN ports. LAN=>WAN: The ADSL port filters the MAC addresses for data frames that are transmitted from the LAN ports to the WAN ports. 5. Click to save the settings. Figure 7-260 shows the configuration result. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 349 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Figure 7-260 Configuration result 7 Feature Description and Implementation Value BOTH indicates that the ADSL port filters the MAC addresses for data frames that are transmitted from the LAN port to the WAN port and from the WAN port to the LAN port.

----End 7.6.5 URL Filter Using the URL filtering feature, an enterprise or a family can prevent its members from visiting certain websites. Description Principle At present, contents at many websites are illegal or improper because they are not effectively supervised or restricted. Therefore, more and more enterprises use the URL access control function to ensure information security and restrict URL access. As shown in Figure 7-261, URL filtering is used to:

Control access to websites containing content including pornography, terrorism, violence, gambling, or illegal information. Shield phishing websites to protect employees' privacy. Shield malicious websites to protect the enterprise's private network from attack. Provide customized services for enterprises, for example, allow employees to access specified websites. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 350 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Figure 7-261 URL filtering 7 Feature Description and Implementation Implementation The EGW1520 provides the following URL filter modes:

Include URLs in the whitelist can be accessed. Exclude URLs in the blacklist cannot be accessed. Use either whitelist or blacklist mode. EGW1520 can filter the whole URL (for example, http://www.example.com) or the keyword in the URL (for example, example.com). Specification Maximum number of URLs to be filtered at the same time: 100 Maximum length of each URL: 128 bytes Full match and partial match Limitation Wildcards, for example, using * for full match, are not allowed in filtering rules. Configuration Prerequisite You have logged in to the web management system. For details, see 7.7.1 Web Management. Procedure Step 1 On the web management system, choose Network > Security from the navigation tree. Step 2 Click the Filter URL tab. The page shown in Figure 7-262 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 351 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Figure 7-262 Configuring the URL filter (1) Step 3 Select a URL filter mode, for example, Exclude. Include URLs in the whitelist can be accessed. Exclude URLs in the blacklist cannot be accessed. Step 4 Click to save the filter mode. The page shown in Figure 7-263 is displayed. Figure 7-263 Configuring the URL filter (2) Step 5 Click to add a URL to be filtered. The page shown in Figure 7-264 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 352 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Figure 7-264 Configuring the URL filter (3) Step 6 Enter the URL to be filtered (a compete URL or keywords) and the port number. The default port number is 80. Step 7 Click to save the settings. Figure 7-265 shows the configuration result. Figure 7-265 Configuring the URL filter (4)

----End 7.6.6 Virtual Server After configuring the virtual server, users can access to servers in the private network, and enable services, such as web browsing and FTP download. Description A virtual server functions as a public server in the private network. Users in the external network can use services that the virtual server provides (such as web and FTP download services) after accessing the external address obtained from the EGW1520. Figure 7-266 shows the typical network. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 353 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Figure 7-266 Typical virtual server network Configuration Prerequisites You have logged in to the web management system. For details, see 7.7.1 Web Management. The EGW1520 has been connected to the upstream network and the NAT function has been enabled. Required services and port numbers have been enabled on the private network. Procedure Step 1 On the web management system, choose Network > Security from the navigation tree. Step 2 Click the Virtual Server tab. The page shown in Figure 7-267 is displayed. Figure 7-267 Configuring a virtual server (1) Step 3 Click to add a virtual server. The page shown in Figure 7-268 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 354 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Figure 7-268 Configuring a virtual server (2) Step 4 Set parameters according to Table 7-68. Table 7-68 Parameter description Parameter Description Select a Service Indicates the service that is provided by the virtual server, such as the web, mail, and FTP services. The service must be enabled on the internal server(Multiple services can be enabled on a server in the internal network). Custom Service Allows you to define a service different from options in the Select a Service drop-down list box. The service that you define must be enabled on the internal server. Virtual Server IP Address Indicates the IP address of the internal server, for example, 192.168.1.5. External Port Start External Port End Indicates the start and end port numbers that the virtual server provides for external users. External users can use the port numbers between the start and end port numbers to access the virtual server. You are advised to use the default value. Protocol Indicates the transfer protocol used by the virtual server, for example, TCP for the web server. Type Indicates the port count used by the internal server. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 355 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Parameter Description 7 Feature Description and Implementation Single: The internal server uses only one port. Range: The internal server uses multiple ports. Port numbers on the internal server must be the same as those provided by the virtual server for external access, and you cannot change them. Internal Port Start Internal Port End Indicates the start and end port numbers that the internal server provides for external users, which must be the same as the start and end port numbers that the virtual server provides for external users. Step 5 Click to save the settings. Figure 7-269 shows the configuration result. Figure 7-269 Configuring a virtual server (3) After the configuration is successful, external users can access the internal server through the EGW1520 WAN port or the ADSL IP address and port number.

----End Typical Configuration Example Network Requirements Users access the Internet through EGW1520 and want to configure a web server and an FTP server on the private network to provide web and FTP download services for external users. The network requirements are as follows:

Connect EGW1520 to the Internet through the WAN port whose IP address is 11.11.11.1. Configure a web server and an FTP server on the private network, whose IP addresses are 192.168.1.8 and 192.168.1.5 respectively. After the configuration is complete, external systems can access the internal web server and FTP server. Typical Network Issue 01 (2012-05-15) Huawei Proprietary and Confidential 356 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Figure 7-270 shows the typical network diagram of the virtual server. Figure 7-270 Typical network Procedure For details on how to configure the web and FTP servers, see the relevant documents. For details on how to add a virtual server, see Adding a virtual server. 1. Configure the web server software on the server whose IP address is 192.168.1.8 and enable the port number 80. Configure the FTP server software on the server whose IP address is 192.168.1.5 and enable the port number 21. For details, see the related user guide. 2. On the web management system, add a virtual server. Figure 7-271 shows the configuration result. Figure 7-271 Configuration result Verification If an external user enters http://11.11.11.1 in the address box of the Internet Explorer and accesses the web server successfully, the web server is configured successfully. Otherwise, verify the configurations of the web server software and the EGW1520 virtual server. If an external user enters ftp://11.11.11.1 in the address box of the Internet Explorer and accesses the FTP server successfully, the FTP server is configured successfully. Otherwise, verify the configurations of the FTP server software and the EGW1520 virtual server. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 357 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation An external user must use the IP address that EGW1520 provides for external users (WAN port IP address 11.11.11.1 in this example) to access the internal server. 7.6.7 DMZ A virtual server enables external users to access internal servers on the private network. When multiple services are running on internal servers, several virtual servers must be configured. This makes the configuration complicated. To simplify the configuration, configure only the IP addresses for internal servers in the Demilitarized Zone (DMZ). External users can access only the internal servers (such as the WWW and FTP servers) in the DMZ but cannot use the other internal resources. This protects the internal network against illegal access. Description The DMZ is deployed between a public network and an enterprise's private network. Some public servers (such as the web server and FTP server) are deployed in the DMZ, as shown in Figure 7-272. The EGW1520 forwards all access requests from the public network (excluding those meeting NAT requirements) to the DMZ. This protects the internal network. Figure 7-272 DMZ implementation The following uses a web server in the DMZ as an example to describe the DMZ implementation. 1. After receiving external HTTP packets, the EGW1520 checks the packets. If the packets do not meet NAT requirement, EGW1520 forwards the packets to the DMZ. 2. EGW1520 converts the destination address of request packets to the DMZ web server's preset IP address, and sends the packets to the DMZ web server. 3. After receiving the request packets, the web server sends response packets to the computer on the public network. Then NAT is performed. Configuration Prerequisites Issue 01 (2012-05-15) Huawei Proprietary and Confidential 358 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation You have logged in to the web management system. For details, see 7.7.1 Web Management. You have connected to the upstream network and the NAT function has been enabled. For details on how to connect to the upstream network, see 7.2 Connection Modes. Procedure Step 1 On the web management system, choose Network > Security from the navigation tree. Step 2 Click the DMZ Host tab. The page shown in Figure 7-273 is displayed. Figure 7-273 Configuring the DMZ (1) Step 3 Enter the DMZ host IP address, for example, 192.168.1.5. Step 4 Click to save the settings. Figure 7-274 shows the configuration result. Figure 7-274 Configuring the DMZ (2)

----End Issue 01 (2012-05-15) Huawei Proprietary and Confidential 359 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Typical Example Networking Requirements 7 Feature Description and Implementation Assume that a user who uses the EGW1520 to connect to the Internet wants to deploy a web server and an FTP server on the intranet to provide website services and FTP resource download services for users on the external network. The network requirements are as follows:

The EGW1520 uses a WAN port to connect to the Internet. The IP address of the WAN port is 11.11.11.1. Deploy a web server and an FTP server on the same computer on the EGW1520's intranet. The IP address is 192.168.1.5. Configure the DMZ to enable users on the external network to access the web server and FTP server. Typical Network Figure 7-275 shows the typical network. Figure 7-275 DMZ typical network Configuration Procedure For details on how to configure the web and FTP servers, see the relevant documents. For details on how to configure the DMZ, see Configuration. 1. On the computer whose IP address is 192.168.1.5, configure the web server and the FTP server. For details, see the related user guide. 2. Configure the DMZ on the web management system. Figure 7-276 shows the configuration result. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 360 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Figure 7-276 Configuration result Verification Start the Internet Explorer and enter http://11.11.11.1 in the address box as a user on the external network. If the web server is connected, the configuration is successful. If the web server is not connected, check the IP address setting of the DMZ host on the web server and EGW1520. Start the Internet Explorer and enter ftp://11.11.11.1 in the address box as a user on the external network. If the FTP server is connected, the configuration is successful. If the FTP server is not connected, check the IP address setting of the DMZ host on the FTP server and EGW1520. An external user must use EGW1520 external IP address (in this topic, it is the IP address of the WAN port 11.11.11.1) to access internal servers. 7.6.8 Remote Login This topic describes how to remotely configure and maintain the EGW1520 by connecting to uplink ports (WAN, ADSL, or 3G port). The EGW1520 provides a public IP address for remote maintenance. Enabling Remote Login Step 1 On the web management system, choose Network > Security from the navigation tree. Step 2 Click the Remote login tab. The page shown in Figure 7-277 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 361 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Figure 7-277 Configuring remote login Step 3 Select Enable. Step 4 Click to save the settings.

----End Obtaining the Public IP Address of EGW1520 Step 1 On the web management system, choose Management > Status from the navigation tree. Step 2 Click the Network tab. The page shown in Figure 7-278 is displayed. Figure 7-278 Obtaining the IP address of EGW1520 Step 3 View the IP address of EGW1520. The IP address in Figure 7-278 is the public IP address of EGW1520.

----End Issue 01 (2012-05-15) Huawei Proprietary and Confidential 362 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Logging In to EGW1520 Remotely 7 Feature Description and Implementation Step 1 Use the Internet Explorer (6.0 or a later version) on your computer to access the public IP address of EGW1520. When you log in to the EGW1520 using HTTP, the EGW1520 automatically changes your login mode to HTTPS to ensure communication security. If the security level of your browser is not set properly, the system notifies you that the certificate is incorrect, as shown in Figure 7-279. Figure 7-279 Prompt information Click The page shown in Figure 7-280 is displayed. to continue your operation. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 363 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Figure 7-280 Logging in to the EGW1520 Step 2 Enter the user name (initial user name is admin) and password (initial password is Admin@123) and click

.

----End 7.7 Operations and Maintenance The EGW1520 can be managed on web pages or in TR-069 mode. 7.7.1 Web Management Prerequisite The web management system allows users to set parameters, detect faults, and upgrade devices. The EGW1520 also supports remote login, from which you can remotely configure and maintain the EGW1520. For details about how to remotely log in to the EGW1520, see 7.6.8 Remote Login. Before logging in to the web management system, ensure that the configuration environment is ready. 1. Prepare a PC (maintenance terminal). The PC must meet the following requirements:

Has the Ethernet adapter installed, supporting TCP/IP. Has Windows XP or later operating system installed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 364 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Has Microsoft Internet Explorer 6.0 or later version without configuring the proxy server. Supports the resolution 1024 x 768 or above. 2. The console cables have been connected. You can connect cables by using either of the following methods according to the network:

Use the straight-through cable to connect the EGW1520 LAN port to the PC network port. Use the straight-through cable to connect the EGW1520 LAN port to the PC network port through the switch or hub. 3. The PC IP address has been set. The IP addresses of the PC and EGW1520 must be on the same network segment. For example, if IP address of the EGW1520 is 192.168.1.1 (default value), the PC IP address can be set to 192.168.1.x, where x ranges from 2 to 254. By default, DHCP is enabled on an EGW1520. The PC can use the automatic mode to obtain the IP address. Users can access the web management system in the following two modes:

HTTPS The web browser interacts with the EGW1520 using HTTPS, which ensures user information security. HTTP The web browser interacts with the EGW1520 using HTTP. Only HTTPS access mode is enabled on EGW1520 by default. The HTTP access mode can be enabled on the page for configuring the LAN. For details, see Configuring the LAN. HTTP transmits plain text. Use HTTP to perform web management only in trusted networks. If only the HTTPS mode is enabled, the system switches to the HTTPS mode automatically when you access the EGW1520 in HTTP mode. Background Procedure Step 1 Log in to the EGW1520 using Internet Explorer 6.0 or later. The default URL is https://192.168.1.1. The page shown in Figure 7-281 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 365 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Figure 7-281 Logging in to the web management system (1) The default IP address of the EGW1520, login user name, and password can be obtained from the label at the bottom of the EGW1520. After logging in to the web management system, you can change IP address of the EGW1520. For details, see Configuring the LAN. Step 2 Enter the user name and password, and click Log In. Administrator: The user name is admin and the password is Admin@123. Common user: Both the initial user name and password are the internal number of a common user. Choose Management > Password to change the password after the initial login. Make a note of your password and keep it in a safe place. Do not share your password with anyone. If you forget your password, press and hold the RESET button on EGW1520 for more than six seconds, and log in to the web management system using the default password Admin@123. The configuration is restored to factory settings. If you fail to log in to the web management system for 5 consecutive times in 10 minutes, the system locks your PC IP address for 30 minutes. If you do not perform any operation in 10 minutes after logging in to the web management system, the login times out and the system requires re-login to ensure security.

----End Issue 01 (2012-05-15) Huawei Proprietary and Confidential 366 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7.7.2 TR-069 7 Feature Description and Implementation The Technical Report 069 (TR-069) is a DSL forum (which was later renamed as broadband forum) technical specification entitled CPE WAN Management Protocol (CWMP). It defines an application layer protocol for remote management of end-user devices. Description Principle This topic describes the principle, implementation, specification, and limitation of the TR-069. The Technical Report 069 (TR-069) is a DSL forum (which was later renamed as broadband forum) technical specification entitled CPE WAN Management Protocol (CWMP). It defines an application layer protocol for remote management of end-user devices. As a bidirectional SOAP/HTTP-based protocol, it provides the communication between customer premises equipment (CPE) and Auto Configuration Servers (ACS). It includes both a safe auto configuration and the control of other CPE management functions within an integrated framework. Customer premises equipment, such as gateways and set top boxes (STBs) are scattered on the user side. Maintenance personnel need to provide on-site services when configuration modification or troubleshooting is required, which increases management difficulty. TR-069 enables you to manage and maintain user's devices remotely on the network side. Details about the functions that TR-069 provides are as follows:

Configuration management Installs CPE without configurations and modifies parameter settings remotely. Version management Manages CPE software and firmware, for example, download the software version, and back up and restore the configuration file. Remote monitoring Monitors the CPE status and performance, and queries the CPE status. GUI-based management Manages NEs on the EMS in GUI mode. Alarm management Reports alarms to the EMS and instructs the EMS to delete an alarm in time once the alarm is cleared. Implementation As a CPE, EGW1520 supports TR-069, Figure 7-282 shows TR-069 network. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 367 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Figure 7-282 TR-069 network diagram 7 Feature Description and Implementation Auto-Configuration Server Broadband Remote Access Server Digital Subscriber Line Access Multiplexer Customer Premises Equipment ACS BRAS DSLAM CPE EGW1520 uses the ADSL port or WAN port to connect to ACS. The preceding figure uses the ADSL port as an example. Specification TR-069 TR-098 TR-104 Limitation N/A Setting TR-069 Parameters on the ACS This topic describes how to set TR-069 parameters on the ACS. TR-069 Connection Parameters For details about configurations on the ACS, see the related ACS configuration guide. This topic only lists TR-069 parameters for the ACS to connect to EGW1520, as shown in Table 7-69. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 368 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Table 7-69 TR-069 connection parameters Parameter ACS URL ACS User Name ACS Password Description Indicates the ACS URL. For example, http://www.acs.com. Indicates the user name for the ACS to authenticate the TR-069 client, which must be the same as the user name on the ACS. Indicates the password for the ACS to authenticate the TR-069 client, which must be the same as the user name on the ACS. Connection Request User Name Indicates the user name for the TR-069 client to authenticate the ACS, which must be the same as the user name on the TR-069 client. Connection Request Password Indicates the password for the TR-069 client to authenticate the ACS, which must be the same as the user name on the TR-069 client. Connection Request URL Indicates the URL of the TR-069 client. For example, http://192.168.1.1:8081/CPE. 192.168.1.1 is the IP address of the EGW1520 local area network (LAN) gateway. Setting TR-069 Parameters on the CPE This topic describes how to set TR-069 parameters on the EGW1520. Prerequisites Procedure You have logged in to the web management system. For details, see 7.7.1 Web Management. Step 1 On the web management system, choose Management > TR-069 Client from the navigation tree. The page shown in Figure 7-283 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 369 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Figure 7-283 TR-069 client configuration Step 2 Set parameters according to Table 7-70. Table 7-70 Parameter description Parameter Manufacturer Manufacturer OUI Product Class Device SN Description Indicates the device manufacturer. Indicates the organizationally Unique Identifier (OUI) of the manufacturer. Indicates the device model. Indicates the device sequence number. WAN Interface Used by TR-069 Client Indicates the WAN port on the TR-069 client connected to the ACS. ACS URL ACS User Name ACS Password Indicates the ACS URL. For example, http://www.acs.com. Indicates the user name for the ACS to authenticate the TR-069 client, which must be the same as the user name on the ACS. Indicates the password for the ACS to authenticate the TR-069 client, which must be the same as the user name on the ACS. Connection Request URL Indicates the URL of the TR-069 client. Connection Request User Name Indicates the user name for the TR-069 client to authenticate the ACS, which must be the same as the user name on the TR-069 client. Connection Request Password Indicates the password for the TR-069 client to authenticate the ACS, which must be the same as the Issue 01 (2012-05-15) Huawei Proprietary and Confidential 370 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 7 Feature Description and Implementation Parameter Description Manual Trigger Inform user name on the TR-069 client. Initiates the session to the ACS manually by clicking Trigger. Indicates whether to initiate a session to the ACS periodically. Inform Interval(Sec) Indicates the interval to initiate a session to the ACS, in seconds. The default value is 1800. Step 3 Click to save the settings.

----End Result After the EGW1520 is connected to the ACS by using TR-069, use ACS to configure and manage the EGW1520. TR-069 parameters reference lists parameters in the TR-069 data model. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 371 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 8 Diagnosis Mode 8 Diagnosis Mode About This Chapter This topic describes diagnosis modes for the EGW1520. 8.1 Enabling the Debug Log This topic describes how to enable the debug log for each process. The system can generate the debug logs for different processes. 8.2 Configuring Traffic Mirroring This section describes how to configure traffic mirroring to capture packets. Traffic mirroring allows you to use a packet capture tool on the mirroring port to obtain information about packets entering or leaving the monitored port. 8.3 Downloading Black Box Files This topic describes how to download black box files. 8.4 Pinging IP Addresses This topic describes how to ping an IP address. Using the ping function, you can ping the peer device of the EGW1520 to check the connection between them. 8.1 Enabling the Debug Log This topic describes how to enable the debug log for each process. The system can generate the debug logs for different processes. Large amounts of logs are generated during the EGW1520 running process. By default, the system does not generate the debug logs. To generate the debug logs, enable the debug log and log generation function, set the log level to debug, and configure the log saving mode. For details, see 9.4 Managing System Logs. Procedure Step 1 On the web management system, choose Diagnose > Debug Logs from the navigation tree. The page shown in Figure 8-1 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 372 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Figure 8-1 Enabling the debug logs for each module 8 Diagnosis Mode Step 2 Enable the debug logs for modules according to Table 8-1. Table 8-1 Parameter description Parameter Description Output debug-level log in start-up process Debug logs are generated when the system starts. For example, when you want to debug the system during system startup, enable this function. Voice services Debug logs for voice services are generated. For example, when the synchronization server cannot synchronize service data, enable this function. Network services Debug logs for network services are generated. For example, when you want to view the IP address obtained by EGW1520 that functions as a client, enable this function. System management Debug logs for system management are generated. For example, when you want to view message sending and receiving information in the system, enable this function. Configuration management Debug logs for configuration management are generated. For example, when you want to monitor network time synchronization, enable this function. Step 3 Click to save the settings.

----End Issue 01 (2012-05-15) Huawei Proprietary and Confidential 373 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 8.2 Configuring Traffic Mirroring 8 Diagnosis Mode This section describes how to configure traffic mirroring to capture packets. Traffic mirroring allows you to use a packet capture tool on the mirroring port to obtain information about packets entering or leaving the monitored port. Procedure Step 1 On the web management system, choose Diagnose > Packet Mirroring from the navigation tree. The page shown in Figure 8-2 is displayed. Figure 8-2 Traffic mirroring Step 2 Set parameters according to Table 8-2. Table 8-2 Parameters Item Description Monitored port Port that the mirroring port monitors. Direction Direction in which packets are monitored:

IN: Only the packets that the EGW1520 receives on the monitored port are monitored. OUT: Only the packets that the EGW1520 sends from the monitored port are monitored. BOTH: The packets that the monitored port receives and sends out are monitored. Mirroring port Port that captures packets from the monitored port. As shown in Figure Issue 01 (2012-05-15) Huawei Proprietary and Confidential 374 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Item Description 8 Diagnosis Mode 8-2, interface LAN3 captures the incoming and outgoing packets on interface LAN1. NOTE Manage the captured packets carefully. Step 3 Click to save the settings.

----End 8.3 Downloading Black Box Files This topic describes how to download black box files. Critical or minor defects that occur during the EGW1520 running process are recorded in black box files. You can view black box files to analyze system exceptions. Procedure Step 1 On the web management system, choose Diagnose > Black Box from the navigation tree. The page shown in Figure 8-3 is displayed. Figure 8-3 Downloading black box files Step 2 Select a black box file to download. Step 3 Click prompted. to save the file to the local host or other hosts on the network as Issue 01 (2012-05-15) Huawei Proprietary and Confidential 375 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 8 Diagnosis Mode To delete a black box file, select the file and click

.

