manualshive.com logo in svg

TANDBERG D14049.04, Руководство администратора

TANDBERG D14049.04 - это мощное оборудование для видеоконференций. Администраторский мануал доступен для бесплатного скачивания с нашего сайта. Настройте устройство с легкостью, следуя инструкциям в руководстве администратора. Скачайте его сейчас с manualshive.com.

Поделиться
Скачать
background image

158

D14049.07 
March 2010

Grey Headline 

(continued)

TANDBERG

 VIDEO COMMUNICATION SERVER

ADMINISTRATOR GUIDE

Introduction

Overview and 

status

System 

configuration

VCS  

configuration

Zones and 

neighbors

Clustering and 

peers

Call  

processing

Bandwidth 

control

Firewall 

traversal

Appendices

Applications

Maintenance

Security certificates

For extra security, you may want to have the VCS communicate 
with other systems (such as LDAP servers, neighbor VCSs, or 
clients such as SIP endpoints) using TLS encryption.
For this to work successfully in a connection between a client 
and server:

• 

The server must have a certificate installed that verifies 
its identity. This certificate must be signed by a Certificate 
Authority (CA).

• 

The client must trust the CA that signed the certificate used 
by the server.

The VCS allows you to install appropriate files so that it can act 
as either a client or a server in connections using TLS. The VCS 
can also authenticate client connections (typically from a web 
browser) over HTTPS. You can also upload certificate revocation 
lists (CRLs) for the CAs used to verify LDAP server and HTTPS 
client certificates. 

For an endpoint to VCS connection, the VCS acts as the 
TLS server. For a VCS to LDAP server connection, the 
VCS is a client. For a VCS to VCS connection either VCS 

may be the client with the other VCS being the TLS server. For 
HTTPS connections the web browser is the client and the VCS is 
the server.

!

TLS can be difficult to configure. For example, when using 
it with an LDAP server it is recommended that you 
confirm that your system is working correctly before you 

attempt to secure the connection with TLS. It is also 
recommended that you use a third party LDAP browser to verify 
that your LDAP server is correctly configured to use TLS.

!

Be careful not to allow your CA certificates or CRLs to 
expire as this may cause certificates signed by those CAs 
to be rejected.

For more information on setting up security certificates, refer to 
the 

Certificate Creation and Use Deployment Guide [32]

.

Overview

To enable certificate security using the web interface:

• 

Maintenance > Security certificates

.

You are taken to the 

Security certificates

 page.

Certificate and certificate revocation list (CRL) files can 
only be loaded via the web interface. They cannot be 
installed using the CLI.

Trusted CA certificate

This section manages the list of certificates for the Certificate 
Authorities trusted by this VCS. Certificates presented to the VCS 
must be signed by a trusted CA on this list and there must be a 
full chain of trust to the root CA.

• 

To upload a new file of CA certificates, 

Browse

 to the required 

PEM file and click 

Upload CA certificate

. This will replace any 

previously uploaded CA certificates.

If certificate revocation list checking for TLS encrypted 

LDAP server connections

 (for account authentication) is 

enabled, the necessary PEM encoded CRL data must be 
included within the trusted CA certificate file.

• 

Click 

Reset to default CA certificate

 to replace the currently 

uploaded file with a default list of trusted CA certificates.

• 

Click 

Show CA certificate

 to view the currently uploaded file.

Server certificate data

This section is used to upload the VCS's server certificate. This 
certificate is used to identify the VCS when it communicates with 
client systems using TLS encryption, and with web browsers over 
HTTPS.

• 

Use the 

Browse

 buttons to select the 

server certificate

 PEM 

file and the 

server private key

 PEM file that is used to encrypt 

it. After selecting both files, click 

Upload server certificate 

data

. The private key must not be password protected.

• 

Click 

Reset to default server certificate

 to replace the current 

server certificate with the VCS's default certificate.

• 

Click 

Show server certificate

 to view the currently uploaded 

server certificate file.

HTTPS client certificate validation

The 

Client certificate validation

 setting controls whether client 

systems (typically web browsers) that communicate with the VCS 
over HTTPS have to present a valid client certificate before the 
connection can be established. Note that a restart is required for 
changes to this setting to take effect.

!

If you enable client certificate validation your browser will 
be able to use the VCS web interface only if it has a valid 
client certificate that is signed by a CA in the VCS's 

trusted CA certificate list. Ensure your browser (the client system) 
has a valid (in date and not revoked by a CRL) client certificate 
before enabling this feature. You can test if a client certificate is 
valid by using the 

client certificate test

 feature described below.

The procedure for uploading a certificate to your browser may 
vary depending on the browser type and you may need to restart 
your browser for the certificate to take effect.

Client certificate revocation list (CRL) file

You are recommended to upload CRL data for the CAs that sign 
the HTTPS client certificates. Note that CRL checking is applied 
for every CA in the chain of trust.

