Configure Networks

Grant Access Privileges to Trusted Local Networks

By default, several MSL services, including server manager access, SSH and system monitoring, are accessible only from computers that are located on the same network where the MSL server is installed. If you need to manage the server from a different subnet on the LAN, then you must configure the other subnet as a "Trusted Network." This configuration opens the firewall and allows access to the services on the MSL server.

For MiVoice Business systems, after an upgrade or installation, the 10.0.0.0/8, 172.16.0.0./12, and 192.168.0.0/16 networks are added by default that provides access to all MiVoice Business network services on these networks.

Example of Default Routing Configuration

In the example illustrated below, the LAN interface of the MSL server has an IP address of 10.36.20.20. Accordingly, the server will accept traffic only from the 10.36.20.x network while blocking traffic from all other subnets on the LAN.  

Example of MiVoice Business Configuration

In the example illustrated below, the MiVoice Business system has been configured an IP address of 10.36.20.20 on its LAN interface and with a "trusted network" of 10.34.20.0/255.255.255.0. Accordingly, the MiVoice Business system will accept MiVoice Business network services from both the 10.36.20.x and 10.34.20.x subnets.

Example of Trusted Network Configuration

In the example illustrated below, the MSL server has been configured an IP address of 10.36.20.20 on its LAN interface and with a "trusted network" of 10.34.20.0/255.255.255.0. Accordingly, the server will accept traffic from both the 10.36.20.x and 1034.20.x subnets.

 

Notes:

To extend privileges to one or more additional networks:

  1. Under Configuration, click Networks.

  2. Click Add a new trusted network.

  3. In the Network Address field, enter the IPv4 or IPv6 address of the network to designate as “local”.

  4. In the Subnet mask or network prefix length field, enter the dot-decimal subnet mask or CIDR network prefix to apply to the Network Address. If this field is left blank, the system assigns a network prefix length of /24 for IPv4 networks or /64 for IPv6 networks.

Note: If you are using the Mitel Performance Analytics (MPA) application for analyzing the MiVoice Business system, then:

  1. In the Router field, enter the IP address of the router you will use to access the newly-added network.

  2. Click Add.

Add Network Routes

Use this procedure to add new routes to the MSL server's routing table. This configuration opens the firewall and enables traffic to flow to/from remote servers but does not grant access to the MSL services (as would adding a trusted network).

Notes:

To add additional network routes:

  1. Under Configuration, click Networks.

  2. Click Add a new network route.

  3. In the Network Address field, enter the IPv4 or IPv6 address of the network route.

  4. In the Subnet mask or network prefix length field, enter the subnet mask or CIDR prefix to apply to the Network Address. If this field is left blank, the system assigns a network prefix length of /24 for IPv4 networks or /64 for IPv6 networks.

  5. In the Router field, enter the IP address of the router you will use to access the newly-added network.

  6. Click Add.

Print Page