Total Recall Max Traffic Collector
Contents
1. This is an optional parameter and it specifies the default IP Total Recall Max Traffic Collector User Guide Page 10 VV A TYSV Vay Wan oot Mai ial traffic gateway for all IP communication through the port VLAN ID This is an optional parameter and it specifies the 802 1Q tag used on the virtual LAN that the port connects to The subsequent examples explain different configuration scenarios Fess ME TB Sa RR haz fe BB 83 ss ss s fi Gateway fo o fo fo VLAN ID fo m 22 frea B ez Nese ss fess ess fo Gateway lige 168 f 253 VLAN ID fo ee fisz fes f a5 Never 255 fess J255 fo Gateway fo fo lo fo VLAN ID foo The entry in the field with red background is incorrect Select Cancel to restore the original value s or correct the entry in the field with red background This is an example of a basic Ethernet Port configuration The port has an IP address 192 168 3 83 and 1s connected to the 192 168 3 0 24 network All traffic for other networks will use the Default Gateway see Network Configuration The port is not part of a VLAN This is an example of an Ethernet Port configuration that is similar to the previous one except that all traffic for other networks will use the specified Gateway 192 168 3 253 This is an example of a basic Ethernet Port configuration for a VLAN The port has an IP address 192 168 3 83 and is connected to the 192 168 3 0 24 network wit2. Instance 1 Running tcp O0 192 1668 3 82 60069 192 166 5 196 10020 ESTABLISHED Instance z Running tcp 0 0 192 168 3 82 60069 192 166 5 196 10020 ESTABLISHED Instance a Not used Instance 4 Not used Update One last note the Traffic Collector will collect H 323 SIP and RTP traffic only if it sees the traffic on Ethernet Port 2 and 3 This is only possible if SW1 and SW2 mirror all VoIP traffic to their ports that connect to the Traffic Collector Total Recall Max Traffic Collector User Guide Page 27 7h Woh I L RT raed Multiple Traffic Collectors Deployment This scenario shows the deployment and configuration of multiple Traffic Collectors one at each site Each site has its own network for VoIP traffic VoIP Provider Internet Provider o Main OTTica N Rro nch C TTICe Collected Traffic IP Traffic Collector 2 Figure 14 Example Multiple Traffic Collectors The following assumptions apply for the Main Office site e The IP phones are connected to a single Ethernet switch SW1 and are part of a single network 192 168 1 0 24 e There is a single VoIP router R1 that connects to the VoIP provider e Similar to the IP phones the PCs are connected to a single Ethernet switch SW2 and are part of a single network 192 168 3 0 24 The default gateway on this network is 192 168 3 253 The following assumptions apply for the Branch Office site e The IP phones are connected to a single Ethernet sw
3. It is possible to use one Collector as well but for the purpose of this example we will use two The subsequent screen capture shows the correct configuration Wiha 1 Configuration Total Recall Protocol Recall Protocol PG upe O PG upe O UOP Total Recall IP Address Total Recall Port E Ethernet Fort iD 2M 3040 Submit Cancel RR 2 Configuration Total Recall Protocol Recall Protocol Tee upo Tee upo UDP de i Address Total Recall Port hooo ooo Ethernet Fort 16 20 3h 40 Submit Cancel We also disable Collector 3 and 4 The subsequent screen capture shows the correct configuration Total Recall Max Traffic Collector User Guide Page 26 JA ATA wet A a pena al aii 3 Configuration Total Recall Protocol Recall Protocol o tcp upPO CO o tcp upPO CO UDP SR a a a Address Total Recall Port Ethernet Port a SA a IDOD aM 40 submit Cancel iii 4 Configuration Total Recall Protocol Recall Protocol tcp UPPG O tcp UPPG O UDP ita Recall IP SES Address Total Recall Port Ethernet Fort S cl 7030 aM ubmit Cancel Finally using the Maintenance page we start Collector 1 and 2 We can observe the status of the connections on the same page The subsequent screen capture shows what the status will look like 1f the Traffic Collector connects to the Total Recall Max successfully Collector Status Collector State Connection Status
4. Ethernet Port 1 to IP 10020 and IP address 192 168 3 196 address 192 168 3 196 and port 10020 The subsequent examples explain different configuration scenarios Total Recall Protocol TCP UDP C The entry in the field with red background ER IP m e fee 1s incorrect Select Cancel to restore the Fotai recai Pon faa SSCS original value s or correct the entry in the field with red background Ethernet Fort iMaosoa Total Recall Max Traffic Collector User Guide Page 15 Total Recall Protocol Recall Protocol M UDRP OO M UDRP OO UDP ia Recall IP SR Address Total Recall Port Ethernet Fort tr 1 2M 3040 Total Recall Protocol Recall Protocol oo TPB UPPG oo TPB UPPG UDP e Sea a Address Total Recall Port fo Ethernet Fort iM 2D 37 405 Total Recall Protocol Recall Protocol Ro up Ro up UDP amp oe Address Total Recall Port fo Ethernet Part 10 203M 4 0 Nei This is an example configuration of a Collector that is disabled The Collector does not collect traffic and does not send traffic to a Total Recall Max This is an example configuration of a Collector that is ready to collect traffic and send it to a Total Recall Max The Collector configuration specifies that the Collector will use TCP to send traffic that it collects on Ethernet Port I to IP address 192 168 3 196 and port 10020 Similar to the previous example this is an example configuratio