----End 8.4 Pinging IP Addresses This topic describes how to ping an IP address. Using the ping function, you can ping the peer device of the EGW1520 to check the connection between them. Procedure Step 1 On the web management system, choose Diagnose > Ping Diagnose from the navigation tree. The page shown in Figure 8-4 is displayed. Figure 8-4 IPPing Diagnose page Step 2 Select Bind Interface. Step 3 Set parameters according to Table 8-3. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 376 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 8 Diagnosis Mode Table 8-3 Parameter settings Parameter Description IP/Domain The IP address that will be pinged. Packet Length Size of packets that are sent during the ping operation. The packet size ranges from 20 bytes to 1500 bytes. Step 4 Click

. The page shown in Figure 8-5 is displayed. Figure 8-5 Diagnosis result

----End Issue 01 (2012-05-15) Huawei Proprietary and Confidential 377 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 9 System Management 9 System Management About This Chapter This topic describes how to manage and maintain the EGW1520 in different modes. 9.1 Configuring the System Time This topic describes how to configure the system time manually and how to synchronize the NTP server time. 9.2 Managing the Configuration File This topic describes how to back up and load the configuration file. 9.3 Restoring Factory Settings This topic describes how to restore factory settings. 9.4 Managing System Logs This topic describes how to manage system logs. 9.5 Viewing Alarms This topic describes how to view alarms. You can analyze the exceptions occur during system running according to the alarms. 9.6 Viewing Security Logs This topic describes how to view security logs to query the recent operations. 9.7 Viewing Electronic Labels You can learn about the device information based on its electronic label. 9.8 Downloading Call Records This topic describes how to back up call records on the local computer. 9.9 One-Click Download This topic describes how to use the one-click download function to collect system information. If the system is faulty, you can download system information and send it to the maintenance personnel for fault location. 9.10 Changing the Password Issue 01 (2012-05-15) Huawei Proprietary and Confidential 378 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 9 System Management This topic describes how to change the password for logging in to the EGW1520. 9.11 Upgrading Host Software This topic describes how to upgrade host software. 9.12 Uploading Voice Files This topic describes how to upload voice files. 9.13 Restarting the EGW1520 This topic describes how to restart the EGW1520. 9.1 Configuring the System Time This topic describes how to configure the system time manually and how to synchronize the NTP server time. The EGW1520 requires correct time to report alarms, trace malicious calls, and generate logs. The EGW1520 allows you to configure the system time in either of the following modes:

Configure time manually on the local computer. For details, see Configuring Local Time. Sets system time on the web management system. Supports setting time zones and daylight saving time (DST). Synchronize time automatically by using the NTP server. For details, see Configuring NTP Time. NTP functions at the application layer. Based on the IP and the User Datagram Format

(UDP), the NTP is used to synchronize the time between distributed time servers and clients. As the EGW1520 supports the NTP protocol, it can function as an NTP client to synchronize time with the NTP server. Configuring Local Time Step 1 On the web management system, choose Management > Date & Time from the navigation tree. The page shown in Figure 9-1 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 379 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Figure 9-1 Date & Time tab page (1) 9 System Management Step 2 Set EGW1520 Time as required. Step 3 Click to save the settings. When the EGW1520 restarts, the system time that you configure is restored to the default setting (such as 1970-01-01 00:00:00). Step 4 (Optional) Configure the time zone. 1. Set parameters according to Table 9-1. Table 9-1 Parameter description (1) Parameter Description Time zone Offset Set the time zone. GMT+: east of GMT GMT-: west of GMT For example, set this parameter to GMT+ and 08:00 (GMT+8 time zone). 2. Click to save the settings. Step 5 (Optional) Configure the DST. 1. Click Daylight Saving Time. The page shown in Figure 9-2 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 380 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Figure 9-2 Configuring the DST 9 System Management 2. Set parameters according to Table 9-2. Table 9-2 Parameter description (2) Parameter Description Start By Start type of the DST. Date: The start time is a date. Day: The start time is a day in a week. End By End type of the DST. Date: The end time is a date. Day: The end time is a day in a week. Start Time DST start time. End Time DST end time. Start Week End Week Start Weekday End Weekday Week counting from the start time. This parameter is valid when Type is set to Start Day. Week counting from the end time. This parameter is valid when Type is set to End Day. Day in a week counting from the start time. This parameter is valid when Type is set to Start Day. Day in a week counting backward from the end time. This parameter is valid when Type is set to End Day. Time Offset (min) DST offset. If the DST function is enabled, the system time is the original time plus the offset within the validity period of the DST. 3. Click to save the settings. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 381 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation

----End Configuring NTP Time 9 System Management Step 1 On the web management system, choose Management > Date & Time from the navigation tree. Step 2 Click the NTP Server tab. Step 3 Click Network Time Synchronization Service. The page shown in Figure 9-3 is displayed. Figure 9-3 Configuring the NTP server Step 4 Set parameters according to Table 9-3. Table 9-3 Parameter description (3) Parameter Description Main NTP Server IP address or domain name of the active NTP server. Sub NTP Server IP address or domain name of the standby NTP server. Synchronization Interval Period of synchronizing the NTP server time. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 382 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 9 System Management Parameter Description

(s) Synchronization Status Status of NTP server time synchronization. Encryption Type The value is the same as that of the NTP server. Authentication Key ID The value is the same as that of the NTP server. Password The value is the same as that of the NTP server. Step 5 Click to save the settings. Check whether the NTP server time is the same as the EGW1520 time on the Date & Time tab page. If yes, the NTP server time synchronization is successful.

----End 9.2 Managing the Configuration File This topic describes how to back up and load the configuration file. During routine maintenance, configuration data may be missing due to abnormal device restart or upgrade failure. Therefore, you are advised to back up the configuration file periodically. After backup is complete, you can load the configuration file as required to recover data. The EGW1520 allows you to back up and load the configuration file in web mode. You can:

Back up the configuration file, which contains all the configurable data and can be encrypted. For details, see Backing Up the Configuration File. Load the configuration file in HTTP mode. For details, see Loading the Configuration File (HTTP). Load the configuration file in FTP mode. For details, see Loading the Configuration File

(FTP). Load the configuration file in TFTP mode. For details, see Loading the Configuration File (TFTP). Load the configuration file in FTPS mode. For details, see Loading the Configuration File (FTPS). In FTP mode, data is transmitted in plain text. Load configuration files in FTP mode on trusted networks. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 383 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Backing Up the Configuration File 9 System Management Step 1 On the web management system, choose Management > Configuration from the navigation tree. The page shown in Figure 9-4 is displayed. Figure 9-4 Backing up the configuration file Step 2 (Optional) Select Encrypt Configuration File to encrypt the configuration file. Step 3 Click to back up the configuration file to the local host or other hosts on the network as prompted. The configuration file is in .xml format. The default file name is in CFG+WAN port's MAC address.xml, for example, CFG001882ab2415.xml. You can also change the file name.

----End Loading the Configuration File (HTTP) Step 1 On the web management system, choose Management > Configuration from the navigation tree. Step 2 Click the Update tab. The page shown in Figure 9-5 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 384 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Figure 9-5 Loading the configuration file (HTTP) 9 System Management Step 3 Click Browse and select a configuration file. Set the file path, which can be a local path, for example, D:\CFG001882ab2415.xml, or a network path, for example, \\10.168.10.111\CFG001882ab2415.xml. Step 4 Click and proceed as prompted. After loading is successful, the EGW1520 automatically restarts. After the restart is complete, you can log in to the EGW1520 web management system. The restart takes 2 to 3 minutes depending on the device configuration. If the configuration data is more, the startup time is longer. If the uploading fails, the configuration data on the EGW1520 remains. You can reload the configuration file. After the LAN port restarts, the management IP address changes to the imported IP address.

----End Loading the Configuration File (FTP) Step 1 On the web management system, choose Management > Configuration from the navigation tree. Step 2 Click the Update tab. Step 3 Click FTP. The page shown in Figure 9-6 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 385 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Figure 9-6 Loading the configuration file (FTP) 9 System Management Step 4 Set parameters according to Table 9-4. Table 9-4 FTP parameters Parameter Description FTP Server IP address of the FTP server. NOTE Ensure that the FTP service is enabled when configuration files are loaded and that the FTP server connects to the EGW1520 properly. File Name Relative path of the file to be uploaded. If the configuration file is stored in C:/ftp/egw/CFG001882ab2415.xml and the access path that is set on the FTP server is C:/ftp, set the relative path to egw/CFG001882ab2415.xml. Port Number Port number of the FTP server, which is 21 by default. Anonymous If you select Anonymous, the EGW1520 connects to the FTP server as an anonymous user that is the default user on the FTP server. User Name User name for logging in to the FTP server. This parameter is configured on the FTP server. Password Password for logging in to the FTP server. This parameter is configured on the FTP server. Step 5 Click and proceed as prompted. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 386 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 9 System Management After loading is successful, the EGW1520 automatically restarts. After the restart is complete, you can log in to the EGW1520 web management system. The restart takes 2 to 3 minutes depending on the device configuration. If the configuration data is more, the startup time is longer. If the uploading fails, the configuration data on the EGW1520 remains. You can reload the configuration file. After the LAN port restarts, the management IP address changes to the imported IP address.

----End Loading the Configuration File (TFTP) Step 1 On the web management system, choose Management > Configuration from the navigation tree. Step 2 Click the Update tab. Step 3 Click TFTP. The page shown in Figure 9-7 is displayed. Figure 9-7 Loading the configuration file (TFTP) Step 4 Set parameters according to Table 9-5. Table 9-5 TFTP parameters Parameter Description TFTP Server IP address of the TFTP server. NOTE Issue 01 (2012-05-15) Huawei Proprietary and Confidential 387 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 9 System Management Parameter Description File Name Ensure that the TFTP service is enabled when configuration files are loaded and that the TFTP server connects to the EGW1520 properly. Relative path of the file to be uploaded. If the configuration file is stored in C:/tftp/egw/CFG001882ab2415.xml and the access path that is set on the TFTP server is C:/tftp, set the relative path to egw/CFG001882ab2415.xml. Port Number Port number of the TFTP server, which is 69 by default. Step 5 Click and proceed as prompted. After loading is successful, the EGW1520 automatically restarts. After the restart is complete, you can log in to the EGW1520 web management system. The restart takes 2 to 3 minutes depending on the device configuration. If the configuration data is more, the startup time is longer. If the uploading fails, the configuration data on the EGW1520 remains. You can reload the configuration file. After the LAN port restarts, the management IP address changes to the imported IP address.

----End Loading the Configuration File (FTPS) Step 1 On the web management system, choose Management > Configuration from the navigation tree. Step 2 Click the Update tab. Step 3 Click FTPS. The page shown in Figure 9-8 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 388 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Figure 9-8 Loading the configuration file (FTPS) 9 System Management Step 4 Set parameters according to Table 9-6. Table 9-6 FTPS parameters Parameter Description FTPS Server IP address of the FTPS server. NOTE Ensure that the FTPS service is enabled when configuration files are loaded and that the TFTP server connects to the EGW1520 properly. File Name Relative path of the file to be uploaded. If the configuration file is stored in C:/ftps/egw/CFG001882ab2415.xml and the access path that is set on the FTP server is C:/ftps, set the relative path to egw/CFG001882ab2415.xml. Port Number Port number of the FTPS server. The default port number is 990. Anonymous If Anonymous is selected, the EGW1520 connects to the FTPS server as an anonymous user. User Name User name for logging in to the FTPS server. This parameter is configured on the FTPS server. Password Password for logging in to the FTPS server. This parameter is configured on the FTPS server. Certificates Certificate for authenticate logins. NOTE Before using the certificate to authenticate logins, configure the certificate by Issue 01 (2012-05-15) Huawei Proprietary and Confidential 389 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 9 System Management Parameter Description referring to 7.5.7 Certificate. Step 5 Click and proceed as prompted. After loading is successful, the EGW1520 automatically restarts. After the restart is complete, you can log in to the EGW1520 web management system. The restart takes 2 to 3 minutes depending on the device configuration. If the configuration data is more, the startup time is longer. If the uploading fails, the configuration data on the EGW1520 remains. You can reload the configuration file. After the LAN port restarts, the management IP address changes to the imported IP address.

----End 9.3 Restoring Factory Settings This topic describes how to restore factory settings. Before restoring factory settings, refer 9.2 Managing the Configuration File to back up the configuration information of the current version. After restoration, the EGW1520 restarts automatically to make the factory settings take effect. To view factory settings, log in to the web management system again. To restore factory settings, press the RESET button on the device or perform operations on the web page. RESET Button Press RESET on the EGW1520 for longer than six seconds. Web Mode Step 1 On the web, choose Management > Restore Default from the navigation tree. The page shown in Figure 9-9 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 390 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Figure 9-9 Restore page 9 System Management Step 2 Click and proceed as prompted. After the EGW1520 restarts, the configuration data changes to factory settings. Use the IP address 192.168.1.1, the user name admin and the password Admin@123 to log in to the web management system again, see 7.7.1 Web Management.

----End 9.4 Managing System Logs This topic describes how to manage system logs. During the EGW1520 running, a large number of logs are generated and sent to the syslog management module. You can send the log file to the Huawei technical support for faults analysis. The EGW1520 provides the following log functions:

Backs up the log file remotely. If the remote backup function is configured, the syslog management module sends the log file to the log server for your remote maintenance. For details, see Backing Up Log Files Remotely. Backs up the log file locally. If the local backup function is configured, the log file is saved in the local flash memory. The EGW1520 allows you to download the latest log files from the flash memory on a web page. For details, see Backing Up the Log File Locally. The EGW1520 writes the flash memory when a 512 KB log is generated. When the size of generated logs reaches 2 MB, the earliest logs are overwritten by the latest ones. Sets the log level. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 391 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Deletes the log file. 9 System Management You can delete the log file in the local flash memory in web mode. For details, see Deleting Logs. Configuring Logs Prerequisite The log service has been started on the log server. The log path and log file name have been set. Configuration Procedure Step 1 On the web management system, choose Diagnose > System Logs from the navigation tree. The page shown in Figure 9-10 is displayed. Figure 9-10 Enabling the function of generating logs Step 2 Set log levels according to Table 9-7. Table 9-7 Log level Parameter Description Log Level The options are as follows:

Emergency: Error log, which indicates that a critical fault occurs and the system cannot be recovered. Alert: Error log, which indicates that a severe fault occurs and must be rectified immediately. Critical: Error log, which indicates that a major fault occurs. Error: Error log, which indicates that a minor fault occurs. Warning: Warning log, which indicates that certain functions are Issue 01 (2012-05-15) Huawei Proprietary and Confidential 392 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Parameter Description unavailable. 9 System Management Notice: Notification log, which indicates that a major event occurs. Informational: Informational log, which indicates common events and status information Debugging: Debug log, which records information about system internal debugging. NOTE To generate debug logs, set the log level to Debugging and enable the debug log for each module. For details, see 8.1 Enabling the Debug Log. The EGW1520 only sends log information whose level is equal to or higher than that you set to the log server. The highest level is Emergency and the lowest level is Debugging. Step 3 Click to save the settings.

----End Backing Up Log Files Remotely Step 1 Enable the function of generating logs. For details, see Configuring Logs. Step 2 Set Mode to Remote. The page shown in Figure 9-11 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 393 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Figure 9-11 Remote backup 9 System Management Step 3 Set parameters according to Table 9-8. Table 9-8 Parameter description Parameter Description Mode Log backup mode. The options are as follows:

Local: Saves the log file to the local computer. Remote: Sends the log file to the remote log server. Both: Sends the log file to the local computer and the remote log server. Server IP Address IP address of the log server. Set this parameter when Mode is set to Remote or Both. Server UDP Port Port number of the log server. Set this parameter when Mode is set to Remote or Both. The default value is 514. Step 4 Click to save the settings. The log file is automatically sent to the log server.

----End Backing Up the Log File Locally Step 1 Enable the function of generating logs. For details, see Configuring Logs. Step 2 Set Mode to Local. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 394 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation The page shown in Figure 9-12 is displayed. Figure 9-12 Local backup 9 System Management Step 3 Click to save the settings. The log file will be automatically saved to the local flash memory.

----End Downloading Logs Step 1 Enable the function of generating logs. For details, see Configuring Logs. The page shown in Figure 9-13 is displayed. Figure 9-13 Downloading logs Step 2 Click prompted.

, and back up log files to the local host or other hosts on the network as Issue 01 (2012-05-15) Huawei Proprietary and Confidential 395 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 9 System Management The log file is in .log format. The default file name is in Log+Current EGW1520 system date.log format, for example, Log20100101.log. You can also change the file name. After downloading the log file, you can delete the log file from the flash memory according to Deleting Logs.

----End Deleting Logs You can delete old logs from the flash memory. Log information that is sent to the log server is not affected. Step 1 Enable the function of generating logs. For details, see Configuring Logs. The page shown in Figure 9-14 is displayed. Figure 9-14 Deleting logs Step 2 Click and proceed as prompted.

----End 9.5 Viewing Alarms This topic describes how to view alarms. You can analyze the exceptions occur during system running according to the alarms. Procedure Step 1 On the web management system, choose Diagnose > Warning Info from the navigation tree. The page shown in Figure 9-15 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 396 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Figure 9-15 Alarms 9 System Management to save the file to the local host or other hosts on the network as Step 2 Click prompted. To delete all alarms, click

.

----End 9.6 Viewing Security Logs This topic describes how to view security logs to query the recent operations. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 397 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 9 System Management When automatic software upgrade is configured, the system generates security logs only for the first upgrade. Procedure Step 1 Choose Diagnose > SecurityLog Info from the navigation tree. A page shown in Figure 9-16 is displayed. Figure 9-16 Viewing security logs and back up log files to the local host or other hosts on the network as Step 2 Click prompted. Only network administrators can delete all security To delete all security logs, click logs. Log sample A log sample is as follows:

User ID: 192.168.1.8 Log type: alarmlog Time: 19700101 01:28:30 Issue 01 (2012-05-15) Huawei Proprietary and Confidential 398 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 9 System Management Log information: Downloaded alarm logs succeed The following is a detailed description of the preceding log sample:

admin/192.168.1.8: The user name is admin and the user ID is 192.168.1.8. alarmlog: This log is an alarm log. 19700101 01:28:30: Time when this operation is performed. Downloaded alarm logs succeed: This alarm log is downloaded successfully. For details about the security log information, see 12.2 Security Log Information.

----End 9.7 Viewing Electronic Labels You can learn about the device information based on its electronic label. To view the electronic label of a device, perform the following operations:

Step 1 You have logged in to the web management system. For details, see 7.7.1 Web Management Step 2 Choose Management > Status > from the navigation tree. The system displays a page, as shown in Figure 9-17. Figure 9-17 Electronic label (1) Step 3 Click Electronic Label . The system displays a page, as shown in Figure 9-18. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 399 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Figure 9-18 Electronic label (2) 9 System Management Table 9-9 describes the parameters in the electronic label information. Table 9-9 Description of electronic label parameters Parameter Meaning BoardType Model of the field replaceable unit (FRU). BarCode Bar code of the FRU, which is the same as the device bar code. Item BBOM code of the FRU. Description Description of the FRU. Manufactured Manufacture date of the FRU. VendorName Vendor name of the FRU. IssueNumber Issue number of the FRU. CLEICode CLEI code of the FRU. BOM Specific item code of the FRU. The physical label is affixed to he bottom of the device.

----End Issue 01 (2012-05-15) Huawei Proprietary and Confidential 400 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 9.8 Downloading Call Records 9 System Management This topic describes how to back up call records on the local computer. The call record backup function has the following features:

Saves the latest 5000 records. When the number of saved call records reaches 5,000, the system overwrites the earliest call records to save the latest ones. Saves 40 call records each time. If the number of latest call records is smaller than 40, the system saves call records at an interval of four hours. Saves the call start and end time, and the calling and called numbers. Configuration procedure Step 1 On the web management system, choose Diagnose > Call Recording from the navigation tree. Step 2 Set Call Recording to Enable. The page shown in Figure 9-19 is displayed. Figure 9-19 Downloading call records By default, the system disables the call record backup function. Step 3 Click to save the settings. Step 4 Click to download call records that are saved. Download call records to a local host or other hosts on the network. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 401 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 9 System Management The call record file must be in the .txt format. The default file name is in CDR+Current EGW1520 system date.txt format, for example, CDR20110101.txt. You can also change the file name. Click the Delete All Records After Download option button. Then the web management system will delete call records after the downloading is complete.

----End 9.9 One-Click Download This topic describes how to use the one-click download function to collect system information. If the system is faulty, you can download system information and send it to the maintenance personnel for fault location. The EGW1520 provides the one-click download function for you to collect the following information:

System configurations (device model, hardware version, software version, MAC address on WAN port, IP address on WAN port, and IP address on LAN port) System logs Alarm information Procedure Step 1 On the web management system, choose Diagnose > One-Click Download from the navigation tree. The page shown in Figure 9-20 is displayed. Figure 9-20 One-click download Issue 01 (2012-05-15) Huawei Proprietary and Confidential 402 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 9 System Management Step 2 Click to download information.

----End 9.10 Changing the Password This topic describes how to change the password for logging in to the EGW1520. The EGW1520 allows a maximum of 10 users to log in at the same time. The new password takes effect upon the next login. When a user changes the password, other users who have logged in are not affected. If you forget the password, you can only restore the password to the default factory setting. As a result, the configuration data is lost. Procedure Step 1 On the web management system, choose Management > Change Password from the navigation tree. The page shown in Figure 9-21 is displayed. Figure 9-21 Change Password page Step 2 Set parameters according to Table 9-10. Table 9-10 Parameter description Parameter Description Use a strong Password Indicates whether to set a complicated password. If this parameter is enabled, the password must contain special characters, such as @, #

and %. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 403 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 9 System Management Parameter Description User Name Indicates the user name. The user name is admin and cannot be changed. Old Password Indicates the current password. New Password Indicates the new password to be set. The password consists of 6 to 16 characters. Indicates that the user enters the new password again. Confirm Password Step 3 Click to save the settings.

----End 9.11 Upgrading Host Software This topic describes how to upgrade host software. The EGW1520 allows you to upgrade the host software on a web page. The following modes are provided:

HTTP mode FTP mode TFTP mode FTPS mode Upgrade procedures vary according to version. For details on the host software storage path and upgrade methods, see the eSpace EGW1520 Upgrade Guide. If the device is powered off or network communication is interrupted during software upgrade, the device may crash or the configuration file may be lost. 9.12 Uploading Voice Files This topic describes how to upload voice files. Voice files can be uploaded to the EGW1520 to play announcements for users. The EGW1520E allows you to upload voice files in .pcm format or compressed voice file packages in .zip format on a web page. The following modes are provided:

HTTP Mode FTP Mode Issue 01 (2012-05-15) Huawei Proprietary and Confidential 404 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation TFTP Mode FTPS Mode 9 System Management By default, Chinese voice files are loaded on the EGW1520. You can choose Voice >

Upload Voice File to change the language. When uploading a voice file in .pcm format, ensure that the file size is not greater than 1 MB. When uploading a voice file in .zip format, ensure that the file size is not greater than 30 MB. In FTP mode, data is transmitted in plain text. Load configuration files in FTP mode on trusted networks. HTTP Mode Step 1 On the web management system, choose Voice > Upload Voice File from the navigation tree. The page shown in Figure 9-22 is displayed. Figure 9-22 Upload Voice File page (HTTP) Step 2 Click Browse and select the voice file to be uploaded. The voice file path can be a local path, for example, D:\english.zip, or a network path, for example, \\10.168.10.111\english.zip. Step 3 Click and proceed as prompted. After the loading is successful, the Message page is displayed, as shown in Figure 9-23. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 405 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Figure 9-23 Success message 9 System Management If the loading fails, the voice file on the EGW1520 remains. You can reload the voice file.