• 

To upload a PEM encoded CRL file, 

Browse

 to the required file 

and click 

Upload CRL for client certificates

. This will replace 

any previously uploaded CRL file.

• 

Click 

Remove revocation list

 if you want to remove all HTTPS 

client CRL information from the VCS.

CRL data uploaded here only applies to HTTPS client 
certificate validation; CRL data intended for validating TLS 
connections with an LDAP server must be contained 
within the trusted CA certificate file.

Client certificate test

To verify if a client certificate will be accepted before enabling 
client certificate validation:

• 

Click 

Browse

 to select the required PEM file and then click 

Test client certificate file

. The selected file will be checked 

against the VCS's trusted CA list and the client certificate 
revocation list. A success or failure message will be displayed.

Enabling security

Содержание D14049.04

Страница 1: ...MINISTRATOR GUIDE Software version X5 1 March 2010 Introduction Overview and status System configuration VCS configuration Zones and neighbors Clustering and peers Call processing Bandwidth control Fi...

Страница 2: ...41 About Ethernet speed 41 IP 42 About IP protocols 42 IPv4 to IPv6 gatewaying interworking 42 External LAN interface 42 About IP routes static routes 42 About LAN configuration 42 About Dual Network...

Страница 3: ...neighbor zones 68 Configuring traversal client zones 69 Configuring traversal server zones 70 Configuring ENUM zones 71 Configuring DNS zones 71 Zone configuration advanced settings 72 Zone configura...

Страница 4: ...ones 107 Configuring search rules for DNS zones 107 Configuring DNS servers 107 URI dialing via DNS for incoming calls 108 Types of DNS records required 108 Incoming call process 108 SRV record format...

Страница 5: ...Server 141 Presence User Agent PUA 142 Aggregation of presence information 142 FindMe presence 142 Registration refresh period 142 Configuring Presence 143 Enabling and disabling Presence Services 14...

Страница 6: ...he report 171 Sending incident reports automatically 171 Tools 172 Check pattern 172 Locate 172 Port usage 173 Local VCS inbound ports 173 Local VCS outbound ports 173 Remote listening ports 173 Resta...

Страница 7: ...91 Pattern variable reference 192 VCS port reference 193 DNS configuration 196 Overview 196 Verifying the SRV record 196 Microsoft DNS server 196 BIND 8 9 196 LDAP configuration for device authenticat...

Страница 8: ...ing Gateways and IVR Interoperability INDUSTRY SOLUTIONS The TANDBERG Total Solution TANDBERG delivers the most comprehensive and reliable total solution of video products in the industry including te...

Страница 9: ...deployed within your wide area network with endpoints that are behind the same firewalls or NAT devices The VCS Control replaces the need to have separate H 323 gatekeeper SIP registrar and H 323 SIP...

Страница 10: ...keepers and SIP proxies n 1 redundancy can be part of a cluster of up to 6 VCSs for increased capacity and redundancy Intelligent Route Director for single number dialing and network failover faciliti...

Страница 11: ...is managed in TMS and distributed to the clients through the TMS Agent running on the VCS The TMS Agent on the VCS also provides TMS with the provisioned client s status There is no configuration asso...

Страница 12: ...using Allow Lists and Deny Lists registrations can be controlled at the subzone level Each subzone can be configured to allow or deny registrations assigned to it via the subzone membership rules See...

Страница 13: ...fully allocated Hardware failure warnings Improved hardware failure detection warnings and status display Auditor account access level An Auditor access level can be assigned to administrator account...

Страница 14: ...needs Please let us know how well we succeeded How to use this Administrator Guide Typographical conventions Most configuration tasks on the VCS can be performed by using either the web interface or...

Страница 15: ...dministrator Login 3 Enter a valid administrator username and password and click Login See the Login accounts section for details on setting up administrator accounts You are presented with the Overvi...

Страница 16: ...ing and its suggested resolution Information box An information box appears on the configuration pages whenever you either click on the Information icon or click inside a field This box gives you info...

Страница 17: ...a username of admin and your system password You will see a screen similar to that shown below You can now start using the CLI by typing the appropriate commands Command types Commands are divided int...

Страница 18: ...interface These pages provide information on the current status and configuration of the VCS Overview and status TANDBERG VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Introduction Overview and stat...

Страница 19: ...dditional VCS features such as TURN Relays FindMe Device Provisioning and Dual Network Interfaces are controlled through the use of option keys This section shows all the options that are currently in...

Страница 20: ...ardware on which the VCS software is installed Hardware serial number The serial number of the hardware on which the VCS software is installed Time Information Up time The amount of time that has elap...

Страница 21: ...and subnet mask and IPv6 address of the LAN 2 port DNS Server 1 5 address The IP address es of each of the DNS servers that will be queried when resolving domain names Up to 5 DNS servers may be conf...