5. Port ee 70 3M AD Submit Cancel Finally using the Maintenance page we start Collector 1 on both Traffic Collectors We can observe the status of the connections on the same page The subsequent screen capture shows what the status will look like if the Traffic Collector at the Main Office site connects to the Total Recall Max successfully The result should be the same for the Traffic Collector at the Branch Office site Collector Status Collector State Connection Status Instance Running tcp 0 0 192 166 35 02 60522 192 160 5 196 10020 ESTABLISHED Instance 2 Not used Instance J Not used Instance 4 Not used Update One last note the Traffic Collectors will collect H 323 SIP and RTP traffic only if they sees the traffic on Ethernet Port 2 This is only possible if SW1 and SW3 mirror all VoIP traffic to their ports that connect to the Traffic Collectors Total Recall Max Traffic Collector User Guide Page 32 il i Ny r ji b Appendix A Specifications Parameter Description Power HDD Link act with transfer rate Temperature Temperature Chassis Material 44mm 1 73 H x 210mm 8 27 W x 150mm 5 91 D Total Recall Max Traffic Collector User Guide Page 33
6. Start action from the drop down box and then click on the Submit button The Maintenance page will update and show the new status of the Collector in the Collector Status area The steps to stop and re start a Collector are exactly the same except select the Stop and Restart action respectively in the drop down box instead of the Start action Network Diagnostics It is possible to perform the following basic network diagnostics on the Maintenance page 1 ping a host with a given IP address and 2 discover the route that packets will take from the Traffic Collector to a host with a given IP address Both are useful ways to quickly establish whether there 1s connectivity between the Traffic Collector and a Total Recall Max or a network gateway that must be used to reach a Total Recall Max Use the network diagnostics area which is shown on the subsequent screen capture to perform the diagnostics Total Recall Max Traffic Collector User Guide Page 19 Meu Network Diagnostics Destination IP Address Ping Traceroute E submit Cancel Figure 10 Network Diagnostics on the Maintenance page The subsequent examples show the use of the network diagnostics NEAR le Iles The entry in the field with red background Destination IP Address E fics 3 196 Ping Traceroute is incorrect Select Cancel to clear the fields or correct the entry in the field with a red background Ei S
7. Total Recall Max Traffic Collector User Guide Page 14 UT FET AN VT all Parameter Description Total Recall Collectors use a proprietary protocol on top of the TCP or Protocol the UDP protocol to send traffic to a Total Recall Max UDP is an unreliable protocol and packets can get lost in the network for various reasons As a result avoid using UDP or use it only for low traffic volumes up to 10 active calls Total Recall IP This is the IP address of the Total Recall Max that will Total Recall Port This is the TCP or UDP port the Total Recall Max uses to EYES PON Rese H 323 SIP and RTP maffe om he Colton one or more Ethernet Ports as specified by this parameter The Collector configuration must match the VoIP Settings of the Total Recall Max that will receive traffic from the Collector The following screen captures are an example of a matching configuration Total Recall Protocol TCR UDP eta Recall IP Adde lige fies 3 136 Traffic Collector Settings Connection Type Remote TCP Total Recall Port 10020 E Ethernet Fort M 203040 Signaling Type Connector AN TR Port 10020 TR IP Address 192 168 3 196 Limit Calls To 30 minutes Proxies Gateways OK VoIP Settings inside the red box The Collector configuration specifies that specify that the Total Recall Max expects the Collector will use TCP to send traffic traffic from collectors on TCP port that it collects on
8. traffic that the unit collects to the Total Recall Max We connect this port to SW4 e We will use Ethernet Port 2 to collect all traffic on this site so we connect this port to SW3 e Ethernet Port 3 and 4 will not be used Finally our decision is to provide management access to the Total Recall Max and the Traffic Collectors from the 192 168 3 0 24 network As a result we make a connection between SW5 and SW3 as shown on the previous diagram Also the network administrator was kind enough to give us IP address 192 168 3 196 for the Total recall Max IP address 192 168 3 82 for the Traffic Collector at the Main Office site and the IP address 192 168 4 100 for the Traffic Collector at the Branch Office site Now we are ready to configure the Total Recall Max Using the Network Settings dialog first we assign an IP address network mask and a gateway to the LAN 1 port of the Total Recall Max as shown on the following screen capture IP Address Netmask LAN 1 je AR E Er EN EEEE ke p gt foe Oe I EE RR KT ote epg Then using the VoIP Settings dialog we configure the Total Recall Max to accept H 323 SIP and RTP traffic on the IP address previously assigned to the LAN 1 port and TCP Total Recall Max Traffic Collector User Guide Page 29 7h IATA h iia Neu port 10020 The configuration is shown on the subsequent screen capture the parameters inside the red rectangle Signaling Type Traffic Collector Settings Co