----End FTP Mode Step 1 On the web management system, choose Voice > Upload Voice File from the navigation tree. Step 2 Click FTP. The page shown in Figure 9-24 is displayed. Figure 9-24 Upload Voice File page (FTP) Step 3 Set parameters according to Table 9-11. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 406 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Table 9-11 FTP parameters Parameter Description 9 System Management FTP Server Indicates the IP address of the FTP server. NOTE Ensure that the FTP service is enabled when configuration files are loaded and that the FTP server connects to the EGW1520 properly. File Name Indicates the relative path of the file to be uploaded. If the file to be uploaded is stored in C:/ftp/egw/voice.zip and the access path that is set on the FTP server is C:/ftp, set the relative path to egw/voice.zip. Port Number Indicates the port number of the FTP server. The default value is 21. Anonymous If you select Anonymous, the EGW1520 connects to the FTP server as an anonymous user that is the default user on the FTP server. User Name Indicates the user name for logging in to the FTP server. This parameter is configured on the FTP server. Password Indicates the password for logging in to the FTP server. This parameter is configured on the FTP server. Step 4 Click and proceed as prompted. After the loading is successful, the Message page is displayed, as shown in Figure 9-25. Figure 9-25 Success message If the loading fails, the voice file on the EGW1520 remains. You can reload the voice file.

----End TFTP Mode Step 1 On the web page's navigation bar, choose Voice > Upload Voice File. Step 2 Click TFTP. The page shown in Figure 9-26 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 407 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Figure 9-26 Upload Voice File page (TFTP) 9 System Management Step 3 Set parameters according to Table 9-12. Table 9-12 TFTP parameters Parameter Description TFTP Server Indicates the IP address of the TFTP server. NOTE Ensure that the TFTP service is enabled when configuration files are loaded and that the TFTP server connects to the EGW1520 properly. File Name Indicates the relative path of the file to be uploaded. If the file to be uploaded is stored in C:/tftp/egw/voice.zip and the access path that is set on the FTP server is C:/tftp, set the relative path to egw/voice.zip. Port Number Indicates the port number of the TFTP server, which is 69 by default. Step 4 Click and proceed as prompted. After the loading is successful, the Message page is displayed, as shown in Figure 9-27. Figure 9-27 Success message Issue 01 (2012-05-15) Huawei Proprietary and Confidential 408 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 9 System Management If the loading fails, the voice file on the EGW1520 remains. You can reload the voice file.

----End FTPS Mode Step 1 On the web page's navigation bar, choose Voice > Upload Voice File. Step 2 Click FTPS. The page shown in Figure 9-28 is displayed. Figure 9-28 Upload Voice File page (FTPS) Step 3 Set parameters according to Table 9-13. Table 9-13 FTPS parameters Parameter Description FTPS Server IP address of the FTPS server. NOTE Ensure that the FTPS service is enabled when configuration files are loaded and that the TFTP server connects to the EGW1520 properly. File Name Indicates the relative path of the file to be uploaded. If the file to be uploaded is stored in C:/ftps/egw/voice.zip and the access path that is Issue 01 (2012-05-15) Huawei Proprietary and Confidential 409 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 9 System Management Parameter Description set on the FTPS server is C:/ftps, set the relative path to egw/voice.zip. Port Number Port number of the FTPS server. The default port number is 990. Anonymous If Anonymous is selected, the EGW1520 connects to the FTPS server as an anonymous user. User Name Indicates the user name for logging in to the FTPS server. This parameter is configured on the FTPS server. Password Indicates the password for logging in to the FTPS server. This parameter is configured on the FTPS server. Certificates Certificate for authenticate logins. NOTE Before using the certificate to authenticate logins, configure the certificate by referring to 7.5.7 Certificate. Step 4 Click and proceed as prompted. After the loading is successful, the Message page is displayed, as shown in Figure 9-29. Figure 9-29 Success message If the loading fails, the voice file on the EGW1520 remains. You can reload the voice file.

----End 9.13 Restarting the EGW1520 This topic describes how to restart the EGW1520. You can restart the EGW1520 on the web page or pressing the RESET button on the device. RESET Button Press RESET on the EGW1520 for six seconds or shorter. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 410 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Web Mode 9 System Management Step 1 On the web management system, choose Management > Restart from the navigation tree. The page shown in Figure 9-30 is displayed. Figure 9-30 Restart page Step 2 Click and proceed as prompted. The restart takes 2 to 3 minutes depending on the device configuration. More configurations indicate a longer restart duration. Access the web management system to check whether the restart is complete. The restart is complete if you can access the page.

----End Issue 01 (2012-05-15) Huawei Proprietary and Confidential 411 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 10 Security Maintenance 10 Security Maintenance About This Chapter This topic describes the concept and methods for maintaining the EGW1520. 10.1 Overview 10.2 Application Layer Security 10.3 System Layer Security 10.4 Network Layer Security 10.5 Management Layer Security 10.6 Appendix 10.1 Overview 10.1.1 Objectives Application systems are facing growing security threats. If a security problem occurs, services will be interrupted, profits will decrease, and the system may break down. To detect potential security problems and resolve them in time, users need to establish an all-round protection system and execute maintenance tasks with a hierarchical approach. As new security threats emerge continuously, technical methods are insufficient to ensure the security of application systems. Therefore, users also need to develop a security management system based on the suggestions given on problems found in routine security maintenance, which ensures proper running of the applications. 10.1.2 Layered Security Maintenance Based on the security maintenance objects and objectives, security maintenance on service systems must be conducted at different layers. Application Layer The security maintenance at this layer is conducted to ensure that the EGW1520 and related web management system run properly and provide services correctly. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 412 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation System layer 10 Security Maintenance Security maintenance at this layer is conducted to ensure that the operating system runs properly, ensuring the proper running of applications at the application layer. At the system layer, security maintenance is conducted using the maintenance terminals or tools corresponding to the maintenance objects. Network Layer Security maintenance at this layer is conducted to ensure the proper running of switches, routers, and firewalls and to ensure the application of security policies at this layer. At the network layer, security maintenance is conducted using the maintenance terminals or tools of the maintenance objects. Management layer Security maintenance at this layer is conducted to enhance manual management and maintenance to prevent potential risks. The preceding layers are involved in management-layer security maintenance. 10.1.3 EGW1520 Security Overview This topic describes the EGW1520 security solution. Security is essential to communications products and systems. The EGW1520 security solution contains the following layers:

The security at the management layer ensures the system maintenance, running, security, and continuity. The security at the application layer protects all Huawei applications, including access, data, communication, and coding. Security at the system layer protects the operating systems, databases, and middleware used by applications. The security of the network layer protects the network devices and communication. With the cooperation of the four layers, the EGW1520 security solution provides security protection for small-sized enterprises. Figure 10-1 shows the layered architecture of the EGW1520 security solution. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 413 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 10 Security Maintenance Figure 10-1 Layered architecture of the EGW1520 security solution 10.2 Application Layer Security 10.2.1 Application Layer Account Management Accounts at the application layer Table 10-1 listed the accounts at the application layer. Table 10-1 Accounts at the application layer User Name Default Function Remarks Password admin Admin@12 3 Account for logging in to the web management system. The user name and password are both case sensitive. The user name and rights cannot be changed. Password Principle The login password must contain at least six digits. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 414 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 10 Security Maintenance The login password and service (for example, voice mailbox) password cannot be displayed on GUIs in clear text, and must be encrypted before they are stored. Before changing a password, you must enter the original password. Changing a Password Step 1 On the web management system, choose Management > Change Password from the navigation tree. The page shown in Figure 10-2 is displayed. Figure 10-2 Change Password page Step 2 (Optional) Enable the strong password. If this parameter is enabled, the password must contain special characters, such as @,#,%. Step 3 Enter the original password, new password, and confirm password as prompted. Step 4 Click to save the settings.

----End 10.2.2 Web Access Control Web access control methods of the EGW1520 are as follows:

Combination of Session and Cookie If you do not perform any operation in 10 minutes after logging in to the web management system, the login times out and the system requires re-login to ensure security. Logout request initiated by a client After logging in to the web management system, click Log Out at the upper-right corner. The confirm dialog box is displayed. Click OK. The login dialog box is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 415 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 10.2.3 Application Data Protection Encrypting a Configuration File 10 Security Maintenance Step 1 On the web management system, choose Management > Configuration from the navigation tree. The page shown in Figure 10-3 is displayed. Figure 10-3 Backing up the configuration file Step 2 Select Encrypt Configuration File to encrypt the whole configuration file. Step 3 Click to save the configuration file to the local host or other hosts on the network as prompted.

----End 10.2.4 Application Layer Log Check This topic describes how to check application layer logs. To ensure the application layer security, you must check the application layer logs periodically. Checking the log function Step 1 On the web management system, choose Diagnose > System Logs from the navigation tree. The page shown in Figure 10-4 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 416 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Figure 10-4 Enabling the log function 10 Security Maintenance Step 2 Click to save the settings.

----End Checking Log Generation Step 1 Set Mode to Local. Step 2 Click to save the logs to the local host. Step 3 Verify that log files are displayed on the local desktop. The log file is in .log format. The default file name is in admin_Log+Current EGW1520 system date.log format, for example, Log20100101.log. Step 4 Open the local log files to view logs.

----End Releasing the Log Storage Space The EGW1520 writes the flash memory when a 512 KB log is generated. When the size of generated logs reaches 2 MB, the earliest logs are overwritten by the latest ones. The administrator must download and delete logs in the log management module to release the log storage space periodically. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 417 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 10.3 System Layer Security 10 Security Maintenance Security maintenance at this layer is conducted to ensure that the operating system runs properly, ensuring the proper running of applications at the application layer. The system layer security maintenance contains:

System log function that can help checking system security. For details, see 10.2.4 Application Layer Log Check. Web management system function that supports the EGW1520 connecting to the client through HTTPS. Logging In to the Web Management System Step 1 On the maintenance terminal, open Internet Explorer, and enter https://192.168.1.1 in the address box. If errors about the security certificate occur during the login process, click Yes to go on. After logging in to the web management system, you can change IP address of the EGW1520. For details, see Configuring the LAN. Step 2 Press Enter, and the page shown in Figure 10-5 is displayed. Figure 10-5 Logging in to the web management system (1) Step 3 Enter the user name admin and default password Admin@123, and click Log in. The page shown in Figure 10-6 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 418 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Figure 10-6 Logging in to the web management system (2) 10 Security Maintenance Choose Management > Change Password to change the password after the initial login. Make a note of your password and keep it in a safe place. Do not share your password with anyone. If you forget your password, press and hold the RESET button on EGW1520 for more than six seconds, and log in to the web management system using the default password Admin@123. The configuration is restored to factory settings. If you fail to log in to the web management system for 5 consecutive times within 10 minutes, the system locks your PC IP address for 30 minutes. If you do not perform any operation in 10 minutes after logging in to the web management system, the login times out and the system requires re-login to ensure security.

----End 10.4 Network Layer Security The network layer provides firewall, Demilitarized Zone (DMZ), and VLAN division functions. 10.4.1 Security Network Figure 10-7 shows the security network of the EGW1520 solution. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 419 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Figure 10-7 EGW1520 security network 10 Security Maintenance The EGW1520 security network:

Is deployed at the entrance and exit of the enterprise network, which provides the firewall function to filter information and prevent unauthorized access. Provides the filtering function, which can configure Internet access policy and protect the network security. Provides the NAT ALG function based on the SIP protocol to ensure the voice communication security. Provides the DMZ function to protect the internal network. External users can access only internal servers in the DMZ. Provides the VLAN division function to separate different zones in the network. 10.4.2 Network Security Maintenance Firewall Security Check on the WAN Side The EGW1520 provides the firewall function to filter information and prevent unauthorized access. Enabling the firewall Step 1 On the web management system, choose Network > WAN from the navigation tree. The page shown in Figure 10-8 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 420 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Figure 10-8 Enabling the firewall (1) 10 Security Maintenance Step 2 Click

. The page shown in Figure 10-9 is displayed. Figure 10-9 Enabling the firewall (2) Step 3 Click

. The page shown in Figure 10-10 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 421 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Figure 10-10 Enabling the firewall (3) 10 Security Maintenance Step 4 Set Firewall to Enable.

----End Checking the Firewall Function If you enable the firewall on the WAN side, packets that are being sent to an EGW1520 or a downstream device will be blocked by the firewall on the WAN side. By configuring the incoming packet filter function, you can specify packets that can be sent through the firewall on the WAN side. DMZ Security Check External systems can use virtual servers to access the intranet server. When large amounts of services are running on the intranet server, multiple virtual servers must be configured. You can configure the DMZ to simplify the virtual server configuration process. Enabling the DMZ Function Step 1 On the web management system, choose Network > Security from the navigation tree. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 422 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Step 2 Click the DMZ Host tab. The page shown in Figure 10-11 is displayed. Figure 10-11 Configuring the DMZ (1) 10 Security Maintenance Step 3 Enter the DMZ Host IP address. Step 4 Click to save the settings.

----End Checking the DMZ Function Step 1 Connect the EGW1520 to the Internet through the WAN port as an internal user, and set the IP address to 11.11.11.1 for the WAN port. Step 2 Set the DMZ Host IP address to 192.168.1.5 on the EGW1520. Step 3 Configure the web and FTP servers on the server whose IP address is 192.168.1.5 as the internal user. Step 4 Open Internet Explorer and enters https://11.11.11.1 or ftp://11.11.11.1 in the address box as an external user.

----End If the external user can access the web or FTP server, the DMZ is configured successfully. VLAN Security Check VLANs are created on a physical LAN to separate the LAN into multiple broadcast domains. Hosts on a VLAN can communicate with each other, and hosts between VLANs cannot communicate with each other. That is, broadcast packets can be sent between hosts on the same VLAN, which improves network security. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 423 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Configuring the VLAN 10 Security Maintenance The EGW1520 supports port-based VLANs. LAN ports are added to different VLANs so that users are separated and virtual working groups are divided. Step 1 On the web management system, choose Network > VLAN from the navigation tree. The page shown in Figure 10-12 is displayed. Figure 10-12 Configuring the VLAN (1) Step 2 Click corresponding to the port to be configured in the Operation column. The page shown in Figure 10-13 is displayed. Figure 10-13 Configuring the VLAN (2) Issue 01 (2012-05-15) Huawei Proprietary and Confidential 424 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Step 3 Set parameters according to Table 10-2. Table 10-2 VLAN parameters Parameter Description 10 Security Maintenance Port Indicates the LAN port on the EGW1520. The EGW1520 provides four LAN ports (LAN1 to LAN4). VLAN ID Indicates the VLAN that port belongs to. The default value is 1. Priority Indicates the 802.1p priority based on which devices that connect to the port (such as a switch) process packets. The value ranges from 0 to 3. A larger value indicates a higher priority. Link type The options are as follows:

Access: Ports of this type can be added to only one VLAN, and are always connected to PCs and switches. Trunk: Ports of this type can be added to multiple VLAN, and can identify and transmit packets that belong to multiple VLANs based on the VLAN tag. Permit VLAN ID Indicates the VLAN ID that is allowed to pass through the port. This parameter is configurable only when Link type is set to Trunk. Step 4 Click to save the settings.

----End Checking the VLAN Function Figure 10-14 shows the typical network. Figure 10-14 Typical VLAN network Issue 01 (2012-05-15) Huawei Proprietary and Confidential 425 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 10 Security Maintenance Step 1 Change the VLAN IDs to VLAN 2 for LAN1 and LAN2, and to VLAN 3 for LAN3 on EGW1520 A. Set the connection type to Access Step 2 Change the connection type to Trunk for LAN4 on EGW1520 A, and set the VLAN changing range to 3. Step 3 Change the VLAN IDs to VLAN 3 for LAN1 on EGW1520 B. Set the connection type to Access Step 4 Change the connection type to Trunk for LAN4 on EGW1520 B, and set the VLAN changing range to 3.

----End After the configuration, hosts on the same VLAN can communicate with each other. Hosts on different VLANs cannot communicate with each other. 10.5 Management Layer Security This topic describes general maintenance suggestions for routine security maintenance. Carriers can formulate security management regulations by referring to these suggestions and abide by these regulations to ensure system security. 10.5.1 Security Principles for System Maintenance Minimum Principle Install only required services and components. The functions and roles of servers must be distinguished. Do not install unnecessary services and components. A service's internal components must be downsized according to the preceding principles. Minimum Accounts Accounts must be managed strictly according to account policies. The addition, modification, and deletion of accounts in the system must be strictly controlled. Minimum Rights Assign minimum rights to system services and accounts. Control right assignment strictly in the operating system. Dedication A host must run only one type of service. Partitions where the operating system, applications, and data are located must be separated. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 426 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Audit 10 Security Maintenance Operations on the host must be logged and monitored in other feasible methods. Failures to access the system's important resources must be audited. Successes in accessing the system's key resources must be audited. Successes and failures to modify the access control policies must be audited. 10.5.2 Password Maintenance Users need to be authenticated when they attempt to log in to the application system portal. The carrier can configure the account and password complexity, and password validity period based on security requirements. During password maintenance, ensure that:

The admin user's password is kept by a designate person. Passwords must be encrypted before transfer. Do not transfer passwords using emails. Huawei engineers need to request the customer to change passwords before system delivery. 10.5.3 Log Maintenance The system administrator can detect potential risks according to logs. Checking Logs Periodically The maintenance personnel need to periodically check system logs. If any faults are detected, they must report them to the upper-level departments. If the causes cannot be located or the faults cannot be rectified, contact the local representative office or Huawei technical support center. Backing Up Logs Periodically The maintenance personnel need to periodically save log files to external storage media such as disks, tapes, and CD-ROMs for backup. After successful backup, the original log files need to be deleted to free up the space. 10.5.4 Security Evaluation You are advised to find a qualified evaluation organization to evaluate the system security. When implementing security evaluation, contact Huawei technical support engineers. 10.5.5 Vulnerability Scanning You are advised to use tools to scan vulnerabilities. To use Huawei vulnerability scanning tool, contact Huawei technical support engineers. 10.5.6 Data Backup Based on security maintenance requirements, back up data in the following scenarios:

Before and after security configuration, maintenance, and troubleshooting Upgrade Issue 01 (2012-05-15) Huawei Proprietary and Confidential 427 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 10 Security Maintenance For details, see the eSpace Upgrade Guide. 10.5.7 Network Connection Change When the network connection changes, you are advised to:

Ensure that the new security policy cannot affect the original security policy. Analyze the network topology. 10.5.8 Defect Reporting If the customer system is attacked, Huawei technical support engineers will solve this problem depending on whether any security accidents occur. If a security accident occurs, Huawei technical support engineers will provide remote or on-site support to mitigate the attack impact with the assistance of customer maintenance personnel and generate an accident handling report. If no security accident occurs, Huawei technical support engineers will record the problem information and forward it to the research and development (R&D) team to process. After the R&D team works out a solution, Huawei technical support engineers will analyze the solution impact on services and develop a feasible solution. 10.5.9 Emergency Response Mechanism The customer must formulate the emergency response mechanism to deal with emergencies, recover the system, and minimize losses. 10.6 Appendix The communication matrix must be customized based on the actual network. For details, see Communication Matrix. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 428 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 11 Troubleshooting 11 Troubleshooting About This Chapter This topic provides the method to use for troubleshooting when typical faults are found in the EGW1520. 11.1 Precautions This topic describes the precautions for troubleshooting. 11.2 Troubleshooting Process This topic describes the EGW1520 troubleshooting process. 11.3 Voice-Specific Faults Voice-specific faults mainly refer to the faults that occur during user registration, call setup, and service invocation. 11.4 Network Faults Network faults primarily include network port indicator fault and uplink network disconnection. 11.5 System Faults System faults mainly include web management system fault and failure to obtain the system time from the NTP server. 11.1 Precautions This topic describes the precautions for troubleshooting. Before locating and troubleshooting faults, you must read and observe the following precautions:

Strictly comply with the operation and industry rules and regulations to ensure safety of personnel and devices. Observe anti-static safety measures (for example, wear anti-static wrist straps). Record details about all the faults that occur during maintenance. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 429 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 11 Troubleshooting Record all the important operations, for example, restarting a process and restoring factory settings. An important operation must be performed by qualified operators after the related data is backed up and proper measures are provided against security and emergency events. 11.2 Troubleshooting Process This topic describes the EGW1520 troubleshooting process. The EGW1520 troubleshooting process involves collecting fault information, rectifying faults, verifying fault rectification, compiling troubleshooting reports, and obtaining Huawei technical support. Figure 11-1 shows the troubleshooting flowchart. Figure 11-1 Troubleshooting flowchart 11.2.1 Collecting Fault Information Detailed fault description helps to quickly locate faults. The scenario information, networking information, and system information must be collected when a fault occurs. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 430 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Collecting Scenario Information 11 Troubleshooting This topic describes the fault scenario information that must be collected immediately after a fault occurs. Collect the following scenario information after a fault occurs:

Fault occurrence time and place Fault symptom Operations that were performed before the fault occurred Measures that have been taken after the fault occurred and the results Services that were affected by the fault and the scope of the fault Collecting Networking Information Networking information helps maintenance personnel to simulate the fault scenario and locate the fault. The maintenance personnel must document and save the following onsite information:

Physical network, including physical connections and connection media. Device names and versions. Logical connections between devices. Device interconnection information, such as the VLAN, IP address, subnet, gateway or port of a device. Collecting System Information System information includes information about the device, network, route, Address Resolution Protocol (ARP), and Dynamic Host Configuration Protocol (DHCP). By collecting system information, you can learn about the software and hardware versions and detailed network information. To collect the EGW1520 system information, perform the following operations:

1. Log in to the web management system. For details, see 7.7.1 Web Management. 2. Choose Management > Status from the navigation tree on the left. The page shown in Figure 11-2 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 431 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Figure 11-2 Collecting system information 11 Troubleshooting 3. Select Device, Network, Route, ARP, and DHCP Client in turn to view and manually record system information. For the description of the parameters that are displayed when you select Device, Network, Route, ARP, or DHCP Client, see Web Parameters Reference. 11.2.2 Rectifying Faults After locating a fault, take proper measures to rectify the fault. Take measures based on the fault symptom. For the troubleshooting cases, see 11.3 Voice-Specific Faults, 11.4 Network Faults, and 11.5 System Faults. 11.2.3 Verifying Fault Rectification After taking measures to rectify a fault, verify that the fault is rectified. If the fault is rectified, compile a troubleshooting report. If the fault is not rectified, contact Huawei technical support engineers. 11.2.4 Compiling a Troubleshooting Report After verifying that a fault is rectified, record the fault rectification process and compile a troubleshooting report for future reference. The troubleshooting report should include: fault symptom, fault location, fault rectification, and preventive suggestions. 11.2.5 Obtaining Technical Support Huawei Technologies Co., Ltd. provides customers with comprehensive technical support and service. Please feel free to contact our local office or company headquarters. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 432 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Huawei Technologies Co., Ltd. 11 Troubleshooting Address: Administration Building, Huawei Technologies Co., Ltd., Bantian, Longgang District, Shenzhen, P. R. China Postal Code: 518129 Website: http://support.huawei.com Customer service telephone: 4008302118 Email: support@huawei.com 11.3 Voice-Specific Faults Voice-specific faults mainly refer to the faults that occur during user registration, call setup, and service invocation. 11.3.1 Voice Service Users Cannot Register with the IMS/NGN Network This topic provides the method to use for troubleshooting when voice service users cannot register with the IMS/NGN network. Symptom After network and voice data are configured on the EGW1520, EGW1520 voice service users cannot register with the IP Multimedia Subsystem (IMS) network or Next Generation Network (NGN), and the value of User Status is Fault. The page shown in Figure 11-3 is displayed. Figure 11-3 Voice Service Users Cannot Register with the IMS/NGN Network Possible Causes A network exception has occurred. The SIP server configuration is incorrect. The number configuration is incorrect. The Network Address Translation (NAT) function is disabled. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 433 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Troubleshooting Procedure 11 Troubleshooting Step 1 Check the network connection. Check the network connection in either of the following ways:

Check whether the Internet indicator is on. If the indicator is on or blinks, the EGW1520 has been registered with the network service provider and the network connection is normal. Choose Management > Status from the navigation tree on the web management system,click the Network tab. If the value of Status is Connected on the Network page, the network connection is normal. If the network connection is abnormal, see Installation to verify the cable connections and 7.2 Connection Modes to verify the network configuration. Step 2 Verify the SIP Server parameter settings. 1. Choose Voice > SIP Server from the navigation tree on the web management system. The page shown in Figure 11-4 is displayed. Figure 11-4 SIP Server page 2. Ensure that the parameters listed in Table 11-1 are set correctly. Table 11-1 SIP Server parameters Parameter Description Working Mode Master: active SIP server Slave: standby SIP server Recovery Indicates whether to enable the failback function. When the active server fails, resources and services will be automatically switched to the standby server. If this function is enabled, resources and services will be automatically switched back to the original active server after the original active server has been recovered. Option Interval Interval for sending option messages to the active server. Option messages are used to check whether the active server can be used. NOTE This parameter is valid only for the master server. Address Type The address can be an IP address or a domain name. The network carrier provides this value. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 434 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Parameter Description 11 Troubleshooting IP/Domain DNS Type IP address or domain name of the SIP server. The network carrier provides this value. Mode for the DNS server to parse the IP address. This parameter is valid when Address Type is set to Domain. SRV: A domain name is configured to parse multiple IP address. The two IP addresses with the highest priorities are the IP addresses of the active SIP server and standby SIP server. NOTE If you set DNS Type to SRV, you do not need to configure the standby SIP server. HOST: One domain name corresponds to one IP address. To perform switchover between the active and standby servers, two SIP servers need to be configured. Server Type Select a server type according to the actual SIP network connected to the EGW1520. Port Port number of the SIP server. The network carrier provides this value. The default value 5060 is recommended. Expiration Time Timeout interval for the registration group to register with the SIP server, in seconds. The value ranges from 0 to 14400. The default value 360 is recommended. Step 3 Choose Voice > Phone Allocation from the navigation tree on the web management system, and check the registration group and external number configuration for Analog Phone users and IP Phone users. The registration group and external number configuration must be consistent with the settings on the IMS/NGN side. If an external number is prefixed with a plus sign (+), change the plus sign to 00. Step 4 Check whether the NAT function is enabled. Choose Management > Status from the navigation tree on the web management system,click the Network tab. If the value of NAT is not Enabled on the Network tab page, see Configuring ADSL or Configuring WAN to delete the Asymmetric Digital Subscriber Line

(ADSL) or Wide Area Network (WAN) connection and add another ADSL or WAN connection to enable the NAT function. Step 5 If the fault persists, see Obtaining Huawei Technical Support.