Страница 22: ...m automatically re registering Filter To limit the list of registrations enter one or more characters in the Filter field and select Filter Only those registrations that contain in any of the displaye...

Страница 23: ...tion about an individual device s registration The exact details and options shown here will depend on the device s protocol whether the registration is still current and whether a Deny List is in use...

Страница 24: ...ry page lists all the calls that are no longer active that have taken place since the VCS was last restarted To view the Call history page Status Calls History The page displays the following informat...

Страница 25: ...device asking it to accept the call Each message shows up as a separate search in the Search history page but only the Setup message will be associated with a particular call For H 323 searches origin...

Страница 26: ...l amount of bandwidth used by all calls passing through the subzone Local Zone The Zone status page lists all the zones that are currently configured on your VCS the number of calls and amount of band...

Страница 27: ...The Pipe status page lists all the pipes currently configured on your VCS along with the number of calls and the bandwidth being used by each pipe To view the Pipe status page Status Bandwidth Pipes...

Страница 28: ...ent if there is no NAT that requested the relay Creation time The date and time the relay became active Expiry time The date and time the relay will become inactive Click View to go to the TURN relay...

Страница 29: ...Relay application is required in deployments that use both Microsoft Office Communicator MOC clients and FindMe if they both use the same SIP domain Its purpose is to enable the VCS to share FindMe p...

Страница 30: ...ng icon from the web interface but the warning will still be listed on the Warnings page with a status of Acknowledged If a new warning occurs the warning icon will reappear You cannot delete warnings...

Страница 31: ...up a remote server to which the Event Log can be copied See the sections on Setting the Event Log level and About remote logging for more information Results This section shows all the events with th...

Страница 32: ...and neighbors Clustering and peers Call processing Bandwidth control Firewall traversal Appendices Applications Maintenance Status Event Log format The Event Log is displayed in an extension of the UN...

Страница 33: ...e detail of the Event Name Description Auth Whether the call attempt has been authenticated successfully Method SIP method INVITE BYE UPDATE REGISTER SUBSCRIBE etc Contact Contact header from REGISTER...

Страница 34: ...Detail event parameter 1 Authorization Failure The user has either entered invalid credentials does not belong to an access group or belongs to a group that has an access level of None Applies when re...

Страница 35: ...erver failed unexpectedly The Detail event parameter should differentiate between no response and request rejected Servers concerned are DNS LDAP servers Neighbor Gatekeeper NTP servers Peers 1 FindMe...

Страница 36: ...another system over TLS Refer to the event parameters for more information 1 Policy Change A policy file has been updated 1 POST request failed A HTTP POST request was submitted from an unauthorized s...

Страница 37: ...d A system restart has been requested Refer to the Reason event parameter for specific information 1 Search Attempted A search has been attempted 1 Search Cancelled A search has been cancelled 1 Searc...

Страница 38: ...Agent restore completed The TMS Agent restore process has completed 1 TMS Agent Restore error An error occurred while attempting a TMS Agent restore 1 TMS Agent restore started The TMS Agent restore...

Страница 39: ...his section shows all the web based events with the most recent being shown first Most events contain hyperlinks in one or more of the fields such fields will change color when you hover over them You...

Страница 40: ...on to the network in which it is located for example its IP settings and the external services used by the VCS e g DNS NTP and SNMP System configuration TANDBERG VIDEO COMMUNICATION SERVER ADMINISTRAT...

Страница 41: ...net is disabled You can also enable access via HTTP However this mode works by redirecting HTTP calls to the HTTPS port so HTTPS must also be enabled for access via HTTP to function The Session time o...

Страница 42: ...plex network deployments You can configure routes for up to 50 networks and host combinations IP routes can be configured using the CLI only xConfiguration IP Route xCommand RouteAdd About LAN configu...

Страница 43: ...e log server a default name of TANDBERG is used if the Local host name is not specified Domain name The Domain name is used when attempting to resolve unqualified server addresses for example ldap or...

Страница 44: ...figured of the NTP server to be used when synchronizing system time The NTP server field defaults to one of four NTP servers provided by TANDBERG either 0 ntp tandberg com 1 ntp tandberg com 2 ntp tan...

Страница 45: ...sensitive nature of the information involved Do not enable SNMP on a VCS on the public internet or in any other environment where you do not want to expose internal system information The VCS does not...

Страница 46: ...vents plus network level SIP messages Setting the Event Log level You can control which events are logged by the VCS by setting the log level All events with a level numerically equal to and lower tha...

Страница 47: ...and the H 323 configuration options available on the VCS an overview of SIP and the SIP configuration options available on the VCS how to configure the VCS to act as a SIP to H 323 gateway how to cont...

Страница 48: ...on control To enable the VCS as an H 323 Gatekeeper you must ensure that H 323 mode is set to On VCS configuration Protocols H 323 This is the default setting so the VCS will work as an H 323 gatekeep...