9. ANT SCENARO e A EE ipren 23 Single Traffic Collector Deployment soooeonnnnnneeennneesssseennnnnsssseenresssssseserensssssserosssssseeressssssseereesrsssss 23 Multiple Traffic Collectors Deployment sssssesssrsrrssrsssssrerrrerrrrrrrrrrrrrrrrrrrrrrrrrr rr rr rrr rss seen rss rr rss rr rss rr rr rer rr saa 28 APPENDIX A SPECIFICATIONS sosirea n E R sense usages e en KEERT E EEEE AE ARKE rE ia EERE 33 Table of Figures Ponie 000 DUE e E S 6 Figure 2 Password Change page wactsssvsvastovauoinaacesicadadooobacacaoeesediubedooosareaedoanseacatzaxcabedoooaste 8 Figure 3 System Configuration Page ccccccccsscsccccccccssseesccecceceeaseeescceeeeaaaseeeeeeesaaesseseeeeees 9 Figure 4 System Reboot Page ssssssssssessccccccccccsnnssssssssecesccccecesseaaassssssssssssesseeeeananes 12 Figure 5 System Reboot in Progress Page susssseessrrsrrrrssrrsessersrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr rr r rr rn nn 13 Figure 6 Collector Configuration page sssaeeeeeeerrrrsrrrrrrrrrrrrrrsrrrrrsrrrrrrrrrrnrrnrrrrrrrrrrrrrrrrrrrrr rn 14 Pi vre 7 Marmienance Da Oe acc earantnroasviasansanetsasnacaansunnocevscunassiensuiseatassaaaiunudonssenaanconatagne 17 Figure 8 Collector Status on the Maintenance page ssssseesrssrrrrrsrrsrrrrrrerrerrrrrrrrrrrrrrrrrrrrrren 18 Figure 9 Collector Control on the Maintenance PAgC ssseeeserrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrs 19 Figure 10 Network Diagnostics on the Maintenance Page cccccccccccssssesescece
10. IP Address I Ping Traceroute C Jboss E TT 0 ternet Figure 7 Maintenance page Collector Status The collector status area which is shown on the subsequent screen capture displays the operational status of each Collector Total Recall Max Traffic Collector User Guide Page 17 UT FER AN ie al Collector Status Collector State Connection Status Instance 1 Running tcp O 1916 192 166 3 82 60075 192 166 3 196 10020 Instance 2 Running udp 00 0 0 0 0 52770 192 168 3 115 10020 Instance 3 Stopped Instance 4 Not used Update Figure 8 Collector Status on the Maintenance page Parameter State Connection Status Description The Collector instance Shows the operational state of the corresponding Collector instance Possible states are Not used the Collector is not used to collect traffic Stopped the Collector is ready configured to collect traffic and send it to a Total Recall Max however it is not active Running The Collector is active and it collects traffic See the Connection Status to determine whether the Collector is sending the traffic it collects to a Total recall Max Shows the status of the connection between the Collector and the associated Total Recall Max Possible states are Connecting the Collector is attempting to establish a conne
11. JA Joi ial Total Recall Max Traffic Collector User Guide Version 8 1 0 Date June 2009 Total Recall Max Traffic Collector User Guide Page 1 7h TRT LSD pr iia Table of Contents INTRO DUC TION ostersadesn ensrinsnitedink s bel nere spans onan sean RS Gb Set sger Ser SRS SAR ose nacecetesaneeee 3 ACT OT VIDA sac wrcce aise state sat cst sda savin Geese da ckioestsins E E E E Nesse 3 DEVICE DESCRIPTION issssrstestebesierst vsonsapbasonsitsusins jsitssksels ulko ns blogs E ess 4 OQ E NERE ENAS RASEN ans epee AE ES 4 DOT EET E TE EAE E SIV teats tages E A E TE A AAA ENE E E 4 Vr LAN S srr OT E E EEEN EEEE EE A 5 CO O T E A eee ee tae sees J Impact on Exiting NeIWOTK ossriss unsssnseders renien ada a doain aaen rainat 5 ARTH RE a a E E E EE E E E E 6 PASSWORD CONFIGURATION ororen erain E A E EEE TE E E EEA 8 SYSTEM CONFIGURATION s ccccateetcasecssecsuatesecteancepceceantatectcass etcaeaanescectaaecnceccucsecceaqasdacstaaanteemecente ssoaseoeucdeevacs 9 NWOT A O T srs cro serps O onc nns E E E E E ynesiaceeanes 9 E T TOT COR T O a E eee Pe Te eee eRe eee eer eee 10 E LOOTING eaea N T E E A ees E T E E OSS RE NSNNSE 12 COLLECTOR CONPIGUR ATTON serierna r REER Sad 14 DVI IN Caesarea eerste stn atest aan ENAA EA RINNA 17 COME CIOL SOIUSA E E ETR 17 D F667 a CORP l NEIEN A EEEN E EP AE AANE A E A A AE 19 INET WORK LITA OM OSTI CS eee eee A E EE T E A E E ee eee 19 GG OMCETOT L R ersen an N E E E E 20 P