----End 11.3.2 Failure to Make Outer-Office Calls This topic provides the method to use for troubleshooting when outer-office calls cannot be made. Symptom Intra-office users cannot make calls to outer-office users. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 435 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 11 Troubleshooting When an intra-office user makes a call to an outer-office user, the first call attempt fails and the second succeeds. Possible Causes The dial on demand function is enabled on the EGW1520. Troubleshooting Procedure Step 1 Check whether the dial on demand function is enabled on the EGW1520. 1. Choose Management > Status from the navigation tree on the web management system. 2. Click theNetwork tab. Check the value of Status. The page shown in Figure 11-5 is displayed. Figure 11-5 Value of Status If the value of Status is Idle, the dial on demand function is enabled on the EGW1520. Then go to 2. If the value of Status is not Idle, go to 3. Step 2 Disable the dial on demand function on the EGW1520. The following describes how to disable the WAN dial on demand function. To disable the ADSL dial on demand function, see ADSL Configuration. 1. Select Network > WAN from the navigation tree on the web management system. The page shown in Figure 11-6 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 436 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Figure 11-6 Configuring the WAN connection (1) 11 Troubleshooting 2. Click

. The page shown in Figure 11-7 is displayed. Figure 11-7 Configuring the WAN connection (2) 3. Click

. The page shown in Figure 11-8 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 437 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Figure 11-8 Disabling the dial on demand function 11 Troubleshooting 4. Deselect Dial on demand (with idle timeout timer) to disable the dial on demand function. Step 3 If the fault persists, see Obtaining Huawei Technical Support.

----End 11.3.3 Calls Cannot Be Set Up Between an IP Phone and an Analog Phone This topic provides the method to use for troubleshooting when calls cannot be set up between an IP phone and an analog phone. Symptom Calls cannot be set up between an IP phone and an analog phone. Possible Causes Cable connections are incorrect. One or both phones are faulty. The two phones use different codecs. The IP Phone gateway configuration is incorrect. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 438 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Troubleshooting Procedure 11 Troubleshooting Step 1 Check cable connections between the IP phone and an analog phone. If the cable is disconnected from either phone, reconnect it. Use a new cable if the original one is damaged. Step 2 Check the phones. If they are faulty, replace them. Step 3 Check the voice codecs configured on IP phones and EGW1520. Ensure that they share at least one voice codec. To change the voice codec of the IP phone, see the IP phone user manual. The voice codec of the analog phone is determined by the voice codec of EGW1520. To change the voice codec of the analog phone, proceed as follows:

1. Choose Voice > Voice Parameters from the navigation tree on the web management system. 2. Click the DSP tab. The page shown in Figure 11-9 is displayed. Figure 11-9 DSP tab page Issue 01 (2012-05-15) Huawei Proprietary and Confidential 439 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 11 Troubleshooting 3. Select available codec types and add them to the Selected box. Step 4 Check the IP Phone gateway configuration. For details about how to configure the IP Phone gateway, see the IP Phone user manual. Step 5 If the fault persists, see 11.2.5 Obtaining Technical Support.

----End 11.3.4 CCBS Service Is Unavailable This topic provides the method to use for troubleshooting when the Call Completion on Busy Subscriber (CCBS) service is unavailable. Symptom The CCBS service is unavailable. Possible Causes The CCBS service is disabled. The CCBS service is enabled for certain prefixes only. The CCBS service is enabled, but the calling party has enabled the calling line identification restriction (CLIR) function. The services that allow users to answer multiple calls simultaneously are disabled on the IMS or NGN server. These services include multiple call service and call waiting service. Troubleshooting Procedure Step 1 Check whether the CCBS service is enabled. 1. Choose Voice > Service Manager from the navigation tree on the web management system. The page shown in Figure 11-10 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 440 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Figure 11-10 Enabling the service right 11 Troubleshooting 2. Click

. The page shown in Figure 11-11 is displayed. Figure 11-11 Selecting a user 3. Select the user whose voice services need to be enabled. 4. Click

. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 441 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 11 Troubleshooting 5. Select the CCBS service to enable it. The page shown in Figure 11-12 is displayed. Figure 11-12 Enabling the CCBS service Step 2 Check whether the CCBS service is enabled for certain prefixes only and the calling number starts with a different prefix. 1. Choose Voice > Service Manager from the navigation tree on the web management system. 2. Click the Service Configure tab. The page shown in Figure 11-13 is displayed. Figure 11-13 Service Configure tab page Issue 01 (2012-05-15) Huawei Proprietary and Confidential 442 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 11 Troubleshooting 3. Click

. The page shown in Figure 11-14 is displayed. Figure 11-14 Selecting a user 4. Select the user whose services need to be configured. 5. Click

. The page shown in Figure 11-15 is displayed. Figure 11-15 Configuring the CCBS service (1) 6. Click Apply. The page shown in Figure 11-16 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 443 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Figure 11-16 Configuring the CCBS service (2) 11 Troubleshooting If you do not specify the value of Number, all users can trigger the CCBS service when making calls. If you specify the value of Number, only users who have the preset user number or user number prefix can trigger the CCBS service. Step 3 Check whether the calling party has enabled the CLIR service. If the calling party has enabled the CLIR service, the called party cannot call back because the calling number cannot be obtained. If the calling party is an EGW1520 user, see Calling Line Identity Restriction to disable the CLIR service. Step 4 Enable the services that allow users to answer multiple calls simultaneously on the IMS or NGN server. If the calling party is a user on the IMS or NGN side and the call waiting service is disabled, the CCBS service is unavailable. Step 5 If the fault persists after you perform the preceding operations, see Obtaining Huawei Technical Support.

----End 11.3.5 Failure to Synchronize Data in the UC Mode This topic provides the method to use for troubleshooting when the EGW1520 cannot synchronize data in the UC mode. Symptom The EGW1520 failed to synchronize data when the UC mode is enabled. Possible Causes Network faults occur. The data synchronization server is configured incorrectly. EGW1520 synchronization is not configured on the data synchronization server. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 444 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Troubleshooting Procedure Step 1 Check whether the network is normal. 1. Check the network connection. 11 Troubleshooting Choose Management > Status from the navigation tree on the web management page. Click the Network tab. If Status is set to Connected on the Network tab page, the network connection is normal. You can also check the Internet indicator. If the indicator is steady on or blinks, the network connection is normal. If Status is set to other values, the network connection is abnormal. See Installation to verify cable connection and 7.2 Connection Modes to verify network connection configurations. 2. Check the ADSL or WAN port configuration. If the EGW1520 uplink mode is ADSL, choose Network > ADSL from the navigation tree on the web management page, and check the ADSL configuration. If the EGW1520 uplink mode is WAN, choose Network > WAN from the navigation tree on the web management page, and check the WAN port configuration. 3. Ping the data synchronization server from the EGW1520. For details, see 8.4 Pinging IP Addresses. If the data synchronization server fails to be pinged, contact the enterprise IT administrator to check whether the data synchronization server is faulty. Step 2 Verify that the IP address, port, and synchronization key are correctly configured on the data synchronization server. Choose Voice > SIP Server from the navigation tree on the web management page, and check the port and synchronization key configuration on the data synchronization server. The synchronization key of the data synchronization server on the EGW1520 side must be the same as that of the data synchronization server on the enterprise headquarters side. Step 3 Contact the enterprise IT administrator to check whether EGW1520 synchronization is configured on the data synchronization server. If yes, ask the enterprise IT administrator to check whether the EGW1520 synchronization is correctly configured. If no, ask the enterprise IT administrator to add the EGW1520 synchronization to the data synchronization server. Step 4 If the fault persists, see 11.2.5 Obtaining Technical Support.

----End 11.4 Network Faults Network faults primarily include network port indicator fault and uplink network disconnection. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 445 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 11 Troubleshooting 11.4.1 Network Port Indicator Fault This topic provides the method to use for troubleshooting when the network port indicator is off while network cables are connected to the port. Symptom The LAN or WAN port indicator is off when network cables are connected to the port. Possible Causes The device is powered off. The network cable is improperly connected to the port. The network cable is faulty. The network negotiation fails. Troubleshooting Procedure Step 1 Ensure that the EGW1520 is powered on. Step 2 Ensure that the network cable is properly connected to the port. Step 3 Check the network cable. Insert the cable into another port. If the indicator is on, the cable is intact. If the indicator is off, the cable is damaged. In this case, replace the cable. Step 4 Ensure that the port connected to the EGW1520 is set to auto-negotiation mode. For details about how to set auto-negotiation mode, see the user manual for the peer device. Step 5 If the fault persists, see Obtaining Huawei Technical Support.

----End 11.4.2 Failure to Access the IP Network Through ADSL This topic provides the method to use for troubleshooting when the EGW1520 fails to access the IP network through the asymmetric digital subscriber line (ADSL). Symptom The ADSL is configured, but the EGW1520 fails to access the IP network through the ADSL. Figure 11-17 and Figure 11-18 show the Network pages where the IP address is null and the value of Status is Idle. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 446 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Figure 11-17 Network page (null IP address) 11 Troubleshooting Figure 11-18 Network page (idle state) Possible Causes The ADSL connection line is damaged. The ATM interface configuration is inconsistent with the configuration on the Digital Subscriber Line Access Multiplexer (DSLAM) side. A static IP address is configured and the Broadband Remote Access Server (BRAS) does not support static IP addresses. The Point-to-Point Protocol (PPP) authentication information is inconsistent with the corresponding information on the BARS side. The dial on demand function is enabled but no traffic flows through the uplink ADSL. Troubleshooting Procedure Step 1 Check the ADSL connection line. Check the ADSL indicator on the front panel. If the indicator blinks, ADSL line training is being performed. Wait and re-access the IP network a few minutes later. If the indicator is off, ADSL line training fails. Ensure that the phone line is intact and inserted properly. If the indicator is steady on, the ADSL connection line is intact and inserted properly. Step 2 Choose Network > ADSL from the navigation tree on the web management system. The page shown in Figure 11-19 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 447 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Figure 11-19 ADSL configuration 11 Troubleshooting Step 3 Ensure that the following configuration on the ADSL ATM interface is consistent with that on the DSLAM side:

VPI and VCI DSL latency Encapsulation mode and service category DSL Link Type For the PPPoE service, the value must be set to EoA on the ADSL ATM interface. For the PPPoA service, the value must be set to PPPoA on the DSL ATM interface. Step 4 Ensure that the following configuration is consistent between the ADSL service side and the BRAS side:

Static IP address: If a static IP address is configured on the ADSL service side, check whether the BRAS supports static IP addresses. If the BRAS does not support static IP addresses, do not use a static IP address. If the BRAS supports static IP addresses, check whether the static IP address is within the supported static IP address range. PPP authentication information, including the PPP user name, password, and authentication mode (the authentication mode can be set to Auto). Encapsulation mode and service category. Step 5 If the dial on demand function is enabled, use a computer that is connected to the EGW1520 to access the Internet so that the traffic flows through uplink ADSL to trigger a network connection. Step 6 If the fault persists, see Obtaining Huawei Technical Support.

----End 11.4.3 Failure to Use 3G Data Card to Access a 3G Network This topic provides the method to use for troubleshooting when the EGW1520 cannot access a 3G network with a 3G data card. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 448 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Symptom 11 Troubleshooting Although a 3G data card is installed and configured, the EGW1520 cannot access a 3G network if the ADSL or WAN connection is unavailable. When Backup Mode is set to Manual, manual operations are required to enable the EGW1520 to access a 3G network. Possible Causes Possible causes are as follows:

Parameter settings are incorrect. The 3G data card is faulty. No subscriber identity module (SIM) card is inserted in the 3G data card, or the 3G data card does not support the SIM card that is inserted. The SIM card is in arrears. The SIM card signals are poor. The data service has not been enabled. The personal identity number (PIN) lock function is enabled, but the SIM card is locked. Troubleshooting Procedure Step 1 Ensure that the model and version of the 3G data card is compatible to the EGW1520. The EGW1520 supports the following 3G data cards: Huawei ET302 with software version of 11.100.05.00.00, Huawei ET127 with software version of 11.101.01.36.00, Huawei K3765 with software version of 11.126.03.06.00, and Huawei E176G with software version of 11.126.03.02.00. Step 2 Check the 3G data card indicator. If the indicator blinks, the 3G data card is connected properly. If the indicator is off, the physical connection is faulty between the 3G data card and the EGW1520 USB port. Ensure that the 3G data card is properly inserted and that the card is intact. Step 3 Ensure that the SIM card is correctly inserted in the 3G data card. Step 4 Ensure that the SIM card is in WCDMA mode, it has subscribed to the data service and has a sufficient account balance. For details, consult the carrier to whom the card belongs. Step 5 Ensure that the SIM card is unlocked if the PIN lock function is enabled. To unlock a SIM card, perform the following operations:

1. Choose Network > 3G from the navigation tree on the web management system. The page shown in Figure 11-20 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 449 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Figure 11-20 Entering the PIN code 11 Troubleshooting 2. Enter the PIN code and click

. If you forget the PIN code, contact the carrier. It takes about 15 seconds to unlock a SIM card. The SIM card will be locked by the PIN Unblocking Key (PUK) code if you enter incorrect PIN codes three consecutive times. When this occurs, contact the carrier. Disable the PIN lock function if Backup Mode is Auto, so that the EGW1520 can connect to the 3G network automatically when it is disconnected from the ADSL or WAN port. Step 6 Verify the 3G parameter values. To obtain the parameter values, contact the carrier. Use the default values if the carrier does not provide those values. The page shown in Figure 11-21 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 450 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Figure 11-21 Verifying 3G parameter settings 11 Troubleshooting Step 7 On the 3G Configuration tab page, view the signal strength. Poor signals may disable the data service. Relocate the EGW1520 to improve the signal strength. The page shown in Figure 11-22 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 451 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Figure 11-22 Viewing the signal strength 11 Troubleshooting Step 8 If the fault persists, see Obtaining Huawei Technical Support.

----End 11.4.4 Failure to Connect to the Wireless Network Client That Discovers an SSID This topic provides the method to use for troubleshooting when the EGW1520 fails to connect to the wireless network client that discovers an SSID. Symptom A client discovers an SSID but fails to associate with the EGW1520 after you enter authentication information. Possible Causes The authentication information is incorrect. The client and server use different authentication modes. The MAC address of the client is filtered out by the blacklist or whitelist configured on the server. Troubleshooting Procedure Step 1 Verify that you have entered the same authentication information (such as the WPS key) as that you have configured on the server. Step 2 Ensure that the client and server use the same authentication mode. Step 3 Check the settings of MAC Filter on the EGW1520. In the blacklist, add the MAC addresses of clients that are not allowed to connect to the EGW1520. In the whitelist, add the MAC addresses of clients that are allowed to connect to the EGW1520. Step 4 If the fault persists, see 11.2.5 Obtaining Technical Support.

----End Issue 01 (2012-05-15) Huawei Proprietary and Confidential 452 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 11 Troubleshooting 11.4.5 Failure to Restrict the File Transfer Rate When Configuring QoS Policies This topic provides the method to use for troubleshooting when users fail to restrict the file transfer rate when configuring QoS policies. Symptom Users fail to restrict the file transfer rate when configuring QoS policies. Possible Causes The action interface is not enabled. An incorrect traffic classification or action interface is selected. Required parameters are not set or are incorrectly set. Troubleshooting Procedure Step 1 Check whether the indicator blinks on the action interface such as the WAN interface. If the indicator blinks, the action interface is enabled. Ensure that network parameters are set correctly. For example, WAN or ADSL connections are correctly added on the web management page. Step 2 Verify that the traffic classification and action interfaces are valid. The selected interface must be a physical interface such as eth-wan, eth-lan, wl0, or atm, not a logical interface such as WAN, LAN, or Local. In addition, traffic classification and act ion interfaces must be different. If the traffic classification interface is eth-lan, the action interface is eth-wan or atm. The page shown in Figure 11-23 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 453 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Figure 11-23 QoS traffic classification and action interfaces 11 Troubleshooting Step 3 Set Ether Type to IP (0x800) and configure the correct source or destination IP address. If the source or destination IP address is a QoS policy, do not configure the MAC address. Step 4 If the fault persists, see 11.2.5 Obtaining Technical Support.

----End 11.4.6 Some Normal Data Packets Are Lost After the Flood Attack Defense Function Is Enabled This topic provides the method to use for troubleshooting when some normal data packets are lost after the flood attack defense function is enabled. Symptom After the flood attack defense function is enabled, some normal data packets are discarded. Possible Causes In the configuration of the flood attack defense function, the upper threshold of the data transmission rate is smaller than that is supported so that some normal data packets are discarded. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 454 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Troubleshooting Procedure 11 Troubleshooting Step 1 Set the upper threshold of the data transmission rate to a value larger than that is supported. If the supported data transmission rate value is larger than the upper threshold value for a flood attack defense type, for example, 50 for ICMP flood attack defense and 1000 for SYN and UDP flood attack defense, disable flood attack defense for this type of data packets. The page shown in Figure 11-24 is displayed. Figure 11-24 Configuring the flood attack defense Step 2 If the fault persists, see 11.2.5 Obtaining Technical Support.

----End 11.4.7 Signals Cannot Be Transmitted Through a VPN Tunnel This topic provides the method to use for troubleshooting when signals cannot be transmitted through a VPN tunnel. Symptom The VPN tunnel is set up successfully while signals cannot be transmitted through it. For example, PC1 and PC2 cannot communicate, as shown in Figure 11-25. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 455 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Figure 11-25 Typical network 11 Troubleshooting Possible Causes No route is configured between PCs. Troubleshooting Procedure Step 1 Check for the route between the PCs and add a route when necessary. For example, run the route add 192.168.20.0 mask 255.255.255.0 192.168.30.1 command to add a route from PC1 to PC2, as shown in Figure 11-25. Step 2 If the fault persists, see 11.2.5 Obtaining Technical Support.

----End 11.4.8 IKE Negotiation Failure in the VPN Tunnel This topic provides the method to use for troubleshooting when IKE negotiation fails in the VPN tunnel so that VPN servers at both ends of the VPV tunnel cannot set up a connection. Symptom The VPN server at one end of the VPN tunnel has the IKE negotiation information at the first stage, while the VPN server at the other end does not. Possible Causes The VPN server at one end of the VPN tunnel has saved the IKE negotiation information at the first stage during the previous IKE negotiation. Troubleshooting Procedure Step 1 Clear the IKE negotiation information from VPN servers at both ends and verify that both servers negotiate from the first stage. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 456 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 11 Troubleshooting Choose VPN > IPSec Info on the EGW1520. The IPSec Info page is displayed. Click Clear SPI to clear the IKE negotiation information from VPN servers at both ends. Step 2 If the fault persists, see 11.2.5 Obtaining Technical Support.

----End 11.5 System Faults System faults mainly include web management system fault and failure to obtain the system time from the NTP server. 11.5.1 Failing to Log In to the Web Management System Using HTTPS This topic provides the method to use for troubleshooting when users cannot log in to the web management system by using the Hypertext Transfer Protocol Secure (HTTPS). Symptom When a user logs in to the web management system by HTTPS, Internet Explorer (IE) does not respond for a long time or displays a warning message indicating a certificate error. Possible Causes The network connection between the computer (that is, the maintenance terminal) and the EGW1520 is abnormal. The IE on the computer is faulty. Troubleshooting Procedure Step 1 Check the network port indicator. The network connection is faulty if the indicator is off. To rectify the fault, see 11.4.1 Network Port Indicator Fault. Step 2 Ensure that the IP addresses (192.168.1.1 by default) of the computer and the EGW1520 are on the same network segment. For example, if the IP address of the EGW1520 is 192.168.1.1, set the IP address of the computer to 192.168.1.x. The value of x ranges from 2 to 254. Step 3 Check the IE on the computer. The EGW1520 supports only IE 6.0 version or a later version and does not support proxy servers. If you use IE 7.0, login in HTTPS mode takes a long time. Step 4 Verify that you have accepted the EGW1520 security certificate. If you use IE 6.0, click Yes to continue when logging in in HTTPS mode. The page shown in Figure 11-26 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 457 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Figure 11-26 Using IE 6.0 to log in 11 Troubleshooting If you use IE 7.0 or a later version, click Continue to this website (not recommended). to continue when logging in in HTTPS mode. The page shown in Figure 11-27 is displayed. Figure 11-27 Using IE 7.0 or a later version to log in Step 5 If the fault persists after you perform the preceding operations, see Obtaining Huawei Technical Support. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 458 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation

----End 11 Troubleshooting 11.5.2 Web Login Page Is Displayed Whatever Button or Link Users Click on a Page This topic provides the method to use for troubleshooting when the system always displays the login page whenever a user clicks a button or link on a page. Symptom The system always displays the login page no matter what button or link a user clicks on a page. If you do not perform an operation within ten minutes after logging in to the web management system, the system locks the page and requires re-login to ensure security. Possible Causes The Internet Explorer (IE) settings are incorrect on the maintenance terminal. The cache of the IE on the maintenance terminal is faulty. Troubleshooting Procedure Step 1 Check the IE settings on the maintenance terminal. 1. Start the IE, and choose tools > Internet Options. The page shown in Figure 11-28 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 459 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 11 Troubleshooting Figure 11-28 Checking the IE settings on the maintenance terminal (1) 2. Click Settings. The page shown in Figure 11-29 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 460 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 11 Troubleshooting Figure 11-29 Checking the IE settings on the maintenance terminal (2) 3. Select Check on every visit to the page or Auto (Auto indicates that the EGW1520 web management system determines whether to detect a later version of Web pages). Step 2 If the fault persists, delete the cache data and history records. The page shown in Figure 11-30 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 461 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Figure 11-30 Deleting the cache data and history records 11 Troubleshooting Step 3 If the fault persists, see Obtaining Huawei Technical Support.