Страница 49: ...t then changes and the endpoint attempts to re register using the same alias You can determine how the VCS will behave in this situation by configuring the Registration conflict mode The options are R...

Страница 50: ...3327 10 When the VCS proxies a request that contains Route Set information it forwards it directly to the URI specified in the path Any call processing rules configured on the VCS are bypassed This ma...

Страница 51: ...ports The VCS supports SIP over UDP TCP and TLS transport protocols You can configure whether or not incoming and outgoing connections using each protocol are supported and if so the ports on which th...

Страница 52: ...uring interworking The Interworking page is used to configure whether or not the VCS acts as a gateway between SIP and H 323 calls To go to the Interworking page VCS configuration Protocols Interworki...

Страница 53: ...ister with a VCS They are known as locally registered services These systems are configured with their own prefix which they provide to the VCS when registering The VCS will then know to route all cal...

Страница 54: ...cify the IP address or FQDN of the registrar with which they wish to register and the endpoint will attempt to register with that registrar only The VCS is a SIP Server for endpoints in its local zone...

Страница 55: ...uard against replay attacks For this reason if you are using authentication both the VCS and the endpoints must use an NTP server to synchronize their system time See the About the NTP server section...

Страница 56: ...LS TLS TLS encryption is used for the connection to the LDAP server Off no encryption is used The default is Off The link Upload a CA Certificate file for TLS takes you to the Security certificates pa...

Страница 57: ...View Edit to make changes to an existing entry You are taken to the Edit credential page Delete Click Delete to remove a credential from the list New Select New to add a new entry to the local authent...

Страница 58: ...he VCS using an alias that has already been registered on the VCS from another IP address The reasons for this could include two endpoints at different IP addresses are attempting to register using th...

Страница 59: ...ionPolicy The Restriction policy option specifies the policy to be used when determining which endpoints may register with the VCS The options are None any endpoint may register AllowList only those e...

Страница 60: ...nfiguration Registration DenyList Managing entries in the Allow and Deny Lists The Registration Allow List and Registration Deny List pages both work in the same way Pattern The pattern against which...

Страница 61: ...ocal Zone which is made up of subzones including the Traversal Subzone and Default Subzone create and configure external zones to communicate with other systems and endpoints including other VCSs Gate...

Страница 62: ...h used by and between different parts of your network This section will give you an overview of the different parts of the video communications network and the ways in which they can be connected This...

Страница 63: ...cluster see the Cluster Subzone section for more information Overview Bandwidth management The Local Zone s subzones are used for bandwidth management After you have set up your subzones you can apply...

Страница 64: ...particularly resource intensive See the chapter on Bandwidth control and the section on Bandwidth consumption of traversal calls for more information on controlling the bandwidth of traversal calls W...

Страница 65: ...le VCS Controls or gatekeepers In order to act as a traversal server the VCS Expressway must have a special type of two way relationship with each traversal client To create this connection you create...

Страница 66: ...red with the Default Zone and default links between it and both the Default Subzone and the Traversal Subzone The purpose of the Default Zone is to manage incoming calls from unrecognized endpoints to...

Страница 67: ...he connecting traversal client is not configured so the required certificate holder s name is specified separately If the neighbor system is another VCS or it is a traversal client traversal server re...

Страница 68: ...neighbor system Systems that are configured as cluster peers formerly known as Alternates must not be configured as neighbors to each other H 323 Mode Determines whether H 323 calls are allowed to an...

Страница 69: ...on the traversal server to use for H 323 calls to and from the local VCS For firewall traversal to work via H 323 the traversal server must have a traversal server zone configured on it to represent...

Страница 70: ...ports for media Off each call from the traversal client uses a separate pair of ports for media SIP Mode Determines whether SIP calls are allowed to and from the traversal client Port The port on the...

Страница 71: ...fy mode Controls whether the VCS performs X 509 certificate checking against the destination system server returned by the DNS lookup This setting only applies if the DNS lookup specifies TLS as requi...

Страница 72: ...y responded to Determines what happens when the VCS receives a SIP search that originated as an H 323 search Off a SIP OPTION or SIP INFO message is sent On searches are responded to automatically wit...

Страница 73: ...tribute line limit option should normally be left as the default of Off However some systems such as Microsoft OCS 2007 cannot handle attribute lines longer than 130 characters so it must be set to On...

Страница 74: ...VITE request is removed Off INVITE requests are not modified Off Neighbor zones DNS zones SIP record route address type Controls whether the VCS uses its IP address or host name in the record route or...

Страница 75: ...Manager Nortel Communication Server 1000 TANDBERG Advanced Media Gateway Searches are automatically responded to Off Off Off Off Empty INVITE allowed Off On On On SIP poison mode On Off Off Off SIP en...