12. affic Collector User Guide Page 3 lr ojii Nei Device Description Overview The Traffic Collector 1s a device that can be used to collect H 323 SIP and RTP traffic in medium to large VoIP networks and deliver the traffic to one or more Total Recall Max units The Traffic Collector is very attractive option for distributed networks consisting of multiple subnets Multiple Traffic Collectors can be placed in strategic places on the network where H 323 SIP and RTP traffic can be captured and delivered to one or more Total Recall Max recording units The subsequent diagram is an example of such scenario oo VoIP Provider Internet Provider Collected Traffic IP Traffic Collector 2 For small VoIP networks a Total Recall Max unit with its very useful embedded traffic collection capability may suffice Ports Each Traffic Collector comes with four 4 Ethernet ports and is capable of collecting H 323 SIP and RTP traffic on all ports However it may be appropriate and desirable to reserve one of the ports for sending H 323 SIP and RTP traffic to Total Recall Max units Total Recall Max Traffic Collector User Guide Page 4 7h MY h peip aie Note that access to the web based interface 1s only available through Ethernet Port 1 Virtual LANs The Ethernet Ports can connect to a VLAN network IEEE 802 1Q To enable this feature specify the VLAN ID during the port configuration Collectors Up to fou
13. ation page shown on the subsequent screen capture You need to log in before you can access this page Z Traffic Collector Microsoft Internet Explorer File Edit View Favorites Tools Help Address http 192 168 3 82 Reboot the system after making system changes Network Configuration pee fee Submit Cancel Ethernet Port 1 Gysen a he hes f 82 Collectors Network Maintenance Mask 255 255 255 fo Change Password Exit Gateway i 92 fi 68 3 253 Reboot VLAN ID enable Submit Cancel Ethernet Port 2 nanm Network oes fess fess oD _ eass FOP VLANID enable F Cuhmit Cancal Figure 3 System Configuration page Reboot the Traffic Collector after making changes in the system configuration Network Configuration The network configuration specifies the default network communication parameters for the Traffic Collector Total Recall Max Traffic Collector User Guide Page 9 ATI AAS hn N N all Parameter Description Default Gateway This is the default gateway for IP traffic on the network that the Traffic Collector is part of Note that you can specify a gateway for IP traffic for each Ethernet Port However if an Ethernet Port does not specify a gateway then if required the Traffic Collector will use the Default Gateway when sending traffic to a Total Recall Max through the port The subsequent examples explain different configuration scenarios The en
14. cel Now is the time to reboot both Traffic Collectors we made changes to the System Configuration Once the Traffic Collectors are functional again we can proceed with the configuration of the Collectors on each We only need one Collector on each so we will use Collector 1 The subsequent screen capture shows the correct configuration for Collector 1 at the Main Office site Withee 1 Configuration Total Recall Protocol Recall Protocol aa UDP aa UDP UDP a E Address Total Recall Port fio Ethernet Part 102m 30a submit Cancel The subsequent screen capture shows the correct configuration for Collector 1 at the Branch Office site Total Recall Max Traffic Collector User Guide Page 31 Mei ere 1 Configuration Total Recall Protocol Recall Protocol tcp upe tcp upe UDP ee a n Address Total Recall Port foo Ethernet Port 102M3040 submit Cancel Yes the configuration for both Collectors is the same That is because both will send the H 323 SIP and RTP traffic that they collect to the same Total recall Max and both are using Ethernet Port 2 to collect H 323 SIP and RTP traffic We also disable all other Collectors 2 3 and 4 on both Traffic Collectors The subsequent screen capture shows the correct configuration for all of disabled Collectors Total Recall Protocol Recall Protocol oo TPS upo oo TPS upo UDP Total Recall IP Total Recall Port Ethernet
15. ction with the associated Total Recall Max tcp 0 0 lt ip address gt lt port gt lt ip address gt lt remote port gt the Collector is sending traffic to the associated Total Recall Max via TCP The first lt ip address gt lt port gt pair is the IP address and port on the Traffic Collector while the second is the IP address and port on the Total Recall Max udp 0 0 lt ip address gt lt port gt lt ip address gt lt remote port gt the Collector is sending traffic to the associated Total Recall Max via UDP The first lt ip address gt lt port gt pair is the IP address and port on the Traffic Collector while the second is the IP address and port on the Total Recall Max The Collector status does not update automatically Click on the Update button to get an up to date status Total Recall Max Traffic Collector User Guide Page 18 AETAT TR fed pray ial Collector Control The collector control area which is shown on the subsequent screen capture contains controls to start stop and restart each of the Collectors Collector Control Traffic Collector 1 Restart Submit Traffic Collector 2 Restart submit Traffic Collector 3 Restart gt Submit Traffic Collector 4 Restart submit Figure 9 Collector Control on the Maintenance page The controls work on Collectors that are in a state see Collector Status other than Not Used To start a Collector first select the
