In this first entry, I’m going to show you the curent layout of my lab, I say current because I’m always introducing new elements and making changes. My goal here is to have (almost) the same things that you can find in the real world and in most of enterprise environments.
Despite the constant changes, the network is always the same with a WAN, LAN and DMZ well-defined. Let’s show you a picture in general.
The connection to the world is through an ADSL with my own static public IP, fortunately at no extra-cost due to the fact that I got this Internet connection many years ago when ISPs gave you a static address.
As you can see in the map there is a firewall protecting the LAN from the bad guys. I have a pfSense running in a fanless and low power consumption computer, this is a free Open Source FreeBSD based firewall with a lot of nice features and really useful for me together with Snort an IDS/IPS and OpenVPN. I am not a security expert so it has helped me to understand and test a lot of issues related to firewalls and VoIP.
In a real world scenario the DMZ should be isolate with its own network devices but in my case, as money is tight, I just have one switch, a Cisco 3750 with POE, so it’s shared with the LAN, however with the proper VLAN configuration you can isolate both networks.
This is the zone where I have my Lync Edge server and some published services for my personal use.
The HQ site
This is the main site where I have the Cisco UC and LYNC environments running on a VMware ESXi whitebox with the Cisco 3750 POE and a Cisco 2811 as a gateway with a couple of Cisco 7961 IP phones.
The BR1 site
I have just a Cisco 2801 gateway with a couple of 7961 IP phones with a non-Cisco switch.
Both sites are connected via Frame Relay. I am using an old but useful Cisco 2610XM as a FR switch for the PVCs.
In the map you can see an emulated PSTN connected to both HQ and BR1 with an E1 ISDN PRIs, a 7960 IP phone + again the Cisco 2610XM is working as a PSTN gateway killing two birds with one stone. The other link with the PSTN is real, I have a SIP trunk with a provider completely free with some limitations but more than enough for testing.
In the following entries I will provide more in-depth information for each element and environment, this is just the beginning…