----End 11.5.3 An Error Message Is Displayed or No Response Is Received When Users Click a Button or Link on a Page This topic provides the method to use if an error message is displayed or no response is received when users click a button or link on a Web page. Symptom When a user clicks a button or link on a page, the system displays an error message or does not return a response. Possible Causes The network connection between the maintenance terminal and the EGW1520 is abnormal or the network quality is poor. The IE settings are incorrect. The IE cache contains error files. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 462 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Troubleshooting Procedure 11 Troubleshooting Step 1 Check the network port indicator. A network fault occurs if the indicator is off. To rectify the fault, see 11.4.1 Network Port Indicator Fault. Step 2 Click in IE or press Ctrl+F5 to forcibly refresh the page. Step 3 Check the IE settings on the maintenance terminal. 1. Start the IE, and choose tools > Internet Options. The page shown in Figure 11-31 is displayed. Figure 11-31 Checking the IE settings on the maintenance terminal (1) 2. Click Settings. The page shown in Figure 11-32 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 463 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 11 Troubleshooting Figure 11-32 Checking the IE settings on the maintenance terminal (2) 3. Select Check on every visit to the page or Auto (Auto indicates that the EGW1520 web management system determines whether to detect a later version of Web pages). Step 4 If the fault persists, delete the cache data and history records. The page shown in Figure 11-33 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 464 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Figure 11-33 Deleting the cache data and history records 11 Troubleshooting Step 5 If the fault persists, see Obtaining Huawei Technical Support.

----End 11.5.4 Word Display Is Incomplete or the System Does Not Respond After You Click a Button This topic provides the method to use for troubleshooting when word display is incomplete or the system does not respond after you click a button. Symptom Word display is incomplete, the system does not respond after you click a button, or the word

"undefined" is displayed after you click a button. Possible Causes A browser different from Internet Explorer is used. The Internet Explorer version is earlier than 6.0. The UI file has been updated after version upgrade, while the browser uses the old UI file in the cache. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 465 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Troubleshooting Procedure 11 Troubleshooting Step 1 Ensure that the Internet Explorer version is 6.0 or later. Step 2 Open Internet Explorer and choose Tools > Internet Options > General. Clear files and historical records about the URL from the browser cache. The page shown in Figure 11-34 is displayed. Figure 11-34 Clearing the Internet Explorer cache and historical data Step 3 (Optional) Press Ctrl+F5 to refresh the UI. Step 4 If the fault persists, see 11.2.5 Obtaining Technical Support.

----End 11.5.5 The IE Displays an Error Message When Multiple User Data Records Are Configured Simultaneously This topic provides the method to use for troubleshooting when the IE displays an error message when multiple user data records are configured simultaneously. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 466 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Symptom 11 Troubleshooting The IE displays an error message when multiple user data records are configured simultaneously. Figure 11-35 shows the error message. Figure 11-35 Error message displayed by the IE Possible Causes The version of the IE is earlier than 6.0. The memory of the PC is insufficient. IE files on the PC are damaged. Troubleshooting Procedure Step 1 Open IE, and choose Help > About Internet Explorer to view the version of the IE. The page shown in Figure 11-36 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 467 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Figure 11-36 Viewing the IE version 11 Troubleshooting The EGW1520 requires IE 6.0 or a later version. If your IE version is earlier than 6.0, go to www.microsoft.com to upgrade it. Step 2 Stop other running applications on your PC to free up memory space, and configure data again. Step 3 If the fault persists, delete temporary Internet files from the cache of your IE. The page shown in Figure 11-37 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 468 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Figure 11-37 Deleting temporary Internet files 11 Troubleshooting Step 4 If the fault persists, restart your PC. Step 5 If the fault still persists, uninstall your IE, and go to www.microsoft.com to download IE 6.0 or a later version and install it. Step 6 If the fault persists, see Obtaining Huawei Technical Support.

----End 11.5.6 System Time Cannot Be Obtained from the NTP Server or the Obtained Time Is Incorrect This topic provides the method to use for troubleshooting when system time cannot be obtained from the NTP server or the time obtained is incorrect. Symptom System time cannot be obtained from the NTP server or the time obtained is incorrect. Possible Causes Possible causes are as follows:

Issue 01 (2012-05-15) Huawei Proprietary and Confidential 469 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 11 Troubleshooting The uplink network connection is abnormal. The NTP server is unreachable. The time zone or Daylight Saving Time (DST) configuration is incorrect. Troubleshooting Procedure Step 1 Check the synchronization status of the NTP server. Choose Management > Date & Time from the navigation tree on the web management system. Click the NTP Server tab. The page shown in Figure 11-38 is displayed. Figure 11-38 Checking the synchronization status of the NTP server If Synchronization Status is Unsynchronized, go to 2 and 3. If Synchronization Status is Synchronized, go to 4. Step 2 Check the network connection. Check the network connection in either of the following ways:

Check whether the Internet indicator is on. If the indicator is on or blinks, the EGW1520 has been registered with the network service provider and the network connection is normal. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 470 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 11 Troubleshooting Choose Management > Status from the navigation tree on the web management system,click the Network tab. If the value of Status is Connected on the Network page, the network connection is normal. If the network connection is abnormal, see Installation to verify the cable connections and 7.2 Connection Modes to verify the network configuration. Step 3 Check whether the NTP server is reachable. Run the ping command to check whether the NTP server is reachable. For example, enter ping time.nist.gov on the computer connected to the EGW1520. If this web site can be pinged, the NTP server is reachable. If the ping command fails, the NTP server is unreachable. Use another NTP server. Step 4 Verify that the EGW1520 time zone and DST are configured correctly. Choose Management > Date & Time from the navigation tree on the web management system. The page shown in Figure 11-39 is displayed. Figure 11-39 Checking the time zone and DST configuration Step 5 If the fault persists, see Obtaining Huawei Technical Support.

----End 11.5.7 Failing to Restore Factory Settings by Pressing RESET This topic provides the method to use for troubleshooting when the factory settings cannot be restored after the RESET button is pressed. Symptom The factory settings are not restored on the EGW1520 after a user presses the RESET button. Possible Causes Possible causes are as follows:

Issue 01 (2012-05-15) Huawei Proprietary and Confidential 471 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 11 Troubleshooting The user holds the RESET button for less than six seconds. To restore the factory settings, the RESET button must be held for at least six seconds. The user does not hold the RESET button stably. Troubleshooting Procedure Step 1 Press and hold the RESET button for six seconds. Step 2 If the fault persists after you perform the preceding operations, see Obtaining Huawei Technical Support.

----End Issue 01 (2012-05-15) Huawei Proprietary and Confidential 472 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 12 Reference 12 Reference About This Chapter Web_Parameters_Reference 12.1 TR-069 Parameter Reference This topic describes user-defined TR-069 parameters on the EGW1520. 12.2 Security Log Information This topic describes the security log information displayed on the security log page. 12.3 Customizing Voice Prompts for the Switchboard This topic describes how to customize voice prompts for the switchboard. Before delivery, the EGW1520 is loaded with switchboard voice prompts by default. 12.1 TR-069 Parameter Reference This topic describes user-defined TR-069 parameters on the EGW1520. Table 12-1 lists the user-defined TR-069 parameters on the EGW1520. For details about other TR-069 parameters, see TR-069. In Writable, W represents Write. In Default Value, false represents 0 and true represents 1. Table 12-1 TR-069 Parameter Parameter Type Writable Description Default Value InternetGatewa yDevice.Device Info. object X_CPE_SwBui string

-

-

-

-

Time when the software was

<Empty>

Issue 01 (2012-05-15) Huawei Proprietary and Confidential 473 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 12 Reference Parameter Type Writable Description Default Value ldTimestamp X_CPE_DslPhy DrvVersion string

-

X_CPE_VoiceS erviceVersion string InternetGatewa yDevice.X_CP E_SyslogCfg. object

-

-

Status string W Option string W LocalLogLevel string W ServerIPAddres s string W built. Version number of the Digital subscriber line

(DSL) physical layer (PHY) and Driver. Version number of the voice software.

<Empty>

<Empty>

Syslog configuration file.

-

Disabled local buffer Error 0.0.0.0 Indicates whether the Syslog is enabled. Path for storing exported syslogs. The values are local buffer, remote, and local buffer and remote. Log level. The values are emergency, alert, critical, error, warning, notice, informational, and debug. IP address of the remote syslog server. This parameter is valid only if Option is set to remote, local buffer and remote, or local file and remote. ServerPortNum unsignedInt[1:6 W Port of the 514 Issue 01 (2012-05-15) Huawei Proprietary and Confidential 474 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 12 Reference Parameter ber Type 5535]

Writable Description Default Value remote syslog server. object

-

-

-

InternetGatewa yDevice.Manag ementServer. X_CPE_Bound IfName string W Any_WAN WAN port that TR-069 uses, for example, nas_0_35. This parameter can be set to Any_WAN and LAN. The value Any_WAN indicates that TR-069 will use any WAN connections. The value LAN indicates that TR-069 will use the default LAN subnet br0. Developers who have no WAN connection use the value LAN. The values are Any_WAN and LAN.

-

-

7200 no-Auth Interval for synchronizing time with the NTP server. Authentication type during time synchronization of the NTP server. The values are no-Auth, DES_Standard

, DES_NTP_Sta InternetGatewa yDevice.Time. object X_CPE_NTPSy ncInterval unsignedInt[30 0:604800]

-

W X_CPE_NTPA uthenType string W Issue 01 (2012-05-15) Huawei Proprietary and Confidential 475 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 12 Reference Parameter Type Writable Description Default Value X_CPE_NTPA uthenKeyid unsignedInt[1:6 5535]

W X_CPE_NTPA uthenKey string(64) W ndard, DES_ASCII, and MD5. ID of the NTP server authentication key. NTP server authentication key. When X_CPE_NTPA uthenType is set to DES_Standard and DES_NTP Standard, the key is a string of 16 bytes that are internally converted to an 8-byte hexadecimal value. When X_CPE_NTPA uthenType is set to DES ASCII, the key is an ASCII string of 1-8 bytes. When X_CPE_NTPA uthenType is set to MD5, the key is a string of 1-64 bytes. object

-

-

InternetGatewa yDevice.WAN Device.{i}.WA NCommonInter faceConfig. X_CPE_TxErro rs unsignedInt

-

X_CPE_RxErro rs unsignedInt

-

Total number of errors transmitted by a port. Total number of errors received by a port. 1

<Empty>

-

-

-

X_CPE_TxDro unsignedInt

-

Total number

-

Issue 01 (2012-05-15) Huawei Proprietary and Confidential 476 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 12 Reference Parameter Type Writable Description Default Value ps X_CPE_RxDro ps unsignedInt

-

object

-

InternetGatewa yDevice.WAN Device.{i}.X_C PE_XTM_Inter face_Stats.{i}. Port Status unsignedInt string InOctets unsignedInt OutOctets unsignedInt

-

-

-

-

InPackets unsignedInt

-

OutPackets unsignedInt

-

-

-

of dropped packets transmitted by a port. Total number of dropped packets received by a port. This object contains the statistics on the xTM

(ATM/PTM) port. This object is used to replace X_CPE_ATM _Interface_Sta ts, which is outdated. Port number. 1 Disabled 0 0 0 0 Port status. The values are Enable and Disable. Number of bytes received by a port. Number of bytes transmitted by a port. Number of AAL5, AAL0, and PTM packets received by a port. Number of AAL5, AAL0, and PTM packets transmitted by a port. InOAMCells unsignedInt

-

Number of ATM, OAM, 0 Issue 01 (2012-05-15) Huawei Proprietary and Confidential 477 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 12 Reference Parameter Type Writable Description Default Value OutOAMCells unsignedInt

-

InASMCells unsignedInt

-

OutASMCells unsignedInt

-

InPacketErrors unsignedInt

-

InCellErrors unsignedInt

-

and RM cells received by a port. Number of ATM, OAM, and RM cells transmitted by a port. Number of ATM, Bonding, and ASM cells received by a port. Number of ATM, Bonding, and ASM cells transmitted by a port. Number of error packets received by a port. Number of error cells received by a port. object

-

-

0 0 0 0 0

-

InternetGatewa yDevice.WAN Device.{i}.WA NDSLInterface Config. X_CPE_AdslM odulationCfg string W ADSL_Modulat ion_All Modulation mode. The supported values are ADSL_G.dmt, ADSL_G.lite, ADSL_G.dmt. bis, ADSL_re-adsl, ADSL_2plus, and ADSL_ANSI_ T1.413. Note: 1. The ADSL_re-adsl parameter takes effect only Issue 01 (2012-05-15) Huawei Proprietary and Confidential 478 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 12 Reference Parameter Type Writable Description Default Value when it is set together with other parameters. 2. When the ADSL_Modul ation_All parameter is set, other parameters do not need to be set. 3. The following parameters can be combined with a comma

(,):

ADSL_G.dmt, ADSL_2plus, ADSL_ANSI_ T1.413, and ADSL_G.dmt.b is. Inner pair or outer pair. Indicates whether the bit swap function is enabled. Indicates whether the seamless rate adaptation function is enabled. Current link power state. The values are L0 (indicating steady on), L2

(indicating low power), and L3

(indicating idle). Inner Pair On Off L3 X_CPE_Phone LinePair string X_CPE_Bitswa p string W W X_CPE_SRA string W X_CPE_LinkPo werState string

-

object

-

-

-

InternetGatewa yDevice.WAN Device.{i}.WA NDSLInterface Config.Stats.To Issue 01 (2012-05-15) Huawei Proprietary and Confidential 479 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 12 Reference Parameter Type Writable Description Default Value tal. X_CPE_RxRsC orrectable unsignedInt

-

X_CPE_RxRsC orrectable_2 unsignedInt

-

X_CPE_TxRsC orrectable unsignedInt

-

X_CPE_TxRsC orrectable_2 unsignedInt

-

X_CPE_TxRsU ncorrectable unsignedInt

-

X_CPE_TxRsU ncorrectable_2 unsignedInt

-

X_CPE_RxRsU ncorrectable unsignedInt

-

X_CPE_RxRsU ncorrectable_2 unsignedInt

-

X_CPE_TxRs Words unsignedInt

-

0 0 0 0 0 0 0 0 0 Total number of correctable errors received by RS. Total number of correctable errors received by RS. Total number of correctable errors transmitted by RS. Total number of correctable errors transmitted by RS. Total number of uncorrectable errors transmitted by RS. Total number of uncorrectable errors transmitted by RS. Total number of uncorrectable errors received by RS. Total number of uncorrectable errors received by RS. Total number of words transmitted by RS. X_CPE_TxRs unsignedInt

-

Total number 0 Issue 01 (2012-05-15) Huawei Proprietary and Confidential 480 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 12 Reference Parameter Type Writable Description Default Value Words_2 X_CPE_RxRs Words unsignedInt X_CPE_RxRs Words_2 unsignedInt X_CPE_Receiv eBlocks_2 unsignedInt X_CPE_Trans mitBlocks_2 unsignedInt X_CPE_ATUC FECErrors_2 unsignedInt

-

-

-

-

-

X_CPE_HECEr rors_2 unsignedInt

-

X_CPE_ATUC HECErrors_2 unsignedInt

-

X_CPE_Upstre amUas X_CPE_Downs treamUas X_CPE_Upstre amEs unsignedInt unsignedInt unsignedInt X_CPE_Upstre unsignedInt

-

-

-

-

of words transmitted by RS. Total number of words received by RS. Total number of words received by RS. Total number of received blocks. Total number of transmitted blocks. Total number of FEC errors detected by the ATU-C. FEC-CFE is defined in ITU-T Rec. G.997.1. Total number of detected HEC errors. HEC-P is defined in ITU-T Rec. G.997.1. Total number of HEC errors detected by the ATU-C. HEC-PFE is defined in ITU-T Rec. G.997.1. Upstream UAS counter. Downstream UAS counter. Upstream error rate. 0 0 0 0 0 0 0 0 0 0 Upstream sever 0 Issue 01 (2012-05-15) Huawei Proprietary and Confidential 481 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 12 Reference Parameter Type Writable Description Default Value amSes X_CPE_Upstre amBitErrors X_CPE_Upstre amBitErrors_2 X_CPE_Downs treamBitErrors X_CPE_Downs treamBitErrors_ 2 X_CPE_Upstre amDataCells X_CPE_Upstre amDataCells_2 X_CPE_Downs treamDataCells X_CPE_Downs treamDataCells _2 X_CPE_Upstre amTotalCells X_CPE_Upstre amTotalCells_2 X_CPE_Downs treamTotalCells X_CPE_Downs treamTotalCells _2 X_CPE_Upstre amLCD X_CPE_Upstre amLCD_2 X_CPE_Downs treamLCD X_CPE_Downs treamLCD_2 X_CPE_Upstre amOCD unsignedInt unsignedInt unsignedInt unsignedInt unsignedInt unsignedInt unsignedInt unsignedInt unsignedInt unsignedInt unsignedInt unsignedInt unsignedInt unsignedInt unsignedInt unsignedInt unsignedInt

-

-

-

-

-

-

-

-

-

-

-

-

-

-

-

-

-

error rate. Upstream bit error. Upstream bit error. Downstream bit error. Downstream bit error. Upstream data cell. Upstream data cell. Total downstream data cell. Total downstream data cell. Total upstream cell. Total upstream cell. Total downstream cell. Total downstream cells. 0 0 0 0 0 0 0 0 0 0 0 0 Upstream LCD. 0 Upstream LCD. 0 Downstream LCD. Downstream LCD. Upstream OCD. 0 0 0 Issue 01 (2012-05-15) Huawei Proprietary and Confidential 482 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 12 Reference Parameter Type Writable Description Default Value X_CPE_Upstre amOCD_2 X_CPE_Downs treamOCD X_CPE_Downs treamOCD_2 InternetGatewa yDevice.WAN Device.{i}.WA NEthernetInterf aceConfig. X_CPE_IfNam e InternetGatewa yDevice.WAN Device.{i}.WA NConnectionDe vice.{i}.WAND SLLinkConfig. X_CPE_ATM MinimumCellR ate unsignedInt unsignedInt unsignedInt object

-

-

-

-

string(32)

-

Upstream OCD. Downstream OCD. Downstream OCD.

-

0 0 0

-

<Empty>

Linux port name, for example, eth0, eth1, eth1.2, and eth1.3. object

-

-

unsignedInt

-

Number of errors detected during header error check at the ATM layer.

-

-

X_CPE_Schedu lerAlgorithm string X_CPE_ATMS tatus string X_CPE_MacA ddress string(17) X_CPE_IfNam e string object InternetGatewa yDevice.WAN Device.{i}.WA NConnectionDe

-

-

-

-

-

Scheduling algorithm. SP ATM status.

<Empty>

<Empty>

MAC address of the PVC port. This parameter is used in the PPPoE, bridge, and MER modes. Port name.

<Empty>

ATM initialization parameters.

-

Issue 01 (2012-05-15) Huawei Proprietary and Confidential 483 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 12 Reference Parameter Type Writable Description Default Value vice.{i}.WAND SLLinkConfig. X_CPE_ATM_ PARMS. ATMFreeCellQ Size unsignedInt ATMFreePacke tQSize unsignedInt ATMFreePacke tQBufferSize unsignedInt

-

-

-

ATMFreePacke tQBufferOffset unsignedInt

-

ATMReceiveC ellQSize unsignedInt

-

ATMReceivePa cketQSize unsignedInt

-

ATMTransmitF ifoPriority unsignedInt ATMAal5Cpcs MaxSduLength unsignedInt unsignedInt object ATMAal2Sscs MaxSsarSduLe ngth InternetGatewa yDevice.WAN Device.{i}.WA NConnectionDe vice.{i}.X_CPE _WANUSB. IfName string(32) ManulDialFlag boolean

-

-

-

-

-

-

Length of the free ATM cell queue. Length of a free ATM packet queue. Length of a free ATM packet queue in the buffer. Offset of a free ATM packet queue in the buffer. Length of the queue of cells received by the ATM. Length of the queue of cells received by the ATM. FIFO priority in ATM transmission. Maximum SDU length of ATM AAL5 CPCS. Maximum SDU length of ATM AAL2 CPCS. WANUSB configurations.

-

-

-

-

-

-

-

-

-

-

Port name. Dialing mode. The values are true (Manual) ppp0 false Issue 01 (2012-05-15) Huawei Proprietary and Confidential 484 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 12 Reference Parameter Type Writable Description Default Value ConnectStatus int[0:4]

-

SIMPIN string(32) SimPinLockEn able boolean DialStringTD string(32) APNTD string(32) DailMethod int[0:2]

SimCardState int[0:5]

ISP string(64) SigIntensity int[0:99]

localIP string(32) DNS string(64)

-

-

-

-

-

-

-

-

-

-

and false

(Auto). Connection status. The values are Connecting, Connected, and Disconnected. PIN code of a SIM card. Indicates whether to enable the system to use the PIN code to lock the SIM card.

-

-

Dialing mode. SIM card status. The values are 0

(ready), 1 (no device), 2 (PIN required), 3

(PUK required), and 4

(internal error). Network carrier. Signal intensity. The values are 0 to 5. The value 0 indicates no signal. Local IP address. IP address of the domain name server

(DNS). 0 1234 false

-

-

0 1 vodafone 0 0.0.0.0 0.0.0.0 Issue 01 (2012-05-15) Huawei Proprietary and Confidential 485 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 12 Reference Parameter Type Writable Description Default Value PrimaryDNS string(32) SecondDNS string(32) IMEI string(32) ConDuration unsignedInt SYSMODE string

-

-

-

-

-

IP address of the active DNS. 0.0.0.0 0.0.0.0 NoDataCard IP address of the standby DNS. International mobile equipment identity (IMEI). Connection duration. 0 System mode. No Service object W

-

-

InternetGatewa yDevice.WAN Device.{i}.WA NConnectionDe vice.{i}.WANI PConnection.{i

}. X_CPE_IfNam e string X_CPE_Op42N TPSrv string(128)

-

-

X_CPE_Op43V SI string(256)

-

X_CPE_Op66T FTPSrvName string(256)

-

X_CPE_Op67B ootfile string(256)

-

X_CPE_Op120 SIPSrv string(256)

-

Port name.

-

<Empty>

<Empty>

<Empty>

<Empty>

<Empty>

Option 42. IP address of the NTP server. The value format is IP1,IP2. Option 43. Specific vendor information. The value is a string. Option 66. TFTP server name. The value is a string. Option 67. Boot file name. The value is a string. Option 120. SIP server. The value format complies with Issue 01 (2012-05-15) Huawei Proprietary and Confidential 486 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 12 Reference Parameter Type Writable Description Default Value X_CPE_Op150 TFTPSrvIP string(256)

-

<Empty>

RFC3361. Option 150. IP address of the TFTP server. The value format is IP1,IP2. object

-

-

-

InternetGatewa yDevice.WAN Device.{i}.WA NConnectionDe vice.{i}.WANI PConnection.{i

}.Stats. X_CPE_RxDro ps unsignedInt

-

X_CPE_TxDro ps unsignedInt

-

X_CPE_RxErro rs unsignedInt X_CPE_TxErro rs unsignedInt

-

-

Total number of received packets that are dropped during a connection. Total number of transmitted packets that are dropped during a connection. Total number of received errors. Total number of transmitted errors. 0 0 0 0

-

0 InternetGatewa yDevice.WAN Device.{i}.WA NConnectionDe vice.{i}.WANP PPConnection.{

i}. X_CPE_Conne ctionEstablishe dTime object W

-

unsignedInt

-

Duration for establishing PPP connections. X_CPE_IfNam e X_CPE_Defaul tGateway string string

-

-

Port name.