16. ect a computer to the Ethernet Port 1 of the Traffic Collector using a cross over LAN cable 2 Configure the LAN port that you are using on your computer with the following static IP address 192 168 3 100 and network mask 255 255 255 0 3 Start your favorite web browser such as Internet Explorer on the computer and point it to the following address http 192 168 3 82 The Login page as shown on the subsequent screen capture will display in the web browser Z Traffic Collector Microsoft Internet Explorer File Edit view Favorites Tools Help Address http 192 168 3 82 Main Menu Traffic Collector Login Username System Collectors Password Maintenance Submit Change Password Submit Exit Figure 1 Login page You can change the default IP address 192 168 3 82 of the Ethernet Port 1 to an address using the System menu as explained in the Ethernet Port Configuration section Total Recall Max Traffic Collector User Guide Page 6 Ta la The Main Menu which appears on the left hand side of every page lets you navigate between the different configuration and monitoring pages once you log in Main Menu Link Description System Displays the System Configuration page which lets you configure the Ethernet Ports and networking parameters Collectors Displays the Collector Configuration page which lets you configure up to four Collectors By default all Collectors are disabled Maintenance Di
17. ect the Traffic Collector as follows e We will use Ethernet Port to send all traffic that the unit collects to the Total Recall Max We connect this port to SW5 e We will use Ethernet Port 2 to collect all traffic on floor 1 so we connect this port to SWI e We will use Ethernet Port 3 to collect all traffic on floor 1 so we connect this port to SW2 e Ethernet Port 4 will not be used Finally our decision is to provide management access to the Total Recall Max and the Traffic Collector from the 192 168 3 0 24 network As a result we make a connection between SW5 and SW3 as shown on the previous diagram Also the network administrator was kind enough to give us IP address 192 168 3 196 for the Total recall Max and IP address 192 168 3 82 for the Traffic Collector Now we are ready to configure the Total Recall Max Using the Network Settings dialog first we assign an IP address a network mask and a gateway to the LAN 1 port of the Total Recall Max as shown on the following screen capture IP Address Netmask LAN 1 1932 1683 1596 M256 2552550 Then using the VoIP Settings dialog we configure the Total Recall Max to accept H 323 SIP and RTP traffic on the IP address previously assigned to the LAN 1 port and TCP port 10020 The configuration is shown on the subsequent screen capture the parameters inside the red rectangle Total Recall Max Traffic Collector User Guide Page 24 7h ATA h hu H Mei Signali
18. eeaaeesseeees 20 Figure 11 Collector Logs on the Maintenance page cccccccccsssessceccccceeeseseeceeeeeaaaeseeeees 21 Figure 12 Collecior Log page suemsstoss epestenonassessevssupuopsussrsssbuisssssstetsepdessskinsenssttoenesisN ske 21 Figure 13 Example Single Traffic COIeCtOr sssesersessssserrrsersssrrererrsrererrrrrrrrrrrrrrrrrres 23 Figure 14 Example Multiple Traffic Collectors ssmssssrssssssssrrrsresssrrerrrserererrrrrrrrrrrrrrrrrren 28 Total Recall Max Traffic Collector User Guide Page 2 Voc davai Vacs LYNNE NUR Van iil Introduction The Traffic Collector 1s a device that can be used to collect H 323 SIP and RTP traffic in medium to large VoIP networks and deliver the traffic to one or more Total Recall Max units For small VoIP networks a Total Recall Max unit with its very useful embedded traffic collection capability may suffice The Traffic Collector has a web based interface which works with all standard web browsers such as Internet Explorer and Firefox This publication describes the interface and how it can be used to configure and monitor the operation of a Traffic Collector Acronyms DNS Domain Name Server GUI Graphical User Interface IP Internet Protocol LAN Local Area Network RTP Real Time Protocol SIP Session Initiation Protocol H 323 Suite of VoIP protocols TCP Transmission Control Protocol UDP User Datagram Protocol VLAN Virtual LAN VoIP Voice over IP Total Recall Max Tr
19. gle Traffic Collector Deployment This scenario shows the deployment and configuration of a single Traffic Collector on a site that has two floors Each floor has its own network for VoIP traffic VoIP Provider Internet Provier 7 O irror D D D N Floor 1 IP Phones Floor 2 IP Phones Traffic Collector Collected VoIP Figure 13 Example Single Traffic Collector The following assumptions apply e The IP phones on floor I are connected to a single Ethernet switch SW1 and are part of a single network 192 168 1 0 24 e The IP phones on floor 2 are also connected to a single Ethernet switch SW2 and are part of a single network 192 168 2 0 24 e There is a single VoIP router R1 that connects to the VoIP provider e Similar to the IP phones the PCs on floor 1 are connected to a single Ethernet switch SW3 and are part of a single network 192 168 3 0 24 The default gateway on this network is 192 168 3 253 After doing some preliminary network assessment we decide that it is not a good idea to introduce extra traffic in the existing network especially through SW1 and SW2 by deploying the Total Recall Max and the Traffic Collector As a result our decision is to Total Recall Max Traffic Collector User Guide Page 23 Wain lua Aan peip pi introduce a separate switch SW5 that will carry the H 323 SIP and RTP traffic between the Total Recall Max and the Traffic Collector Further our decision is to conn