Страница 76: ...tern type of Prefix That neighbor would then only be queried for calls to numbers which begin with its prefix In a URI based dial plan similar behavior may be obtained by configuring search rules for...

Страница 77: ...peers a troubleshooting guide for cluster replication problems how registrations and bandwidth are shared across peers how clustering works with FindMe Presence and TMS the purpose of the cluster subz...

Страница 78: ...cally for subzones zones links pipes authentication bandwidth control and call policy To achieve this you define a cluster name and nominate one peer as the configuration master Approximately every mi...

Страница 79: ...ot replicated user account details you can maintain these on any peer FindMe data uses a different replication mechanism You may need to wait up to one minute before changes are updated across all pee...

Страница 80: ...ng section for further details Certificates The security certificates and certificate revocation lists CRLs used by the VCS must be uploaded individually per peer Configuration data that is replicated...

Страница 81: ...re registrations only The SIP standard currently has no direct equivalent but some SIP UAs including TANDBERG Movi v2 0 or later clients support similar functionality If you configure such endpoints...

Страница 82: ...icate configuration information Configuration information must be changed on the master peer only but changes to FindMe information can be made on any peer and will be shared with all other peers If y...

Страница 83: ...ill ensure that the call is passed to that cluster regardless of the status of the individual peers Note that when you are configuring a connection to a remote cluster you need to enter the IP address...

Страница 84: ...that can be dialed to initiate a call how hop counts affect the search process the searching and transform process how to use Call Policy to manage calls routing calls via the Advanced Media Gateway h...

Страница 85: ...arch transforms and Call Policy 6 The VCS then applies its search rules in priority order At each priority zones are searched first in the native protocol and then if the VCS interworking configuratio...

Страница 86: ...Expressway will be forced to route through the VCS Expressway The call will therefore be subject to any restrictions configured on that system About the different address types No special configuratio...

Страница 87: ...warded on any further and the search will fail For search requests initiated by the local VCS the hop count assigned to the request is configurable on a zone by zone basis The zone s hop count applies...

Страница 88: ...request is sent to the Local Zone or out to an external zone see the Zone searching and transform process right Zone transforms are specified as a part of the search rules configuration You can transf...

Страница 89: ...are applied prior to any possible CPL modification and Zone transforms All peers in a cluster should be configured identically including any pre search transforms A VCS in a cluster treats search requ...

Страница 90: ...ms are applied in order of priority and the priority must be unique for each transform Description An optional free form description of the transform Pattern type The way in which the Pattern string m...

Страница 91: ...of the subzone membership rules configured on the VCS Calls to these IP addresses are not affected by the Calls to Unknown IP addresses setting the VCS will always attempt to place the call providing...

Страница 92: ...rules list but are ignored by the VCS when processing search requests Configuration options The configurable options are Rule name A descriptive name for the search rule Description An optional free f...

Страница 93: ...lace the matching part of the alias is substituted with the text in the Replace string The Target zone is then queried using the revised alias Note that if you want to transform the alias before apply...

Страница 94: ...323 endpoints that register using a number you will need to set up the following pre search and zone transforms This will let users place calls from SIP and H 323 endpoints to H 323 endpoints register...

Страница 95: ...ed whether they have registered with an H 323 ID or a full URI but uses a different regex regular expression that supports alphanumeric characters Explanation The pre search transform example below ta...

Страница 96: ...rms are applied Some example configurations are given here The Any Alias mode does not support alias transforms If you want to always query a zone using a different alias to that received you need to...

Страница 97: ...ch requests to this particular VCS would take up resources unnecessarily To achieve this on your Head Office VCS create a zone to represent the Sales Office VCS and set up an associated search rule wi...

Страница 98: ...query a zone for the original alias at the same time as you query it for a transformed alias To do this configure one search rule example top right with a mode of Any Alias and a second search rule e...

Страница 99: ...for the same zone each with for example the same Priority and an identical Pattern String to be matched but with a different replacement patterns In this situation the VCS queries that zone for each...

Страница 100: ...ation mode on When Authentication mode is set to On all endpoints and neighbors are required to authenticate with it before calls will be accepted If a call is received from an unauthenticated source...

Страница 101: ...is already in place If this is the case on the Call Policy configuration page VCS configuration Call Policy Configuration you will have the option to Delete uploaded file Doing so will delete the exis...

Страница 102: ...he Call Policy or if Call Policy has been configured using the Call Policy rules page you could take a copy of this CPL file to use as a starting point for a more advanced CPL script If Call Policy ha...

Страница 103: ...if you want to control which calls go through the AM gateway you have to set up policy rules To do this set Policy mode to On and then follow the related task link to Configure Advanced Media Gateway...

Страница 104: ...d disabling policy rules When you are making or testing configuration changes to your AM gateway policy rules you may want to temporarily enable or disable certain rules You may also want to configure...