-

Default gateway for the WAN port.

<Empty>

Issue 01 (2012-05-15) Huawei Proprietary and Confidential 487 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 12 Reference Parameter Type Writable Description Default Value The PPPoE/PPPoA WAN gateway is used only in the MDM mode. object

-

-

-

InternetGatewa yDevice.WAN Device.{i}.WA NConnectionDe vice.{i}.WANP PPConnection.{

i}.Stats. X_CPE_RxDro ps unsignedInt

-

X_CPE_TxDro ps unsignedInt

-

X_CPE_RxErro rs unsignedInt X_CPE_TxErro rs unsignedInt object InternetGatewa yDevice.Servic es.VoiceService

.{i}.

-

-

-

X_CPE_SipMi nExpire unsignedInt[30:

65535]

W X_CPE_SipMa xExpire unsignedInt[30:

65535]

W Total number of received packets that are dropped during a connection. Total number of transmitted packets that are dropped during a connection. Total number of received errors. Total number of transmitted errors.

-

0 0 0 0

-

120 3600 Minimum timeout duration for the local SIP user to send a registration request to EGW1520. Maximum timeout duration for the local SIP user to send a registration Issue 01 (2012-05-15) Huawei Proprietary and Confidential 488 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 12 Reference Parameter Type Writable Description Default Value X_CPE_Sessio nTimerStart boolean W X_CPE_Sessio nTimerInterval unsignedInt[90:

65535]

X_CPE_Sessio nTimerMinInter val unsignedInt[90:

65535]

X_CPE_MinSu bExpires unsignedInt[12 0:3600]

W W W X_CPE_DefSu bExpires unsignedInt[12 0:3600]

W X_CPE_MaxSu bExpires unsignedInt[12 0:3600]

W request to EGW1520. Indicates whether to enable the SIP session timer. Session interval. false 1800 Minimum session interval. 90 Minimum timeout duration for the local SIP user to send a subscription request to EGW1520. Default timeout duration for EGW1520 to send a subscription request to the upper-level device. Maximum timeout duration for the local SIP user to send a subscription request to EGW1520. 120 360 3600

-

0 InternetGatewa yDevice.Servic es.VoiceService

.{i}.Capabilities

. X_CPE_MaxRe gGroupCount object

-

-

unsignedInt

-

Maximum number of X_CPE_IMS_ RegGroup groups that are supported. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 489 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 12 Reference Parameter Type Writable Description Default Value object W

-

-

20

-

true true G711A,G711U, G729A/B,G726, G722 InternetGatewa yDevice.Servic es.VoiceService

.{i}.Capabilities

.Codecs.{i}. X_CPE_PTime Default InternetGatewa yDevice.Servic es.VoiceService

.{i}.Capabilities

.X_CPE_Codec s_Ext. unsignedInt W Packing duration. object

-

-

EcEnable boolean W SilenceSuppreE nable boolean W CodecList string(64) W Indicates whether to enable the echo suppression. Indicates whether to enable the silence suppression. DSP codec type. A device can be configured with multiple codec types. The local device preferentially selects the first type to negotiate with the peer device. The priorities are in descending order. The values are G711A, G711U, G729A/B, G726, and G722. RecvGain int[-96:32]

SendGain int[-96:32]

W W Receiving gain.

-2 Transmission gain.

-8 Issue 01 (2012-05-15) Huawei Proprietary and Confidential 490 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 12 Reference Parameter Type Writable Description Default Value MediaNegMod e string W VBDAlgo string W FaxPriorMode string W RemotePri G711A VBD_T38 Media negotiation mode. The values are RemotePri and LocalPri. Codec type used in fax transparent transmission. The values are G711A and G711U. Fax transmission mode. The values are VBD_T38, T38_VBD, T38, and VBD. object

-

-

InternetGatewa yDevice.Servic es.VoiceService

.{i}.VoiceProfil e.{i}. X_CPE_Numbe rOfRegGroup InternetGatewa yDevice.Servic es.VoiceService

.{i}.VoiceProfil e.{i}.X_CPE_I MS_RegGroup.

{i}. unsignedInt

-

object W X_CPE_RegId unsignedInt

-

X_CPE_Regist erType string W

-

0

-

4294967295 Single Number of X_CPE_IMS_ RegGroup groups in a voice file. Registration group of a SIP user. ID of the registration group of a SIP or POTS user. Registration type. The values are Single, Group, and Wildcard. The value single indicates Issue 01 (2012-05-15) Huawei Proprietary and Confidential 491 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 12 Reference Parameter Type Writable Description Default Value that a registration groups can only have one user. The value Group indicates that multiple users can be in a registration group. The value Wildcard indicates that the users in a registration group register with the IMS or NGN network based on certain rules provided by the network carrier. Mode for authenticating a SIP user when registering with EGW1520. This parameter value must be the same as that specified on the SIP user's terminal. The values are NoAuth, AuthByMD5, AuthByMD5S ess, and AuthByHW. SIP trunk ID when a registration group registers with the IMS or NGN network, which is provided by the network carrier. This parameter is mandatory. NoAuth

<Empty>

X_CPE_AuthT ype string W X_CPE_IMSI MPIInfo string(130) W Issue 01 (2012-05-15) Huawei Proprietary and Confidential 492 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 12 Reference Parameter Type Writable Description Default Value X_CPE_IMSI MPUInfo string(257) W X_CPE_AuthP WD string(130) W X_CPE_IMSD omainName string(255) W object

-

InternetGatewa yDevice.Servic es.VoiceService

.{i}.VoiceProfil e.{i}.SIP. X_CPE_IfDom ain boolean X_CPE_Server Type string X_CPE_IfSrv boolean X_CPE_Option sInterval unsignedInt[10:

900]

W W W W

<Empty>

<Empty>

<Empty>

-

false NGN_Server false 60 SIP trunk name when a registration group registers with the IMS or NGN network, which is provided by the network carrier. Password for authenticating the registration group when registering with the IMS or NGN network, which is provided by the network carrier. Domain name of the IMS network that a registration group is to be registered with, which is provided by the network carrier. This parameter value must be a valid domain name.

-

-

-

-

Interval for switching between the master node and the slave node. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 493 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 12 Reference Parameter Type Writable Description Default Value X_CPE_IfChan geToMaster boolean W false Indicates whether to enable the switching between the master node and the slave node. object

-

-

-

InternetGatewa yDevice.Servic es.VoiceService

.{i}.VoiceProfil e.{i}.SIP.X_CP E_BackupServe r. ProxyServer string(255) W ProxyServerPor t unsignedInt[10 24:65535]

W RegisterExpires unsignedInt[0:1 W 4400]

<Empty>

5060 360 Proxy server. This parameter value must be the same as the value of RegistrarServe r. Port number of the SIP server, which is provided by the network carrier. This parameter value must be the same as the value of RegistrarServe rPort. Interval for a registration group user to send registration requests to the SIP server, in seconds. X_CPE_IfDom ain boolean W

-

false RegistrarServer string(255) W

<Empty>

IP address or DNS name of the SIP server, which is provided by the Issue 01 (2012-05-15) Huawei Proprietary and Confidential 494 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 12 Reference Parameter Type Writable Description Default Value RegistrarServer Port unsignedInt[10 24:65535]

X_CPE_Server Type string X_CPE_IfSrv boolean object InternetGatewa yDevice.Servic es.VoiceService

.{i}.X_CPE_Si pRtpPort. MaxRtpPort string MinRtpPort string string object SipPort InternetGatewa yDevice.Servic es.VoiceService

.{i}.VoiceProfil e.{i}.FaxT38. X_CPE_IsUdp Tl boolean X_CPE_FaxUd pEc string X_CPE_TCFM ethod string unsignedInt object X_CPE_MaxBi tRate InternetGatewa yDevice.X_CP E_NetworkCon fig. W W W

-

W W W

-

-

-

-

-

-

network carrier.

-

5060 NGN_Server SIP server type. The values are NGN_Server and NGN_Server.

-

-

-

-

-

-

false

-

20000 10000 5060

-

true Transmission protocol. The values are true

(UDP) and false (TCP). Error correction mode of faxes. T38UdpRedund ancy Fax rate. Network Maximum rate. 14400

-

The network configuration object contains the default gateway information (a WAN router) and DNS information

(WAN port name or static Issue 01 (2012-05-15) Huawei Proprietary and Confidential 495 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 12 Reference Parameter Type Writable Description Default Value DNSIfName string W DNSServers string(33) W ActiveDNSServ ers string

-

object

-

InternetGatewa yDevice.X_CP E_MultiRegion Config. CurrentRegion string(32) W object InternetGatewa yDevice.X_CP E_MultiRegion Config.Region Config.{i}. RegionName string(32) object InternetGatewa yDevice.X_CP E_MultiRegion Config.Region Config.{i}.Gain

-

-

-

IP address). Use a comma

(,) to separate multiple DNS servers. The first one has the highest priority, and the last one has the lowest priority. Static DNS server. This string contains a list of DNS IP addresses that are same in resolv.conf. The default value 0.0.0.0, indicating that the active DNS server is not running. Adaption to multiple countries. Current country. The example values are CHINA, NEW ZEALAND, and IRELAND. Region. Region name. Region gain.

<Empty>

<Empty>

0.0.0.0

-

-

-

-

-

Issue 01 (2012-05-15) Huawei Proprietary and Confidential 496 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 12 Reference Parameter Type Writable Description Default Value Config. Rxgain int[-12:6]

W Txgain int[-12:6]

W

-

-

Receiving gain of an analog phone, in dB. Transmission gain of an analog phone, in dB. object

-

Region time.

-

InternetGatewa yDevice.X_CP E_MultiRegion Config.Region Config.{i}.Tim eParameterConf ig. on-hookmintim e unsignedInt[0:2 000]

W off-hookmintim e unsignedInt[0:2 000]

W Flashhookminti me unsignedInt[0:1 000]

W Flashhookmaxti me unsignedInt[0:1 000]

W

-

-

-

-

Minimum on-hook confirmation duration, in milliseconds. Minimum off-hook confirmation duration, in milliseconds. Minimum hookflash duration, in milliseconds. Maximum hookflash duration, in milliseconds. 12.2 Security Log Information This topic describes the security log information displayed on the security log page. Table 12-2 Security log information No. Information 1 Added an ATM interface Module ADSL Issue 01 (2012-05-15) Huawei Proprietary and Confidential 497 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 12 Reference No. Information Module 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 Deleted an ATM interface Added ADSL configuration remove adsl PPPOE Service Added WAN configuration succeed WAN remove wan IPOE Service succeed Modified 3G configuration Saved basic configuration of the wireless network 3G WLAN Modified security configuration of the wireless network Added the MAC filter information about the wireless network succeed Deleted the MAC filter information about the wireless network succeed Saved the MAC filter information about the wireless network succeed Saved advanced configuration of the wireless network Saved LAN information succeed LAN DNS Security Added LAN information succeed Deleted LAN information succeed Modified DNS information Added an incoming IP address filtering rule Deleted an outgoing IP address filtering rule Added an outgoing IP address filtering rule Deleted an outgoing IP address filtering rule Changed Mac filtering policy Added Filter MAC Deleted Filter MAC Added security URL filter information Deleted security URL filter information Issue 01 (2012-05-15) Huawei Proprietary and Confidential 498 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 12 Reference No. Information Module 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 Saved security URL filter information Added Virtual Server Deleted Virtual Server Modified Dmz host IP address save Remote login info Added a static route Routing Deleted a static route Added a VPN tunnel VPN Modified a VPN tunnel Deleted a VPN tunnel Deleted a VPN tunnel Added a VPN Stream Modified a VPN Stream Deleted a VPN Stream Added a local certificate Certificate VLAN QoS Imported a local certificate Deleted a local certificate Imported a ca certificate Deleted a ca certificate Saved VLAN configuration Saved QoS configuration management information Added QoS queue configuration Deleted QoS queue configuration Saved QoS queue configuration Added QoS stream classification information Enable QoS stream classification information Disable QoS stream classification information Deleted QoS stream classification information Issue 01 (2012-05-15) Huawei Proprietary and Confidential 499 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 12 Reference No. Information Module 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 Modified anti-attack information AntiAttack Modified the SIP registration SIP Server Modified the phone configuration Phone Allocation Modified FXO prefix FXO Configuration Modified FXO bound number Modified attendant configuration Modified voice service permission Service Manager Modified voice service configuration Changed the service prefix Service Prefix Uploaded a voice file Upload Voice File Saved country configuration in voice parameters Voice parameters Modified DSP configuration in voice parameters Saved RTP information in voice parameters Saved SIP information in voice parameters change the info of Voice Parameters SIP ALG Changed the password Change Password Backed up a configuration file Configuration Imported a configuration file Imported a configuration file Set the date and time Date&Time Configured the TR069 client TR-069 Client Updated the image file Update Software Auto Upgrade image file Restarted the system Restart Restored to factory settings Restore Default Saved system logs System Logs Downloaded system logs Deleted system logs Issue 01 (2012-05-15) Huawei Proprietary and Confidential 500 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 12 Reference No. Information Module Modified and saved debug logs Debug Logs Downloaded alarm logs Warning info Deleted alarm logs Downloaded security logs SecurLog info Deleted security logs Modified and saved captured packets from an imaged port Packet Mirroring Downloaded the black box file Black Box Deleted the black box file Run the ping command Ping Diagnose Saved call records Call Recording Downloaded call records Clicked one button to download information user login failed users been locked user login succeed One-Click Download Login User logout succeed Logout 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 12.3 Customizing Voice Prompts for the Switchboard This topic describes how to customize voice prompts for the switchboard. Before delivery, the EGW1520 is loaded with switchboard voice prompts by default. Background Procedure The following describes how to use the recording software of Windows to customize voice prompts for the switchboard. The voice file is 200.pcm. You must name the voice file to 200.pcm to replace the original one. Step 1 Choose Start > All Programs > Accessories > Entertainment > Sound Recorder Issue 01 (2012-05-15) Huawei Proprietary and Confidential 501 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation The page shown in Figure 12-1 is displayed. Figure 12-1 Sound recorder 12 Reference Step 2 Click to record a voice prompt. Step 3 Click to stop recording. Step 4 Choose File > Save to save the recording. Step 5 Convert the recording to a file in the CCITT A-Law, 8000 Hz, 8 bit, mono format. 1. Choose File > Properties The page shown in Figure 12-2 is displayed. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 502 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Figure 12-2 Modifying recording properties (1) 12 Reference 2. Click Convert Now. The page shown in Figure 12-3 is displayed. Figure 12-3 Modifying recording properties (2) 3. Set Format to CCITT A-Law, and set Attribute to 8.000 kHz, 8 bit, mono 7 Kbit/s. 4. Click OK. Step 6 Choose File > Save As to save the recording as the 200.pcm file. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 503 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation Step 7 Upload the 200.pcm file. For details, see 9.12 Uploading Voice Files.

----End 12 Reference Issue 01 (2012-05-15) Huawei Proprietary and Confidential 504 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 13 Glossary 13 Glossary About This Chapter This section provides the glossary of documentation. 13.1 Numerics 13.2 A 13.3 B 13.4 C 13.5 D 13.6 E 13.7 F 13.8 G 13.9 H 13.10 I 13.11 L 13.12 M 13.13 N 13.14 O 13.15 P 13.16 Q 13.17 R 13.18 S 13.19 T 13.20 U 13.21 V 13.22 W Issue 01 (2012-05-15) Huawei Proprietary and Confidential 505 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 13.23 Z 13.1 Numerics 3WC 802.11n 13.2 A 13 Glossary See three-way calling A wireless transmission standard released after 802.11a/b/g by Wi-Fi Alliance. As a new member to the 802.11 protocol family, 802.11n supports the 2.4 GHz and 5 GHz frequency bands and provides a higher bandwidth (300 Mbit/s, much higher than the 54 Mbit/s provided by 802.11a/g) for WLAN access users. In addition, 802.11n supports the MIMO technology, which provides two methods of increasing the communication rate: by increasing the bandwidth and by improving the channel usage. AC mains The principal conduit in a system for conveying AC power utility. access point Any entity that has station functionality and provides access to the distribution services, via the wireless medium (WM) for associated stations. access server Any device that enables multiple remote users to access a network. active adapter address A state of a piece of equipment in normal operation. A universal protocol conversion device. The adapter is responsible for the conversion between external protocols and internal messages. A number that identifies the location of a device in a network or the location on the hard disk or the memory, such as the IPv4 address or IPv6 address of a network entity. address pool A set of IP addresses assigned by Internet Assigned Number Authority (IANA) or an organization tied to IANA. Address Resolution Protocol administrator application layer An Internet Protocol used to map IP addresses to MAC addresses. It allows hosts and routers to determine the link layer addresses through ARP requests and ARP responses. A user who has authority to access all the Management Domains of the product. He or she has access to the whole network and to all the management functionalities. It provides applications such as game center, conference center, friend center, enterprise applications, IM, streaming and general telecommunication services. It can also invoke the service capability of the lower layer through the API interface provided by OSA to implement various services. application server A service processing node (a computer device) in the network. Application programs of data services are run on the application server. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 506 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 13 Glossary application service provider A company that provides Internet download and related services for various organizations. Without ASP, these organizations have to store such information in their own computers. area code The national area code assigned for a local network, which is used in call connection. ARP ASP audio See Address Resolution Protocol See application service provider The sound portion of a program or a track recorded on a videotape which contains sound, music or narration. authentication A process of checking whether a user can be awarded with access right or what kinds of users can access a resource. 13.3 B backup A periodic operation performed on the data stored in the database for the purposes of database recovery in case that the database is faulty. The backup also refers to data synchronization between active and standby boards. band The range of frequencies between two defined limits. bandwidth base baseband basic service bidirectional bit A range of transmission frequencies that a transmission line or channel can carry in a network. In fact, it is the difference between the highest and lowest frequencies the transmission line or channel. The greater the bandwidth, the faster the data transfer rate. A kind of bus or plane used to load software, transmit alarms and maintain information exchange. A form of modulation in which the information is applied directly onto the physical transmission medium. This term is used as a common reference to both bearer services and teleservices. Pertaining to a link where the transfer of users' information is possible simultaneously in both directions between two points. Notes: 1. The transmission channel capacity and signaling rate are not necessarily the same in both directions. 2. Do not use this term to describe the directions of call setups. The smallest unit of information handled by a hardware component. One bit expresses a 1 or a 0 in a binary numeral, or a true or a false logical condition, and is represented physically by an element such as a high or low voltage at one point in a circuit or a small spot on a disk magnetized one way or the other. A single bit conveys little information a human would consider meaningful. A group of eight bits, however, makes up a byte, which can be used to represent many types of information, such as a letter of the alphabet, a decimal digit, or other character. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 507 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 13 Glossary bit error rate Ratio of received bits that contain errors. BER is an important index used to measure the communications quality of a network. blacklist BRAS bridge A method of filtering packets based on their source IP addresses. Compared with ACL, the match condition for the black list is much simpler. Therefore, the black list can filter packets at a higher speed and can effectively screen the packet sent from the specific IP address. See broadband remote access server A device that connects two or more networks and forwards packets among them. Bridges operate at the physical network level. Bridges differ from repeaters because bridges store and forward complete packets, while repeaters forward all electrical signals. Bridges differ from routers because bridges use physical addresses, while routers use IP addresses. bridging The action of transmitting identical traffic on the working and protection channels simultaneously. broadband access server A server providing features as user access, connection management, address allocation and authentication, authorization and accounting. It also works as a router featuring effective route management, high forwarding performance and abundant services. broadband remote access server broadcast domain buffer buffer overflow A new type of access gateway for broadband network. As a bridge between backbone networks and broadband access networks, BRAS provides methods for fundamental access and manages the broadband access network. It is deployed at the edge of network to provide broadband access services, convergence, and forwarding of multiple services, meeting the demands for transmission capacity and bandwidth utilization of different users. Hence, BRAS is a core device for the broadband users' access to a broadband network. A group of network stations that receives broadcast packets originating from any device within the group. Broadcasts do not pass through a router, which bound the domains. In addition, the set of ports between which a device forwards a multicast, broadcast, or unknown destination frame. A storage area used for handling data in transit. Buffers are used in networking to compensate for differences in processing speed between network devices. Bursts of data can be stored in buffers until they can be handled by slower processing devices. In a program, buffers are created to hold some amount of data from each of the files that will be read or written. In a streaming media application, the program uses buffers to store an advance supply of audio or video data to compensate for momentary delays. A buffer overflow occurs when a program or process tries to store more data in a buffer (temporary data storage area) than it was intended to hold. Since buffers are created to contain a finite amount of data, the extra information - which has to go somewhere - can overflow into adjacent buffers, corrupting or overwriting the valid data held in them. Although it may occur accidentally through programming error, buffer overflow is an increasingly common type of security attack on data integrity. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 508 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 13 Glossary bus A path or channel for signal transmission. The typical case is that, the bus is an electrical connection that connects one or more conductors. All devices that are connected to a bus, can receive all transmission contents simultaneously. byte A unit of computer information equal to eight bits. 13.4 C call control A set of functions used to process a call, including establishing, supervising, maintaining, connecting, and releasing calls, and provide service features. call forwarding A feature on telephone networks that allows an incoming call to a called party, who is unavailable, to be redirected to another telephone. call hold A service that permits a subscriber to hold a call already set up. In this case, the transmission of media streams between the caller and callee is stopped, but the call resources are not released. The call can be resumed when required. call transfer A feature on telephone networks that enables a user to relocate an existing call to another telephone by using the transfer button and dialing the required location. carriage return The keyboard key used to signal the end of a line of data or the end of a command. carrier CDR CFU Challenge Handshake Authentication Protocol channel An organization that has telecom network resources and can provide communications service. Call Detail Record. Call Forwarding Unconditional. A method to periodically verify the identity of the peer using a 3-way handshake. During the setting up of a link, the authenticator sends a