20. h VLAN ID 100 All traffic for other networks will use the Default Gateway see Network Configuration Total Recall Max Traffic Collector User Guide Page 11 ah Vay enl a hia Rebooting To reboot the Traffic Collector select the Reboot link on the Main Menu This shows the System Reboot page which is shown on the subsequent screen capture File Edit View Favorites Tools Help Address http 192 168 3 82 System Reboot Reboot Main Menu System Collectors Maintenance Change Password Figure 4 System Reboot page Press the Reboot button to initiate the reboot sequence The Traffic Collector will display the System Reboot in Progress page which is shown on the subsequent screen capture while it is rebooting Total Recall Max Traffic Collector User Guide Page 12 il ie Ny I Ir M ji Traffic Collector Microsoft Internet Explorer Ele Edit View Favorites Tools Help CI System Reboot in Progress Please wait the Traffic Collector is restarting The login page will display when the Traffic Collector is running again This may take up to two 2 minutes Main Menu System Collectors Maintenance Change Password Exit Reboot Figure 5 System Reboot in Progress page Finally when the system reboot is complete the Traffic Collector will display the Login page see Figure 1 Total Recall Max Traffic Collector User Guide Page 13 ah Vay ein Collector Configu
21. itch SW3 and are part of a single network 192 168 2 0 24 e There is a single VoIP router R1 that connects to the VoIP provider e Similar to the IP phones the PCs are connected to a single Ethernet switch SW4 and are part of a single network 192 168 4 0 24 The default gateway on this network is 192 168 4 253 Total Recall Max Traffic Collector User Guide Page 28 AETAT be Annan ad fed prop iil After doing some preliminary network assessment we decide that it is a good idea to minimise the extra traffic in the existing network especially through SW2 and SW4 by deploying the Total Recall Max and a Traffic Collector As a result our decision 1s to introduce a separate switch SW5 that will carry the H 323 SIP and RTP traffic between the Total Recall Max and the Traffic Collector at Main Office site Note that the Traffic Collector at the Branch Office site will need to use SW4 and SW2 to deliver the traffic it collects to the Total Recall Max Further our decision is to connect the Traffic Collector at Main Office site as follows e We will use Ethernet Port 1 to send all traffic that the unit collects to the Total Recall Max We connect this port to SWS e We will use Ethernet Port 2 to collect all traffic on this site so we connect this port to SWI e Ethernet Port 3 and 4 will not be used Next our decision 1s to connect the Traffic Collector at Branch Office site as follows e We will use Ethernet Port 1 to send all
22. n of a Collector that is ready to collect traffic and send it toa Total Recall Max The Collector configuration specifies that the Collector will use UDP to send traffic that it collects on Ethernet Port 2 and 3 to IP address 192 168 3 200 and port 10020 Total Recall Max Traffic Collector User Guide jji Page 16 oped i Ni Weal Maintenance The Traffic Collector Maintenance page allows for 1 determining the status of the Collectors 2 starting stopping Collectors 3 performing basic network diagnostics such as ping and traceroute and 4 viewing the logs for each Collector The Maintenance link that appears on the Main Menu displays the Traffic Collector Maintenance page shown on the subsequent screen capture You need to log in before you can access this page AH Traffic Collector Microsoft Internet Explorer File Edit View Favorites Tools Help Address http 192 168 3 82 ee Wal Vranas Wi Collector State Connection Status Instance 1 Running tcp 0 1918 192 168 3 82 60075 192 168 3 196 10020 Instance 2 Running udp 00 0 0 0 0 32770 192 168 3 115 10020 Instance 3 Stopped Instance 4 Not used Main Menu Update System Collectors Collector Control Maintenance Change Password Traffic Collector 1 Restor z Submit Ext Traffic Collector 2 Restart Submit Reboot Traffic Collector 3 Restor z Submit Traffic Collector 4 Restat Submit Network Diagnostics Destination
23. ng Type Traffic Collector Settings Connection Type Remote TCP TR Port 10020 TR IP Address 192 158 3 196 Limit Calls To 30 minutes Proxies Gateways OK Cancel At this point the Total Recall Max is ready to accept traffic from the Traffic Collector So we can proceed with the configuration of the Traffic Collector The Ethernet Port 1 on the Traffic Collector must be configured for IP communication as it will be used to send traffic to the Total Recall Max The subsequent screen capture shows the correct configuration Network Configuration Detault pea haz fies f 253 Submit Cancel Ethernet Port 1 nE 32 he fi a2 Nate 255 fess 255 o Gateway fo fo fo fo VLAN ID fo Ethernet Port 2 and 3 do not need to be configured for IP communication as we only plan to use them to collect H 323 SIP and RTP traffic The subsequent screen capture shows the correct configuration Total Recall Max Traffic Collector User Guide Page 25 Voy i hu H VA ii Ethernet Port 2 B b b b Newe fp hp Gateway o bo D VLAN ID fo Submit Cancel Ethernet Port 3 ee PP fo b b Neon lf hp Gateway o bo D bo VLAN ID fo Submit Cancel Now is the time to reboot the Traffic Collector we made changes to the System Configuration Once the Traffic Collector is functional again we can proceed with the configuration of the Collectors We only need two Collectors so we will use Collector and 2