Страница 105: ...o be made via one particular system such as a VCS Expressway If you do not want to use DNS as part of URI dialing within your network then no special configuration is required Endpoints will register...

Страница 106: ...ill still forward the call to this zone and the call will therefore fail For this reason we recommend that this setting is left as the default Off If the Include address record setting for the DNS zon...

Страница 107: ...f no NAPTR SIP or SRV SIP and H 323 records have been found for the dialed alias via this zone the VCS will then query for A and AAAA DNS records before moving on to query lower priority zones We reco...

Страница 108: ...t type being used Name is the domain in the URI that the VCS is hosting e g example com Port is the IP port on the VCS that has been configured to listen for that particular service and protocol combi...

Страница 109: ...VCS using an address in the format of a URI an appropriate transform should be written to convert URIs into the format used by the H 323 registrations An example would be a deployment where H 323 end...

Страница 110: ...using ENUM you must configure at least one ENUM zone and configure at least one DNS Server This is described in the ENUM dialing for outgoing calls section Incoming Calls To enable endpoints in your...

Страница 111: ...As and when each ENUM zone configured on the VCS is queried the E 164 number is transformed into an ENUM domain as follows a The digits are reversed and separated by a dot b The DNS Suffix configured...

Страница 112: ...s for endpoints that callers in your enterprise might want to dial You can then set up search rules that filter the queries sent to each ENUM zone as follows use a Mode of Alias Pattern Match use the...

Страница 113: ...10 100 u E2U h323 h323 1 example com would be interpreted as follows 10 is the order 100 is the preference u is the flag E2U h323 states that this record is for an H 323 URI h323 1 example com describ...

Страница 114: ...onsume a call license for any such calls and the call signaling path will be simplified This setting is useful in a hierarchical dial plan when used on the directory VCS In such deployments the direct...

Страница 115: ...S will ever have the same Call Serial Number A single call passing between two or more VCSs will be identified by a different Call Serial Number on each system Call Tag Call Tags are used to track cal...

Страница 116: ...to be disconnected there is a risk that in the meantime the call has already been disconnected and the call ID assigned to a new call For this reason the VCS also allows you to reference the call usi...

Страница 117: ...ages allow you to control the bandwidth that is used for calls within your local zone as well as calls out to other zones Bandwidth control TANDBERG VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Intr...

Страница 118: ...amount of bandwidth used by endpoints on your network This is done by grouping endpoints into subzones and then applying limits to the bandwidth that can be used within each subzone between a subzone...

Страница 119: ...ion you should configure separate subzones for each different part of the network Use the Default Subzone page VCS configuration Local Zone Default Subzone to place bandwidth restrictions on calls inv...

Страница 120: ...disable certain rules You can do this by selecting the rule s check box and clicking Enable or Disable as appropriate Any disabled rules still appear in the rules list but are ignored by the VCS when...

Страница 121: ...ure the bandwidth available between one specific subzone and another specific subzone or zone If your bandwidth configuration is such that multiple types of bandwidth restrictions are placed on a call...

Страница 122: ...to apply bandwidth limitations to this link select the pipe s to be applied For more information see the Applying pipes to links section Default links About default links If a subzone has no links co...

Страница 123: ...Pipes You will be taken to the Pipes page Select New You will be taken to the Create pipe page xCommand PipeAdd Editing an existing pipe To configure details of a pipe VCS configuration Bandwidth Pip...

Страница 124: ...options for calls in and out of that site Example In the diagram opposite Pipe A has been applied to two links the link between the Default Subzone and the Home Office subzone and the link between th...

Страница 125: ...sers will get one of the following messages depending on the system that initiated the search Exceeds Call Capacity Gatekeeper Resources Unavailable About the default call bandwidth To configure the d...

Страница 126: ...ted as a separate subzone on the VCS with bandwidth configured according to local policy The enterprise s leased line connection to the Internet and the DSL connections to the remote offices are model...

Страница 127: ...ion The VCS Expressway has subzones configured for the Home Office and Branch Office These are linked to the VCS Expressway s Traversal Subzone with pipes placed on each link All calls from the VCS Ex...

Страница 128: ...configure the additional firewall traversal server functions of a VCS Expressway including TURN services Firewall traversal TANDBERG VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Introduction Overvie...

Страница 129: ...ferent way Likewise each VCS client must have one traversal client zone configured on it for each server that it is connecting to The ports and protocols configured for each pair of client server zone...

Страница 130: ...nnection from the VCS Control In the Client authentication username field enter the VCS Control s authentication username On the VCS Expressway add the VCS Control s authentication username and passwo...

Страница 131: ...uses for outgoing connections the firewall administrator may need to know this information so that if necessary they can configure the firewall to allow outgoing connections from those ports The page...