"challenge" message to the peer. The peer responds with a value calculated using a "one-way hash" function. The authenticator checks the response against its own calculation of the expected hash value. If the values match, the authentication is acknowledged. CHAP provides protection against playback attack. A telecommunication path of a specific capacity and/or at a specific speed between two or more locations in a network. Channels can be established through wire, radio (microwave), fiber or a combination of the three. The amount of information transmitted per second in a channel is the information transmission speed, expressed in bits per second. For example, bit/s, kbit/s, Mbit/s, Gbit/s, and Tbit/s. CHAP See Challenge Handshake Authentication Protocol claw hammer Used to knock or shape a workpiece, or extract a nail. client mode The login mode of a client, which includes the single-user mode and multi-user mode. By default, the login mode is the multi-user mode. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 509 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 13 Glossary Client/Server The model of interaction in a distributed system in which a program at one site sends a request to a program at another site and awaits a response. The requesting program is called a client. The program satisfying the request is called the server. CLK CNG code clock. comfort noise generation. A method of replacing Chinese characters with English letters. Usually, you can perform code through the methods such as simple spelling, full spelling, initials, and full spelling of the last word but initials of other words. For example, the simple spelling of Huawei in the number library is hw. CODEC See coder and decoder coder and decoder collision Coder transforms analog data into a digital bit stream. Decoder transforms digital signals into analog data. A condition in which two packets are being transmitted over a medium at the same time. Their interference makes both unintelligible. command line A string of text written in the command language and passed to the command interpreter for execution. concentrator congestion congestion management A switching device allowing simultaneous different connections between a plurality of inlets on one side and a small number of traffic circuits on the other. Note: The concentrator performs a traffic concentration in one direction and a traffic expansion. An extra intra-network or inter-network traffic resulting in decreasing network service efficiency. A flow control measure to solve the problem of network resource competition. When the network congestion occurs, it places the packet into the queue for buffer and determines the order of forwarding the packet. core A memory, especially one consisting of a series of tiny doughnut-shaped masses of magnetic material. cross-sectional area The area of a two-dimensional slice of a three-dimensional object. 13.5 D data flow A process that involves processing the data extracted from the source system, such as filtering, integration, calculation, and summary, finding and solving data inconsistency, and deleting invalid data so that the processed data meets the requirements of the destination system for the input data. data model When we use IT systems to manage business information, we extract the main features of the information according to the business requirements, and then abstract a model that can reflect the Issue 01 (2012-05-15) Huawei Proprietary and Confidential 510 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation database 13 Glossary relationship between the business information (objects). This model is called data model. A database stores a combination of data. Serving various applications, the data is configurable and has no harmful or unnecessary redundancy. The data is stored separately from the relevant programs. You can use a common and controllable method to insert new data into the database in addition to modifying and searching the data in the database. If several databases totally separated in structure exist in a system, the system contains a database combination. datagram A kind of PDU which is used in Connectionless Network Protocol, such as IP datagram, UDP datagram. daylight saving time Time during which clocks are set one hour or more ahead of standard time to provide more daylight at the end of the working day during late spring, summer, and early fall. dBm DC decoding Absolute power level with respect to 1 milliwatt, expressed in decibels. See direct current The process of restoring information from its coded representation to the original form. default gateway A configuration item for the TCP/IP protocol that is the IP address of a directly reachable IP router. delay An average time taken by the service data to transmit across the network. demodulation In communications, the means by which a modem converts data from modulated carrier frequencies (waves that have been modified in such a way that variations in amplitude and frequency represent meaningful information) over a telephone line. Data is converted to the digital form needed by a computer to which the modem is attached, with as little distortion as possible. DHCP See Dynamic Host Configuration Protocol DHCP relay Dynamic Host Configuration Protocol relay. DHCP server dial tone A program that allocates the IP addresses of the local address pool to the users at the user side and allocates the IP addresses of the relay address pool to the users that pass through the DHCP proxy at the network side. A dial tone is a telephony signal used to indicate that the telephone exchange is working, has recognized an off-hook, and is ready to accept a call. The tone stops when the first numeral is dialed. If no digits are forthcoming, the permanent signal procedure is invoked, often eliciting a special information tone. digital subscriber line A technology for providing digital connections over the copper wire or the local telephone network. DSL performs data communication over the POTS lines without affecting the POTS service. digital subscriber line access A network device, usually situated in the main office of a telephone company that receives signals from multiple customer Digital Issue 01 (2012-05-15) Huawei Proprietary and Confidential 511 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 13 Glossary multiplexer Subscriber Line (DSL) connections and puts the signals on a high-speed backbone line using multiplexing techniques. direct current Electrical current whose direction of flow does not reverse. The current may stop or change amplitude, but it always flows in the same direction. Distributed Object-oriented Programmable Realtime Architecture DND DNS DNS server An OS-layer, middleware-level, highly-tailorable, component-based, open software platform. It helps to accommodate the difference of upper-layer OS, hardware, network, and system scale. do not disturb. domain name server. A device that can provide domain name resolution for the client on the network domain name A name composed of numbers or characters. Each domain name corresponds to an IP address. DOPRA See Distributed Object-oriented Programmable Realtime Architecture downstream DSL DSLAM DST dual core dual homing duplex In an access network, where there is a clear indication in each deployment as to which end of a link is closer to a subscriber, transmission toward the subscriber end of the link. See digital subscriber line See digital subscriber line access multiplexer See daylight saving time Dual core means that the processor has two full execution cores, both running at the same clock, in one physical processor. A network topology in which a device is connected to the network at two independent access points. One point is the primary connection and the other a standby connection that is activated in the event of a failure of the primary connection. Capable of carrying information in both directions over a communications channel. A system is full-duplex if it can carry information in both directions at once; it is half-duplex if it can carry information in only one direction at a time. Dynamic Host Configuration Protocol A client-server networking protocol. A DHCP server provides configuration parameters specific to the DHCP client host requesting, generally, information required by the host to participate on the Internet network. DHCP also provides a mechanism for allocation of IP addresses to hosts. 13.6 E EC See echo cancellation Issue 01 (2012-05-15) Huawei Proprietary and Confidential 512 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 13 Glossary echo cancellation Echo cancellation indicates the configuration of an echo canceler

(usually called EC) in the communication network with the echo problem to reduce or eliminate echoes. element encapsulation A document structuring unit delimited by tags. An element is delimited by a start-tag and an end-tag, except an empty element that is delimited by an empty-element tag. The technique used by layered protocols in which a lower level protocol accepts a message from a higher-level protocol and places it in the data portion of the low level frame. Handing protocol A's packets, the packets are complete with A's header information, as data carried by protocol B. Encapsulated protocol A packets have a B header, followed by an A header, followed by the information that protocol A is carrying its own data. Note that A could equal to B, as in IP inside IP. encryption A function used to transform data to hide its information content to prevent unauthorized use. equipment serial number A string of characters that identify a piece of equipment and ensures correct allocation of a license file to the specified equipment. It is also called "equipment fingerprint". ES Ethernet echo suppression. A technology complemented in LAN. It adopts Carrier Sense Multiple Access/Collision Detection. The speed of an Ethernet interface can be 10 Mbit/s, 100 Mbit/s, 1000 Mbit/s or 10000 Mbit/s. The Ethernet network features high reliability and easy maintaining. 13.7 F fast Ethernet fault location fault management fax call Any network that supports transmission rate of 100 Mbit/s. The Fast Ethernet is 10 times faster than 10BaseT, and inherits frame format, MAC addressing scheme, MTU, and so on. Fast Ethernet is extended from the IEEE802.3 standard, and it uses the following three types of transmission media: 100BASE-T4 (4 pairs of phone twisted-pair cables), 100BASE-TX (2 pairs of data twisted-pair cables), and 100BASE-FX (2-core optical fibers). A technique for fault location estimation which uses data from both ends of the transmission line and which does not require the data to be synchronized. The fault management of Ethernet OAM includes the connectivity detection of the network, the location and the confirmation of failures, protection switching triggered by the cooperation with automatic protection switching protocol. A call that a user initiates by dialing a specified phone number on a fax machine. After the call is connected, the call center platform converts the content to be faxed into an email and sends the email to an agent. Then the agent provides services for the user by replying to the email. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 513 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 13 Glossary FE FIFO filter firewall See fast Ethernet See first in first out The filter is used to filter the matched logs and have the unmatched one left. A combination of a series of components set between different networks or network security domains. By monitoring, limiting, and changing the data traffic across the firewall, it masks the interior information, structure and running state of the network as much as possible to protect the network security. firmware The programmable software part in a hardware component. A firmware is a part of hardware, but is scalable as software. first in first out A stack management mechanism. The first saved data is first read and invoked. flow forwarded to number frame An aggregation of packets that have the same characteristics. On the network management system or NE software, flow is a group of classification rules. On boards, it is a group of packets that have the same quality of service (QoS) operation. A destination number set by a subscriber who has subscribed to the call forwarding service, that is, a number to which an incoming call is forwarded. A frame, starting with a header, is a string of bytes with a specified length. Frame length is represented by the sampling circle or the total number of bytes sampled during a circle. A header comprises one or a number of bytes with pre-specified values. In other words, a header is a code segment that reflects the distribution (diagram) of the elements pre-specified by the sending and receiving parties. frequency The measure of how often a periodic event occurs, such as a signal going through a complete cycle. field replaceable unit A unit that can function as a circuit board, part, or component of an electronic device. It can be quickly and easily removed from a personal computer or other electronic devices. If an FRU becomes faulty, users can replace it with a new one instead of sending the entire product or system for maintenance. FTP server A file server that uses the File Transfer Protocol (FTP) to permit users to upload or download files through the Internet or any other TCP/IP network. FTPS See FTP server full-duplex A full-duplex, or sometimes double-duplex system, allows communication in both directions, and, unlike half-duplex, allows this to happen simultaneously. Land-line telephone networks are full-duplex, since they allow both callers to speak and be heard at the same time. A good analogy for a full-duplex system would be a two-lane road with one lane for each direction. function module A set of code to perform a particular task with inputs to be passed. The Function module enables you to write your own script to control Issue 01 (2012-05-15) Huawei Proprietary and Confidential 514 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation what the module does. 13 Glossary 13.8 G G.711 G.722 gain gate gateway grounding resistance Audio codec standard (A-law or u-law) that uses pulse code modulation (PCM). Its data rate is 64 kbit/s. Audio codec standard that uses adaptive differential pulse-code modulation (ADPCM). Its data rate is 48 kbit/s, 56 kbit/s, or 64 kbit/s. The ratio between the optical power from the input optical interface of the optical amplifier and the optical power from the output optical interface of the jumper fiber, which expressed in dB. An electronic switch that is the elementary component of a digital circuit. It produces an electrical output signal that represents a binary 1 or 0 and is related to the states of one or more input signals by an operation of Boolean logic, such as AND, OR, and XOR. A device that connects two network segments using different protocols. It is used to translate the data in the two network segments. One of the important parameters in the lightning-protection design of electric power systems. The grounding resistance of electrode decreases as large currents are injected to the electrode by electric discharges in soil. 13.9 H half-duplex A transmitting mode in which a half-duplex system provides for communication in both directions, but only one direction at a time

(not simultaneously). Typically, once a party begins receiving a signal, it must wait for the transmitter to stop transmitting, before replying. hammer drill Used to drill holes. Choose different drill bits according to the depth of holes and expansion bolt models. handshake hop Sequence of messages exchanged between two or more network devices to ensure transmission synchronization. A network connection between two distant nodes. For Internet operation a hop represents a small step on the route from one main computer to another. HSPA High Speed Packet Access. 13.10 I ICMP See Internet Control Message Protocol Issue 01 (2012-05-15) Huawei Proprietary and Confidential 515 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 13 Glossary ID IE IMS identity. See Internet Explorer See IP Multimedia Subsystem insulation A non-conducting material that prevents heat, sound, or electricity from passing through it. interconnection The connection that allows users to communicate in different networks and systems. interface A boundary between two systems or between two parts of the same system, defined by the specification of suitable characteristics, usually for the purpose of ensuring format, function, signal and interconnection compatibility at the boundary. interface module The module that accommodates the front-end host port and back-end disk port. interference A phenomenon resulting from the superposition of two or more coherent oscillations or waves of equal or nearly equal frequency and appearing as a variation of the resultant amplitude, in space in the form of interference patterns and in time in the form of beats. International Telecommunication Union A United Nations agency, one of the most important and influential recommendation bodies, responsible for recommending standards for telecommunication (ITU-T) and radio networks (ITU-R). Internet Control Message Protocol A network-layer (ISO/OSI level 3) Internet protocol that provides error correction and other information relevant to IP packet processing. For example, it can let the IP software on one machine inform another machine about an unreachable destination. See also communications protocol, IP, ISO/OSI reference model, packet

(definition 1). Internet Explorer Microsoft's Web browsing software. Introduced in October 1995, the latest versions of Internet Explorer include many features that allow you to customize your experience on the Web. Internet Explorer is also available for the Macintosh and UNIX platforms. Internet Protocol The protocol within TCP/IP that governs the breakup of data messages into packets, the routing of the packets from sender to destination network and station, and the reassembly of the packets into the original data messages at the destination. IP runs at the internetwork layer in the TCP/IP model-equivalent to the network layer in the ISO/OSI reference model. Internet service provider An organization that offers users access to the Internet and related services. interval intranet In mathematics, an interval is a set of real numbers with the property that any number that lies between two numbers in the set is also included in the set. A private network based on Internet protocols such as TCP/IP but designed for information management within a company or organization. IP See Internet Protocol Issue 01 (2012-05-15) Huawei Proprietary and Confidential 516 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation IP Multimedia Subsystem 13 Glossary A standardized Next Generation Networking (NGN) architecture for telecommunications carriers who want to provide mobile and fixed multimedia services. It uses a Voice-over-IP (VoIP) implementation based on a 3rd Generation Partnership Project

(3GPP) standardized implementation of Session Initiation Protocol

(SIP), and runs over the standard Internet Protocol (IP). Existing phone systems (both packet-switched and circuit-switched) are supported. The aim of IMS is not only to provide new services but all the services, current and future, that the Internet provides. In this way, IMS will provide carriers and service providers with the ability to control and charge each service. In addition, users have to be able to execute all their services when roaming as well as from their home networks. To achieve these goals, IMS uses open standard IP protocols, defined by the Internet Engineering Task Force (IETF). A multimedia session between two IMS users, between an IMS user and an Internet user, or between two Internet users is established using the same protocol. The interfaces for service developers are also based on IP protocols. This is why IMS truly merges the Internet with the cellular world; it uses cellular technologies to provide ubiquitous access and Internet technologies to provide appealing services. IPoA ISP ITU Internet Protocol over ATM. See Internet service provider See International Telecommunication Union 13.11 L LAN See local area network LAN switch A piece of equipment used to allocate communication links in a LAN. latency layer layer 2 switch level The time it takes for the original data to go through a series of processing steps such as coding, to be transmitted through the channel, to arrive at the receiver, and to be decoded. A concept used to allow the transport network functionality to be described hierarchically as successive levels; each layer being solely concerned with the generation and transfer of its characteristic information. A data forwarding method. In LAN, a network bridge or 802.3 Ethernet switch transmits and distributes packet data based on the MAC address. Since the MAC address is the second layer of the OSI model, this data forwarding method is called layer 2 switch. An element in the dimension hierarchy structure. Levels describe the hierarchy of data from the top layer to the bottom layer. Each dimension contains levels according to the attributes of the data. For example, a time dimension contains four levels: year, quarter, month, and date. link 1. In the topology view, a link is used to identify the physical or Issue 01 (2012-05-15) Huawei Proprietary and Confidential 517 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation list box loading local area network log 13 Glossary logical connection between two topological nodes. 2. A network communication channel consisting of a circuit or transmission path and all related equipment between a sender and a receiver. A link is used to connect signaling points (SPs) and signaling transfer points

(STPs) and transmit signaling messages. A control in Windows that enables the user to choose one option from a list of possibilities. A process of importing information from the storage device to the memory to facilitate processing (when the information is data) or execution (when the information is program). A network formed by the computers and workstations within the coverage of a few square kilometers or within a single building. It features high speed and low error rate. Ethernet, FDDI, and Token Ring are three technologies used to implement a LAN. Current LANs are generally based on switched Ethernet or Wi-Fi technology and running at 1,000 Mbit/s (that is, 1 Gbit/s). A type of file that records the system events occurring during the running of the system. The system events include the running, input/output (I/O) operations, exceptions, and security events. Logs provide a basis for the querying and maintenance of the system. 13.12 M log management A measure that is used to find illegal operations and fault reasons by querying and monitoring logs, and to protect network security by taking appropriate measures. loop Electricity. A closed circuit. mains supply The commercial power supply of a nation. maintenance The process of taking measures to ensure that a hardware, software, or database system is functioning properly and is up to date. MAN mapping mask metropolitan area network. A procedure by which tributaries are adapted into virtual containers at the boundary of an SDH network. A pattern of characters, bits, or bytes used to control the elimination or retention of another pattern of characters, bits, or bytes. media information Information about digital media content such as the artist, title, album, producer, and so forth. media negotiation Through it, two UEs reach an agreement on media combinations used by a session and coding schemes used by media. medium A physical medium for storing computer information. A medium is used for data duplication and keeping the data for some time. Original data can be obtained from a medium. microwave The portion of the electromagnetic spectrum with much longer Issue 01 (2012-05-15) Huawei Proprietary and Confidential 518 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation middleware mode modem 13 Glossary wavelengths than infrared radiation, typically above about 1 mm. 1. Software that sits between two or more types of software and translates information between them. Middleware can cover a broad spectrum of software and generally sits between an application and an operating system, a network operating system, or a database management system. Examples of middleware include CORBA and other object broker programs and network control programs. 2. Software that provides a common application programming interface

(API). Applications written using that API will run in the same computer systems as the middleware. An example of this type of middleware is ODBC, which has a common API for many types of databases. See also application programming interface, ODBC. 3. Software development tools that enable users to create simple programs by selecting existing services and linking them with a scripting language. One solution of Maxwell's equations, representing an electromagnetic field in a certain space domain and belonging to a family of independent solutions defined by specified boundary conditions. A device or program that enables a computer to transmit data over, for example, telephone or cable lines. Computer information is stored digitally, whereas information transmitted over telephone lines is transmitted in the form of analog waves. A modem converts between these two forms. modulated signal An oscillation or wave produced by modulation. modulation module multicast multicast group A process by which a quantity which characterizes an oscillation or wave follows the variations of a signal or of another oscillation or wave. A set of program statements (the combination of functional codes and data structure) that are executed on hardware and separately named to implement certain functions independently. A process of transmitting packets of data from one source to many destinations. The destination address of the multicast packet uses Class D address, that is, the IP address ranges from 224.0.0.0 to 239.255.255.255. Each multicast address represents a multicast group rather than a host. A set of members participating in the packet multicast service. The multicast group is defined by a rule (or set of rules) which identifies a collection of members implicitly or explicitly. This rule may associate members for the purpose of participating in a call, or may associate members who do not participate in data transfer but participate in management, security, control, and accounting for the multicast group. MUX multiplexer. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 519 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 13.13 N 13 Glossary narrowband Communication services that transmit over TDM timeslot. The PSTN is normally a narrowband network. A communication channel whose transmission rate is lower than 2 Mbit/s is usually considered to be narrowband. NAT See network address translation NAT traversal network address translation network jitter network layer For the general datagram, the NAT device or firewall transforms only the IP, TCP or UDP header. For application-layer protocols such as H.323, SIP, MGCP and H.248, the IP addresses contained in the signaling protocols are private addresses. The private addresses carried in user signaling messages cannot be replaced, but the call addresses of media streams are negotiated dynamically by signaling protocols. Therefore, the correct media channel cannot be established. NAT traversal can identify and change the message contents of multiple signaling protocols, and pre-assign the UDP ports of media streams. An IETF standard that allows an organization to present itself to the Internet with far fewer IP addresses than there are nodes on its internal network. The NAT technology, which is implemented in a router, firewall or PC, converts private IP addresses (such as in the 192.168.0.0 range) of the machine on the internal private network to one or more public IP addresses for the Internet. It changes the packet headers to the new address and keeps track of them via internal tables that it builds. When packets come back from the Internet, NAT uses the tables to perform the reverse conversion to the IP address of the client machine. A sound adjustment method. A higher network jitter contributes to a better connectivity of sounds. In a conference, the lip movements and voice of a speaker may not be synchronous. To solve this problem, users can adjust the network jitter value. Layer 3 of the seven-layer OSI model of computer networking. The network layer provides routing and addressing so that two terminal systems are interconnected. In addition, the network layer provides congestion control and traffic control. In the TCP/IP protocol suite, the functions of the network layer are specified and implemented by IP protocols. Therefore, the network layer is also called IP layer. network port Numbers which are recognized by Internet and other network protocols, enabling the computer to interact with others. network segment A part of an Ethernet or other network, on which all message traffic is common to all nodes, that is, it is broadcast from one node on the segment and received by all others. network service A service that needs to be enabled at the network layer and maintained as a basic service. Network Time Protocol The Network Time Protocol (NTP) defines the time synchronization mechanism. It synchronizes the time between the distributed time server and the client. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 520 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 13 Glossary network topology The configuration or layout of a network formed by the connections between devices on a LAN (local area network) or between two or more LANs. next generation network next hop NGN node A packet-based network aimed to address requirement of various services. It adopts an integrated and open network framework. In NGN, services are separated from call control; call control is separated from bearer. In this way, services are independent of network. NGN can provide various services, such as voice services, data services, multimedia services or the integration of several services. The next router to which a packet is sent from any given router as it traverses a network on its journey to its final destination. See next generation network A managed device in the network. For a device with a single frame, one node stands for one device. For a device with multiple frames, one node stands for one frame of the device. Therefore, a node does not always mean a device. NTP See Network Time Protocol NTP client The bottom-level device in the time synchronization network. An NTP client obtains time from its superior NTP server and it does not provide the time synchronization service. Relative to the top-level NTP server, the medium NTP server sometimes is called an NTP client. object-oriented Of, pertaining to, or being a system or language that supports the use of objects. operating environment option In computing, an operating environment is the environment in which users run application software, whether by a command-line interface

(such as in MS-DOS or the Unix shell) or a graphical user interface

(such as in the Macintosh operating system or a web browser). An option right that the holder obtains by paying the cost. The holder can share the right, but does not shoulder the obligation in the specified time. organizationally unique identifier A 3-octet IEEE assigned identifier that can be used to generate Universal LAN MAC addresses and Protocol Identifiers per