24. nnection Type Remote TCP TR Port 10020 TR IP Address 132 168 35 196 Limit Calls To 30 minutes Proxies Gateways OK Cancel At this point the Total Recall Max is ready to accept traffic from the Traffic Collectors So we can proceed with the configuration of the Traffic Collectors The Ethernet Port 1 on the Traffic Collector at both sites must be configured for IP communication as it will be used to send traffic to the Total Recall Max The subsequent screen capture shows the correct configuration for the Traffic Collector at the Main Office site Network Configuration Detault pete ha fies f 253 Submit Cancel Ethernet Port 1 Ma fies BB a2 Naot 255 fees BE D cawas e BO e Mawop o O The subsequent screen capture shows the correct configuration for the Traffic Collector at the Branch Office site Total Recall Max Traffic Collector User Guide Page 30 7h Vy TEN N a pena al Network Configuration Default KN haz fes fa 253 submit Cancel Ethernet Port 1 AR ha fires f fog v 255 fess js fo cusar E BB wwo oo submit Cancel All other Ethernet Ports on both Traffic Collectors do not need to be configured for IP communication as we only plan to use them to collect H 323 SIP and RTP traffic or not use them at all The subsequent screen capture shows the correct configuration for all other ports PP b b b base a BO EO Gateway 0 0 lo VLAN ID fo submit Can
25. ollector Microsoft Internet Explorer File Edit View Favorites Tools Help Address http 192 168 3 82 Main Menu System Collectors Maintenance Change Password Exit Reboot Log is empty 2007 06 28 11 54 39 318 INFO 3086780112 filter udp serverNameMedia 192 165 3 196 serverPortMedia 10020 serverProtocol TCP deviceCount 1 logL vel INFO 2007 06 28 2007 06 28 2007 06 28 2007 06 28 2007 06 28 2007 06 28 2007 06 28 2007 06 28 2007 06 28 2007 06 28 2007 06 28 2007 06 28 3066780112 3066780112 30667680112 30667680112 3066780112 3066780112 3066780112 3066760112 3066780112 3066780112 3066780112 30667680112 39345 39345 239 346 239 346 239 346 239 346 239 346 740 346 740 349 740 349 740 349 740 349 device 0 etho Device ethO opened Filter compilation ok Filter instalation ok TCP connection created Tep socket send buffer size 60000 Operation now in progress Unable to connect to recorder Connected to recorder Command reader thread created cmdReader Sniffer Client started Sniffing started PCAP thread created 0 Figure 12 Collector Log page The Collector Log page does not update automatically Use the browser s Refresh button to get an up to date information in the log Total Recall Max Traffic Collector User Guide Page 21 7h ALA hh dy A Mei Total Recall Max Traffic Collector User Guide Page 22 AMRIT h hn Mei Example Scenarios Sin
26. r 4 individual Collectors can be active on every Traffic Collector The Collectors are the engines that collect traffic from one or more Ethernet Ports and send the traffic to Total Recall Max units Each Collector can send traffic to one Total Recall Max however more that one Collector can send traffic to the same Total Recall Max Collectors use a proprietary protocol on top of the TCP or the UDP protocol to send traffic to a Total Recall Max UDP 1s an unreliable protocol and packets can get lost in the network for various reasons As a result avoid using UDP or use it only for low traffic volumes up to 10 active calls Impact on Exiting Network The Traffic Collector gives enhance flexibility to the Total Recall Max However it will have impact on existing network if it connects Traffic Collectors to Total Recall Maxes The impact is an increase of the amount of traffic that the network needs to support The Collectors basically send a copy of the H 323 SIP and RTP traffic that they collect to a Total Recall Max This has the effect of doubling the H 323 SIP and RTP traffic that the network needs to transport Use a separate network between the Traffic Collectors and Total Recall Maxes to minimise the impact on the existing network Total Recall Max Traffic Collector User Guide Page 5 Np wa j Nava Start Here To access the web based interface of a Traffic Collector for the first time do the following 1 Conn