Страница 132: ...P 50000 52399 demultiplex media port range For connections to the VCS Expressway using the Assent protocol the default ports are Call signaling UDP 1719 listening port for RAS messages TCP 2776 listen...

Страница 133: ...figuration Zones Edit zone in the Configuration section There must also be an entry in the VCS Expressway s authentication database with the corresponding client username and password VCS Control or V...

Страница 134: ...for each IP address Firewall traversal and Dual Network Interfaces In order for Expressway firewall traversal to function correctly the firewall must be configured to allow initial outbound traffic f...

Страница 135: ...Controller You do this by adding a new traversal client zone on the VCS client and configuring it with the details of the traversal server To add a new traversal client zone VCS configuration Zones Y...

Страница 136: ...e for traversal server zones see the Configuring traversal server zones section Adding and configuring a traversal server zone Configuring traversal for endpoints Overview Traversal enabled H 323 endp...

Страница 137: ...t cases the default ports should be used However you have the option to change these ports if necessary Configuration To configure the VCS Expressway ports VCS configuration Expressway Ports You are t...

Страница 138: ...ks through ICE how they are going to communicate Depending upon how the NAT devices are configured the endpoints may be able to communicate between their public facing addresses on the NAT devices or...

Страница 139: ...in order to use each of these applications They are Conference Factory Presence services OCS Relay FindMe Provisioning Starter Pack This section also provides information on TMS Agent TANDBERG VIDEO C...

Страница 140: ...cation Alias The alias that will be dialed by the endpoints when the Multiway feature is activated This must also be configured on all endpoints that may be used to initiate the Multiway feature An ex...

Страница 141: ...e for managing the presence information for all presentities in the SIP domain s for which the VCS is authoritative refer to the SIP domains section for more information The Presence Server can manage...

Страница 142: ...d this information is more accurate Where presence information is provided by the PUA and two or more other sources the Presence Server will aggregate the presence information from all presentities to...

Страница 143: ...he CLI only See xConfiguration SIP Routes Route 1 20 for details Disabled If the local Presence Server is disabled the VCS will proxy on all PUBLISH messages to one or more of its neighbor zones in ac...

Страница 144: ...whether they are registered locally or to a remote server Note FindMe users will not be listed here as a FindMe entity cannot subscribe to presence information However one or more of the endpoints th...

Страница 145: ...S Relay routing prefix To create a connection between the VCS and the OCS you must have already configured a neighbor zone on the VCS with details of the OCS In order for the OCS Relay application to...

Страница 146: ...its User Policy as follows It first checks to see if FindMe is enabled If so it checks if the alias is a FindMe ID and if it is the call is forwarded to the aliases associated with the active locatio...

Страница 147: ...sup ins del br a href is also supported but the URL can only contain A Z 0 9 dot and note that the URL is relative to the current page so you must prefix it with for example http if you want to refer...

Страница 148: ...FindMe ID has an associated user account After the system administrator has set up your account you can log in to it using a web interface and configure it with details of your work locations and the...

Страница 149: ...e not answered after a specified time Click Edit next to the location whose details you want to change to open a new window where you can select the primary devices associated with that location and t...

Страница 150: ...e number along with any prefixes required by your dial plan for external calls telephones enter the extension number for internal calls or the full telephone number along with any necessary prefixes I...

Страница 151: ...ace or mode of working such as Office or Home This name is not seen by the people that call you If the primary devices are busy Select the devices to call if any of your primary devices are busy Save...

Страница 152: ...ion keys will have no effect while the Starter Pack option key is present Device authentication The provisioning server supports device authentication Provisioned devices credentials can be authentica...

Страница 153: ...on the VCS Device Provisioning The TMS Agent works with the TMS Provisioning Directory to replicate and distribute the provisioning information and phonebook from TMS via VCSs to endpoint devices VCS...

Страница 154: ...d passwords create and restore backups create a system snapshot view incidents and configure incident reporting use built in tools to check patterns and locate aliases view a list of all ports used by...

Страница 155: ...dditional manual steps may be required Contact your TANDBERG representative for more information on how to obtain these Backing up before upgrading You should backup your system configuration before u...

Страница 156: ...CP part of the PuTTY free Telnet SSH package you need to transfer two files to the VCS A text file containing just the 16 character Release Key required for the VCS platform component only Ensure ther...

Страница 157: ...will consume a traversal license if there are no non traversal call licenses available Registrations the number of concurrent registrations allowed on the VCS An endpoint can register with more than o...

Страница 158: ...or account authentication is enabled the necessary PEM encoded CRL data must be included within the trusted CA certificate file Click Reset to default CA certificate to replace the currently uploaded...

Страница 159: ...nality apply access over SSH Telnet and through the serial port is disabled and cannot be turned on access over HTTPS is enabled and cannot be turned off the command line interface CLI is unavailable...