[IEEE802] for use in Local and Metropolitan Area Network applications. originating address OUI outbound Address of the node which has initiated the relationship with the remote application transport(APM) user application. See organizationally unique identifier For the routers that support the NetStream feature, outbound means the data transmitted from the router to the external links. 13.14 O Issue 01 (2012-05-15) Huawei Proprietary and Confidential 521 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 13 Glossary overwrite Text-entry mode in which newly typed characters replace existing characters under or to the left of the cursor insertion point. 13.15 P packet An information block identified by a label at layer 3 of the OSI reference model. packet loss compensation A technology of compensating packets according to an appropriate algorithm if packets are lost in the transmission. panel A part used to ensure proper airflow within a shelf and to ensure electromagnetic compatibility (EMC) by sealing up the slots on the shelf. It is an external part of a board and is vertically placed with the printed circuit board (PCB). It includes the ejector lever, indicator, and port. PAP See Password Authentication Protocol parameter Password Authentication Protocol path A value or reference passed to a function, command, or program that serves as input or to control actions. The value is supplied by a user or by another program or process. A method of verifying the identity of a user who attempts to log in to a PPP server. This protocol is adopted when a stricter authentication protocol, such as CHAP, cannot take effect, or the user name and password submitted by the user for authentication must be forwarded to other programs without being encrypted. A performance resource object defined in the network management system. The left end of a path is a device node whose port needs to be specified and the right end of a path is a certain IP address which can be configured by the user. By defining a path in the network management system, a user can test the performance of a network path between a device port and an IP address. The tested performance may be the path delay, packet loss ratio or other aspects. PC See personal computer peer end Router or device that participates as an endpoint. permanent virtual circuit A permanent logical connection between two nodes on a packet-switching network. The PVC appears as a dedicated line to the nodes, but the data can be transmitted on a common carrier. personal computer ping A computer used by an individual at a time in a business, a school, or at home. A method used to test whether a device in the IP network is reachable according to the sent ICMP Echo messages and received response messages. point to point A type of service in which data is sent from a single network termination to another network termination. Point-to-Point A protocol on the data link layer, provides point-to-point transmission and encapsulates data packets on the network layer. It is located in Issue 01 (2012-05-15) Huawei Proprietary and Confidential 522 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 13 Glossary Protocol layer 2 of the IP protocol stack. Point-to-Point Protocol over Ethernet PPPoE, point-to-point protocol over Ethernet, is a network protocol for encapsulating PPP frames in Ethernet frames. It is used mainly with DSL services. It offers standard PPP features such as authentication, encryption, and compression. pointer port power adapter An indicator whose value defines the frame offset of a virtual container with respect to the frame reference of the transport entity on which it is supported. 1. Of a device or network, a point of access where signals may be inserted or extracted, or where the device or network variables may be observed or measured. 2. In a communications network, a point at which signals can enter or leave the network en A power supply for just about every electronic device on the market. Also called an "AC adapter" or a "charger" if used to recharge a battery, it plugs into the wall and converts AC current to a single DC voltage in most cases. There are also adapters that output a different AC voltage. Laptops have both an external power adapter, also called a "power brick", and an internal power supply. If an external power adapter is not used with an electronic product such as a desktop computer, the DC current is created in a power supply inside the unit. power module A module that provides power supply to operate other boards or modules. power up power-off survival PPP PPPoA PPPoE To start up a computer; to begin a cold boot procedure; to turn on the power A feature that allows part of the analog phone users to make calls by connecting to the PSTN through analog trunks in the case that the device is powered off. This feature is available when there are analog trunks connecting the SoftCo device and the PSTN. See Point-to-Point Protocol Point-to-Point Protocol over ATM. See Point-to-Point Protocol over Ethernet PPPoEoA Point-to-Point Protocol over Ethernet over ATM. pre-shared key A pre-shared key is an alpha-numeric string of 8 - 80 characters. A pre-shared key can be used instead of certificates to authenticate both parties during IKE Phase 1 negotiations. The pre-shared key is entered on both of the communicating devices. preference prefix Preference is an extended tariff mode. It is the balance obtained through calculating the two tariff modes. The attribute of the called party. Prefix, also called call prefix, refers to the prefix of the called number. Prefix is a key factor for defining services related to a call. The prefixes of different subscribers and trunk groups can be the same. Therefore, a call service is related to the prefix and the call source. priority queue An abstract data type in computer programming that supports the following three operations: 1. Add an element to the queue with an Issue 01 (2012-05-15) Huawei Proprietary and Confidential 523 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation associated priority. 2. Remove the element from the queue that has the highest priority, and return it. 3. (optional) Look at the element with highest priority without removing it. 13 Glossary process A service process in which all or part of the activities are supported or automatically performed by the computer, for example, the service request process and leave application process. product documentation protocol protocol stack protocol type proxy proxy server Documents that are delivered to customers along with Huawei products. Product documentation includes the solution description, system description, product description, installation manuals, and reference manuals. These documents provide guidance for customers to understand, operate, and maintain Huawei products. A formal set of conventions and rules governing the formatting and sequencing of message exchange between two communicating systems. A set of related communications protocols that operate together and, as a group, address communication at some or all of the seven layers of the OSI reference model. A multiplexing field that defines the type of packet in which only a single field appears in the packet. In contrast, an SAP type of multiplexing field has a source SAP and a destination SAP. The two SAP values are numerically unrelated. Computer programs that forward protocols between clients and servers. They are like clients at the server end and are like servers at the client end. A server located on a network between client software, such as a Web browser, and another server. It intercepts all requests to the server to determine whether it can fulfill them itself. If not, it forwards the request to another server. PUK code The key to decode the PIN code. It is a string of 8 characters. User does not know it. PVC See permanent virtual circuit 13.16 Q QoS See quality of service quality of service A commonly-used performance indicator of a telecommunication system or channel. Depending on the specific system and service, it may relate to jitter, delay, packet loss ratio, bit error ratio, and signal-to-noise ratio. It functions to measure the quality of the transmission system and the effectiveness of the services, as well as the capability of a service provider to meet the demands of users. Quick Start quintuple Something that helps you to quickly get familiar with the features and the user interface. A parameter set used to check whether the network is legal during the IMS AKA authentication. The quintuple contains the following Issue 01 (2012-05-15) Huawei Proprietary and Confidential 524 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 13 Glossary parameters: 1. RAND: A pseudo-random number generated by the random number generator. The network provides RAND to the User Equipment (UE). The UE uses RAND to calculate XRES, IK and CK. 2. XRES: A value used for comparison with SRES in the authentication response message sent by the UE. It checks whether the UE can pass the authentication handled by the network. 3. CK:

IMS AKA ciphering key. 4. IK: IMS AKA integrity key. 5. AUTN: A parameter used by the UE to perform the authentication for the network. 13.17 R radio frequency A type of electric current in the wireless network using AC antennas to create an electromagnetic field. It is the abbreviation of high-frequency AC electromagnetic wave. The AC with the frequency lower than 1 kHz is called low-frequency current. The AC with frequency higher than 10 kHz is called high-frequency current. RF can be classified into such high-frequency current. random Specifically, a reference to an arbitrary or unpredictable situation or event. receive channel The channel used for receiving user's information and which is relative to a given end of a circuit. record file A text file used to exchange and save data. A record file expresses the data content in text format. Each record serves as a line in the text. A record can contain multiple fields. Fields are separated by delimiters or defined in fixed length mode. A file can contain only records of the same type. recovery time The time period between a physical interruption within the broadcasting chain and the achievement of full functionality. redirection number redundancy refresh registrar relative path A forwarding destination number set by a subscriber who has subscribed to the call forwarding service, that is, a number to which an incoming call to the subscriber is forwarded. 1. The scheme to add more than one channel, elements or parts that have the same functions with the counterparts in the system or device at a critical place. When a fault occurs, the system or device can work well, and the reliability is then improved. 2. In the transmission of data, the excess of transmitted message symbols over that required to convey the essential information in a noise-free circuit. Note:

Redundancy may be introduced intentionally (as in the case of error detection or correction codes) Refresh is for status, while update for database. A server that accepts REGISTER requests. A registrar is typically combined with a proxy or redirect server. A designation of the location of a file that is related with the current working directory, as opposed to an absolute or full path which gives the exact location. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 525 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 13 Glossary relay release reliability An electronic control device that has a control system and a system to be controlled. The relay of the telepresence system is used to control the power of telepresence equipment and is controlled by the telepresence host. To obtain a trouble ticket (TT) from the to-be-processed area of a service agent and put it to the TT pool of a skill group. Reliability provides a measure of how often positioning requests that satisfy QoS requirements are successful. request message It is a SIP message sent from a client to a server for invoking a particular operation. response message It is used to respond to request messages, thus indicating the success or failure status of the call. restore RF RFC RJ-11 router Replace the damaged data with the backup data to restore the system. See radio frequency Request For Comments. A most commonly used type of phone interface registered with the Federal Communications Commission (FCC). An RJ-11 connector has six pins but only two or four are used in general. It is connected to an untwisted cable. A device on the network layer that selects routes in the network. The router selects the optimal route according to the destination address of the received packet through a network and forwards the packet to the next router. The last router is responsible for sending the packet to the destination host. Can be used to connect a LAN to a LAN, a WAN to a WAN, or a LAN to the Internet. routing protocol A formula used by routers to determine the appropriate path onto which data are forwarded. routing table A table that stores and updates the locations (addresses) of network devices. Routers regularly share routing table information to be up to date. A router relies on the destination address and on the information in the table that gives the possible routes--in hops or in number of jumps--between itself, intervening routers, and the destination. Routing tables are updated frequently as new information is available. RX The receiving end of the interface that signals pass through. 13.18 S scheduling algorithm An algorithm that governs the proper timing of a sequence of events in an operating system or application. For example, an effective motion graphics scheduling algorithm would be able to retrieve the graphic objects, process them, and display them without causing stutter or disruptions. scheduling A mechanism used to avoid competition among packets for network Issue 01 (2012-05-15) Huawei Proprietary and Confidential 526 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 13 Glossary mechanism resources when congestion occurs. section The portion of a SONET transmission facility, including terminating points, between (i) a terminal network element and a regenerator or

(ii) two regenerators. A terminating point is the point after signal regeneration at which performance monitoring is (or may be) done. sequence number An identifying number used to designate a block of data, an operation, or part of an operation. serial port server An input/output location (channel) that sends and receives data to and from a computer's CPU or a communications device one bit at a time. Serial ports are used for serial data communication and as interfaces with some peripheral devices, such as mice and printers. 1. On a local area network, a computer running administrative software that controls access to the network and its resources, such as printers and disk drives, and provides resources to computers functioning as workstations on the network. 2. On the Internet or other network, a computer or program that responds to commands from a client. For example, a file server may contain an archive of data or program files; when a client submits a request for a file, the server transfers a copy of the file to the client. 3. A network device that provides services to network users by managing shared resources, often used in the context of a client-server architecture for a LAN. service and support Product support, technical assistance, sales support, phone or computer-based configuration assistance, software upgrade help lines, and traditional help desk services. service capability The combination of human performance, business process, and technology that collectively represent an organization's ability to create value through a distinct part of its operation service data service flow service processing session timer shared key authentication The user and/or network information required for the normal functioning of services. An MAC-layer-based unidirectional transmission service. It is used to transmit data packets, and is characterized by a set of QoS parameters, such as latency, jitter, and throughput. The execution of service control and basic call processing functions to provide a service. A mechanism that is used after establishment of the session. It enables the UE to periodically originate REINVITE or UPDATE to ensure that the session is active. Shared key authentication requires that the STA and the AP be configured with the same shared key. The process of shared key authentication is as follows: A STA transmits an authentication request to an AP, and the AP randomly generates a "challenge text" (a character string) and transmits it to the STA. The STA then copies the received "challenge text" to a new message, and transmits the message encrypted with the shared key to the AP. Then, the AP decrypts the message by using the shared key, and compares the decrypted character string with the character string that has been provided to the STA. If the character strings are the same, it indicates that the STA has the same shared key with the AP, that is, the STA Issue 01 (2012-05-15) Huawei Proprietary and Confidential 527 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation sideband signal signal tone signaling silent time site 13 Glossary passes the shared key authentication; otherwise, the STA fails to pass the shared key authentication. In electronic signal transmission, a sideband is the portion of a modulated carrier wave that is either above or below the basic

(baseband) signal. The portion above the baseband signal is the upper sideband; the portion below is the lower sideband. In regular amplitude modulation (AM) transmission, both sidebands are used to carry a message. In some forms of transmission, one sideband is removed (single-sideband transmission) or a portion of one sideband is removed. 1. In electronics, a signal is an electric current or electromagnetic field used to convey data from one place to another. 2. In some information technology contexts, a signal is simply "that which is sent or received," therefore including both the carrier and the signal. 3. In telephone, signals are special data used for setting up and controlling the communication. A digital announcement played at a specific frequency and cadence ratio, and represents the specific meanings. The dial tone, busy tone, ring back tone, test code tone, and mute tone are signal tones. The information exchange concerning the establishment and control of a telecommunication circuit and the management of the network. A set time threshold when a host stops accessing a designated storage area. A group of IP systems with IP connectivity, which can be achieved independent of SP networks. SOAP Simple Object Access Protocol. softswitch SOHO space A device that provides call control and connection control for real-time services. As main control of the NGN, softswitches separate the services from the call control and the call control from the bearer, and adopt the application programming interface (API) and standard protocols. This makes it easy for network carriers to develop new services and realize new features. small office home office. The place where no character or image is displayed on the computer monitor or the paper. specifications Documents requirements for a process service system or product. splitter Filter that separates the high frequency signals (ADSL) from the voiceband signals; (frequently called POTS splitter even though the voiceband signals may comprise more than POTS). startup The process of starting or resetting a computer. static route A route that cannot adapt to the change of network topology. Operators must configure it manually. When a network topology is simple, the network can work in the normal state if only the static route is configured. It can improve network performance and ensure bandwidth for important applications. Its disadvantage is as follows:

When a network is faulty or the topology changes, the static route Issue 01 (2012-05-15) Huawei Proprietary and Confidential 528 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation station stream sub-network subnet subnet mask subscriber number subsystem supplementary service supported connections swell fixture switch unit 13 Glossary does not change automatically. It must be changed by the operators. A terminal, such as a laptop or a PC, with a wireless network interface card (NIC). 1. A succession of data elements made available over time. 2. Stream refers to the directional logical path from one end to anther end in an SCTP link. Sub-network is the logical entity in the transmission network and comprises a group of network management objects. The network that consists of a group of interconnected or correlated NEs, according to different functions. For example, protection subnet, clock subnet and so on. A sub-network can contain NEs and other sub-networks. Generally, a sub-network is used to contain the devices which are located in adjacent regions and closely related with one another, and it is indicated with a sub-network icon on a topological view. The U2000 supports multilevels of sub-networks. A sub-network planning can better the organization of a network view. On the one hand, the view space can be saved, on the other hand, it helps the network management personnel focus on the devices under their management. A large network can be divided into a number of smaller networks according to a rule, for example, according to different districts. This facilitates the management of the large network. In the topology view, this type of a smaller network is termed subnet. The technique used by the IP protocol to determine which network segment packets are destined for. The subnet mask is a binary pattern that is stored in the client machine, server or router and is matched with the IP address. The number to be dialed or called to reach a telephone subscriber in the same local network or numbering area. An element in a hierarchical division or an open system that interacts directly with elements in the next higher division or the next lower division of that open system. A service which modifies or supplements a basic telecommunication service. A supplementary service must be offered together with or in association with a basic telecommunication service. It includes: 1. Call forwarding services 2. Call barring services 3. Line identification services 4. Call completion services 5. Multiparty service 6. Unstructured supplementary service data 7. Closed user group service Connections that can be used. A small cylindrical or tapered pin, as of wood, used to fasten things or plug a hole. As a critical component of the main control unit, the switch unit is also called the switch module (or switch network), with the functions of switching, allocation, scheduling, and control for packets between interface boards. Generally, the switch unit uses ASIC chips of high performance to provide line rate forwarding for packets. synchronize To synchronize parameter settings on devices to the database of the Issue 01 (2012-05-15) Huawei Proprietary and Confidential 529 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation system bus 13 Glossary network management system. A mechanism of the computer system to achieve connections between devices. It is characterized by the signal transmission between two devices on the bus. One device sends commands and data and the other device receives commands and data. Only one transfer can be operated on the bus at any time. Transfer requests of each device are ranked according to their priorities 13.19 T TCP See Transmission Control Protocol telecommunication 1. Communication by wire, radio, optical or other electromagnetic Telnet terminal systems. 2. Any transmission, emission or reception of signs, signals, writing images and sounds or intelligence of any nature by wire, radio, optical or other electromagnetic systems. Standard terminal emulation protocol in the TCP/IP protocol stack. Telnet is used for remote terminal connection, enabling users to log in to remote systems and use resources as if they were connected to a local system. Telnet is defined in RFC 854. A device that converts voice, sound, text, image, table, data and video from physical display to electronic signals or from electronic signals to physical display. A terminal generates and sends signals

(such as telecommunications circuit setup or release) that maintain the normal running state of the telecommunications network, and it receives the call signals of telecommunications switch and transmission. three-way calling A service that allows a subscriber to add a third party to an activated two-party call so that all the three parties can communicate in a three-way call. time sharing A mode of operation of a data processing system that provides for the interleaving in time of two or more processes in one processor. Time Synchronization Also called the moment synchronization, time synchronization means that the synchronization of the absolute time, which requires that the starting time of the signals keeps consistent with the UTC time. time zone timeout timer A division of the earth's surface, usually extending across 15 of longitude devised such that the standard time is the time at a meridian at the center of the zone. It refers to that an event is expected in a certain time. An event that indicates that a predetermined amount of time has elapsed without some other expected event taking place. Symbolic representation for a timer object (for example, a timer object may have a primitive designated as T-Start Request). Various MAC entities utilize timer entities that provide triggers for certain MAC state transitions. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 530 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 13 Glossary trace track traffic policing Find out or describe how something started or developed. To restore a trouble ticket (TT) by a service agent after the TT is allocated to but not processed in the next stage. It is a scheme that supervises the specific traffic entering the communication devices. By policing the speed of traffic that enters the network, it "punishes" the traffic out of the threshold, so the traffic going into network is limited to a reasonable range, protecting the network resources and the interests of the carriers. transfer mode A mode in which the AH or ESP is inserted behind the IP header but ahead all transport layer protocols. transmission Transmission Control Protocol The transfer of information from one point to one or more other points by means of signals. Notes: 1. Transmission can be effected directly or indirectly, with or without intermediate storage. 2. The use of the English word "transmission" in the sense of "emission" in radiocommunication and of "sending" is deprecated. The protocol within TCP/IP that governs the breakup of data messages into packets to be sent using Internet Protocol (IP), and the reassembly and verification of the complete messages from packets received by IP. A connection-oriented, reliable protocol (reliable in the sense of ensuring error-free delivery), TCP corresponds to the transport layer in the ISO/OSI reference model. transmission performance The reproducibility of a signal input to a telecommunications network under given conditions. The given conditions may include the effect of propagation performance where applicable. transport network layer transport network layer, is defined as [G. 805] a topological component solely concerned with the generation and transfer of characteristic information. troubleshooting Troubleshooting is a form of problem solving. It is the systematic search for the source of a problem so that it can be solved. TX The transmitting end of the interface that signals pass through. 13.20 U UDP unlock upstream See User Datagram Protocol To free the locked goods so that they can be sold consumed or transferred between departments. In an access network, where there is a clear indication in each deployment as to which end of a link is closer to a subscriber, transmission toward the subscriber end of the link. User Datagram Protocol A TCP/IP standard protocol that allows an application program on one device to send a datagram to an application program on another. User Datagram Protocol (UDP) uses IP to deliver datagrams. UDP provides application programs with the unreliable connectionless packet delivery service. UDP messages can be lost, duplicated, Issue 01 (2012-05-15) Huawei Proprietary and Confidential 531 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation delayed, or delivered out of order. UDP is used to try to transmit the data packet, that is, the destination device does not actively confirm whether the correct data packet is received. 13 Glossary 13.21 V VAD See voice activity detection video on demand An interactive video service system through which you can demand desired programs at any time. VoD is a communication technology developed based on computer, telecommunication, and television technologies. virtual circuit A channel or circuit established between two points on an ATM /a network. Virtual circuits can be Permanent Virtual Circuits (PVCs) or Switched Virtual Circuits (SVCs). VoD See video on demand voice activity detection voice file An algorithm used in speech processing wherein, the presence or absence of human speech is detected from the audio samples. The main uses of VAD are in speech coding and speech recognition. A VAD may not just indicate the presence or absence of speech, but also whether the speech is voiced or unvoiced, sustained or early, and so on. Various voice materials recorded or edited by users, for example, dial tone, busy tone, ringing tone, and intelligence tone. These voice materials generally require an analog-to-digital conversion to form a voice file in PCM stream format. voice mail service A value-added service, when a service subscriber misses a call due to voice mailbox voice message the reason such as power off or busy, the calling party can leave a message to the service subscriber, and then the system notifies the service subscriber of the missed call by sending a short message (or a multimedia message, Email). A new communications service that allows the voice data to be converted into digital data and stored on a server, and then the user can obtain the data stored on the server anytime at any place by using a phone or by other means. Voice Message refers to a message that could be sent to a destination using voice media. Voice itself could be 'packaged' and sent through the IP backbone so that it reaches its marked 'address'. In a technical sense, the process of sending 'voice packets volt Basic unit of electrical potential. One volt is the force required to send one ampere of electrical current through a resistance of one ohm. 13.22 W WAN See wide area network Issue 01 (2012-05-15) Huawei Proprietary and Confidential 532 Copyright Huawei Technologies Co., Ltd. eSpace EGW1520 Enterprise Gateway Product Documentation 13 Glossary web wide area network A set of interlinked documents in a hypertext system. A network composed of computers which are far away from each other which are physically connected through specific protocols. WAN covers a broad area, such as a province, a state or even a country. wireless fidelity A short-distant wireless transmission technology. It enables wireless access to the Internet within a range of hundreds of feet wide. wireless local area network A hybrid of the computer network and the wireless communication technology. It uses wireless multiple address channel as transmission media and carriers out data interaction through electromagnetic wave to implement the functions of the traditional LAN. wireless terminal A general term used for any mobile station, mobile terminal, personal station or personal terminal, with which non-fixed access to the network is used. WLAN See wireless local area network 13.23 Z zone The collection of all terminals, gateways, and Multipoint Control Units (MCUs) managed by a single gatekeeper. A zone has only one gatekeeper. A zone is independent from the network topology and can consist of multiple network segments connected using routing equipment. Issue 01 (2012-05-15) Huawei Proprietary and Confidential 533 Copyright Huawei Technologies Co., Ltd.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Huawei Technologies Co.,Ltd. QIS-EGW1520A Request for Confidentiality Federal Communications Commission 2013-1-31 7435 Oakland Mills Road Columbia MD 21046 Subject:

FCC ID:

To Whom It May Concern:

Pursuant to the provisions of Sections 0.457 and 0.459 of the Commissions rules (47 CFR 0.457, 0.459), we are requesting the Commission to withhold the following attachments as confidential document from public disclosure indefinitely. Schematic diagram Block Diagram Parts list (BOM) Information Operational description Above mentioned document contains detailed system and equipment description are considered as proprietary information in operation of the equipment. The public disclosure of above documents might be harmful to our company and would give competitor an unfair advantage in the market. In additional to above mentioned documents, pursuant to Public Notice DA 04-1705 of the Commissions policy, in order to comply with the marketing regulations in 47 CFR 2.803 and the importation rules in 47 CFR 2.1204, while ensuring that business sensitive information remains confidential until the actual marketing of newly authorized devices. We are requesting the Commission withholds the following documents from public viewing for 180 days after the date the grant of equipment authorization is issued:

External Photos Internal Photos Test Setup Photos Users Manual It is our understanding that all measurement test reports, FCC ID label format and correspondent during certification review process cannot be granted as confidential documents and those information will be available for public review once the grant of equipment authorization is issued. Best Regards Zhang Xinghai EMC Laboratory Manager Huawei Technologies Co., Ltd. E-mail: hwzhangxh@huawei.com Fax: 0086-0755-28970299

 

 

Huawei Technologies Co.,Ltd. QIS-EGW1520A Request for Confidentiality Federal Communications Commission 2013-1-31 7435 Oakland Mills Road Columbia MD 21046 Subject:

FCC ID:

To Whom It May Concern:

Pursuant to the provisions of Sections 0.457 and 0.459 of the Commissions rules (47 CFR 0.457, 0.459), we are requesting the Commission to withhold the following attachments as confidential document from public disclosure indefinitely. Schematic diagram Block Diagram Parts list (BOM) Information Operational description Above mentioned document contains detailed system and equipment description are considered as proprietary information in operation of the equipment. The public disclosure of above documents might be harmful to our company and would give competitor an unfair advantage in the market. In additional to above mentioned documents, pursuant to Public Notice DA 04-1705 of the Commissions policy, in order to comply with the marketing regulations in 47 CFR 2.803 and the importation rules in 47 CFR 2.1204, while ensuring that business sensitive information remains confidential until the actual marketing of newly authorized devices. We are requesting the Commission withholds the following documents from public viewing for 180 days after the date the grant of equipment authorization is issued:

External Photos Internal Photos Test Setup Photos Users Manual It is our understanding that all measurement test reports, FCC ID label format and correspondent during certification review process cannot be granted as confidential documents and those information will be available for public review once the grant of equipment authorization is issued. Best Regards Zhang Xinghai EMC Laboratory Manager Huawei Technologies Co., Ltd. E-mail: hwzhangxh@huawei.com Fax: 0086-0755-28970299