27. ration Up to four 4 individual Collectors can be active on each Traffic Collector The Collectors are the engines that collect traffic from one or more Ethernet Ports and send the traffic to one or more Total Recall Max units The Collector configuration for each Collector specifies 1 the Ethernet Port s that the Collector should use to collect H 323 SIP and RTP traffic and 2 the Total Recall Max that will receive the H 323 SIP and RTP traffic The Collectors link that appears on the Main Menu displays the Collector Configuration page shown on the subsequent screen capture You need to log in before you can access this page A Traffic Collector Microsoft Internet Explorer File Edit View Favorites Tools Help Address http 192 168 3 82 Collector 1 Configuration Total Recall Protocol i TCP amp UDP Total Recall IP oc oc Address L Total Recall Port la Ethernet Port TA oy cet Cl 233 Main Menu Submit Cancel System Collector 2 Configuration Collectors Maintenance Total Recall Protocol TCP UDP Change Password Total Recall IP Exit Adis 192 168 3 200 Total Recall Port foo20 Ethernet Port S Cr B so Sr Submit Cancel Collector 3 Configuration Total Recall Protocol TCP UDP Total Recall IP a drag fa 168 3 fi 96 Total Recall Port 10020 Ethernet Port EA ERR P nate ct Figure 6 Collector Configuration page
28. splays the Maintenance Page which lets you start stop Collectors determine the state of each Collector and perform some basic network diagnostics Displays the Password Change page which lets you change the password for the admin user Select this link to log out the admin user Reboot Displays the System Reboot page which lets you reboot the Traffic Collector Total Recall Max Traffic Collector User Guide Page 7 ah Vay a bs Password Configuration The Traffic Collector has one user that is allowed to gain access to the web interface The user is admin The default password for the user admin is admin You can change this password by using the Password Change page shown on the subsequent screen capture To access this page click on the Change Password link that appears on the Main Menu Traffic Collector Microsoft Internet Explorer File Edit View Favorites Tools Help Address http 192 168 3 82 Main Menu Password Change Password System Collectors New Password Maintenance Confirm New Password Change Password Exit Submit Figure 2 Password Change page Total Recall Max Traffic Collector User Guide Page 8 ah Vay ein System Configuration The Traffic Collector system configuration comprises 1 Network configuration 2 Ethernet Port configuration The System link that appears on the Main Menu displays the Traffic Collector System Configur
29. try in the field with red background Default Bs 7 2 288 168 j3 253 is incorrect Select Cancel to restore the original value s or correct the entry in the field with red background Default The gateway for all Ethernet Ports that do aoe 192 168 2 EI not specify a gateway is 192 168 3 253 The Traffic Collector does not have a Default fo fo mo mo NN U I default gateway Ethernet Port Configuration The Ethernet Port configuration specifies the parameters that prepare ports for IP communication Observe the following l 2 3 4 Ethernet Port I must be configured for IP communication as this is the port used to access the web based interface described in this publication All Ethernet Ports that are used by Collectors to send traffic to Total Recall Max units must be configured for IP communication Ethernet Ports that are used exclusively to collect H 323 SIP and RTP traffic do not need to be configured for IP communication The VLAN ID and Default Gateway parameters are optional The Traffic Collector is not a routing device for IP traffic It can connect to multiple networks by connecting different ports to different networks however it will not route traffic from one network to another Parameter Description IP Address The IP address that the port will use for IP communication It should be a valid IP address for your network Network Mask The network mask that the port will use for IP communication
30. ubmit Cancel Network Diagnostics To ping a host first enter the IP address Destro r wares ESEESE mS mee then select the Ping radio button and ee eee eee ea J finally click on the Submit link The seas bgt See ce eS screen capture on the side shows what 64 bytes from 192 166 3 196 icmp _seq 5 ttl 64 time 0 206 ms iv should be a familiar result when the host 5 backers coanowasted amp reorivea Dt packet Joss tine 399m0 swith the specified IP address responds to Submit Cancel the ping ditched cde To discover the route that packets will Se E oe Ping mew take to a host first enter the IP address ee espe then select the Traceroute radio button gaaon SS noes a nant and finally click on the Submit link The screen capture on the side shows what should be a familiar result of a route to a submit Cancel host Collector Logs The collector logs area which is shown on the subsequent screen capture contains links to the logs for each of the Collectors Total Recall Max Traffic Collector User Guide Page 20 Collector Logs Collector 1 log Collector 2 log Collector 3 log Collector 4 log il Me Ny I pr ji b Figure 11 Collector Logs on the Maintenance page To view the log of a Collector simply click on the correct link The Traffic Collector will display the content of the Collector s log in a Collector Log page which is shown on the subsequent screen capture Traffic C
Download Pdf Manuals
Related Search