Wanted to update all on the install of the EdgeMarc 4500 devices for our customer last week.
Getting into the units was pretty easy. Power them up, plug into LAN port 4. The unit is setup with DHCP enabled and configured for 192.168.1.1. Fire up the web browser and point it at that IP. Default login is root with a password of default. I changed the IP which caused the unit to reboot (a little to my surprise). The VLan enable check box is on this page, if you enable VLans, the only port that is not a trunk port is LAN port 4.
When changing the IP, the EdgeMarc does not update the default DHCP table. You'll need to statically setup an IP in the new address range you just setup for the new LAN IP. One piece on the DHCP page that is missing is the ability to pass a DNS domain name in the DHCP scope. I'd really like to see this changed as DNS is so important to the sipX world.
I configured VLans 1 (data) and 2 (voice) at each site. Put LAN ports 1, 3 and 4 into VLan 1 and port 2 in VLan 2. I setup the 3 devices we got in a fully meshed VPN configuration. To get ports statically into a particular VLan the port must be configured for 802.1 instead of 802.1q (trunk port).
Routing between VLans is enabled by default. I didn't try to block any traffic between VLans for this application.
In defining tunnels I could only specify one to one subnets (unlike on a Cisco ASA or PIX). So I had to create a tunnel for each VLan and each site (Data to Data, Phone to Phone, Data to Phone and Phone to Data). What a pain... but it works. With 3 sites fully meshed I ended up with 8 VPN definitions at each site.
Once the basic configs were done I went into the QOS setups and prioritized traffic from each of the Voip cards outbound.
The only gotchas for me with these units are the reboots after many of the changes and the lack of a DNS Domain option in the DHCP configuration. Looking forward to testing these as a SIP failover device.