Страница 160: ...accessed using a username and password If local user account authentication is selected each user account must be created locally by a VCS administrator If remote user account authentication is select...

Страница 161: ...not administrator passwords and the root password must meet a minimum level of complexity before they are accepted If Enforce strict passwords is set to On all subsequently configured administrator p...

Страница 162: ...the Username when logging into this account Enter the Initial password and then enter it again in the Confirm password field Users can change their password after they have logged in Note that passwo...

Страница 163: ...ons associated with the account Close the window when you have finished making changes Note that this is the same interface that users use when they log in to their own account to configure their Find...

Страница 164: ...e of the administrator group Access Read Write allows all configuration to be viewed and changed This provides the same rights as the default admin account Read Only allows status and configuration in...

Страница 165: ...tificate chain of the CA that issued the LDAP server s certificate are checked The default is None Authentication configuration This section specifies the VCS s authentication credentials to use when...

Страница 166: ...end this To enable and disable access to the root account using SSH and Telnet 1 Log in to the VCS as root 2 Type one of the following commands rootaccess t on to enable access using Telnet rootaccess...

Страница 167: ...ell and use the serial port to manage the system Because access to the serial port allows the password to be reset it is recommended that you install the VCS in a physically secure environment Configu...

Страница 168: ...window appears and prompts you to save the file the exact wording depends on your browser The default name is in the format hardware serial number _ date _ time _ backup tar gz 4 Save the file to a d...

Страница 169: ...hot is used for diagnostic purposes It is a file that can be sent to your TANDBERG support representative at their request to assist them in troubleshooting issues you may be experiencing To create a...

Страница 170: ...mation and any other information that either alone or in combination with other data could provide information specific to a particular person PLEASE BE SURE THAT PRIVACY PROTECTED PERSONAL DATA IS NO...

Страница 171: ...customer support Maintenance Incident Reporting Configuration You will be taken to the Incident Reporting Configuration page xConfiguration Error Reports The options are Incident reports sending mode...

Страница 172: ...tches the pattern The Result section shows whether the alias matched the pattern and displays the transformed alias if appropriate The Locate page Maintenance Tools Locate lets you test whether the VC...

Страница 173: ...ce of the inbound communications your firewall must allow inbound traffic to the IP port on the VCS from the source of the inbound communications and return traffic from that same VCS IP port back out...

Страница 174: ...m has been shut down the only way it can be restarted is by pressing the soft power button on the unit itself You must therefore have physical access to the unit if you want to restart it after it has...

Страница 175: ...le shows a full list of all configuration items and where applicable their default values xCommand DefaultValuesSet Level 3 must be used with caution as it resets the system s IPv4 and IPv6 addresses...

Страница 176: ...blank Option 1 64 Key all option keys are deleted SystemUnit AdminAccount 1 15 Access ReadWrite SystemUnit AdminAccount 1 15 Name blank SystemUnit AdminAccount 1 15 Password blank SystemUnit Maintena...

Страница 177: ...tenance Restoring default configuration Configuration items reset by DefaultValuesSet level 2 cont Configuration item Default value after xCommand DefaultValuesSet Level 2 Login Remote LDAP Server Add...

Страница 178: ...g dots or stars depending on your browser instead of the characters you are typing Command line interface CLI When entering passwords using the command line interface CLI you will type the password i...

Страница 179: ...rsal Appendices Applications Maintenance This section includes the following appendices which provide supplementary information regarding the administration of the VCS CPL reference Regular expression...

Страница 180: ...lns urn ietf params xml ns cpl xmlns taa http www tandberg net cpl extensions xmlns xsi http www w3 org 2001 XMLSchema instance xsi schemaLocation urn ietf params xml ns cpl cpl xsd taa routed address...

Страница 181: ...is taken from the SETUP The From and ReplyTo fields of the incoming message The source aliases from the original LRQ or ARQ that started the call If a SETUP is received without a preceding RAS message...

Страница 182: ...r host For URI aliases this selects the domain name part If the alias is an IP address then this subfield is the complete address in dotted decimal form tel For E 164 numbers this selects the entire s...

Страница 183: ...is the highest priority Locations with the same priority are searched in parallel regex regular expression replace string Specifies the way in which a location matching the regular expression is to be...

Страница 184: ...a forked call If the current location set is empty the call is forwarded to its original destination The proxy node supports the following optional parameters timeout 1 86400 Timeout duration specifie...

Страница 185: ...eld origin not present Reject call with a status code of 403 Forbidden reject status 403 reason Denied by policy not present address switch taa routed cpl CPL examples Call screening based on alias In...

Страница 186: ...act using example com retry the request with example net taa location clear yes regex example com replace 1 example net proxy taa location failure proxy address address switch taa routed cpl CPL examp...

Страница 187: ...present reject status 403 reason Only local endpoints can use this Tandberg VCS not present address switch taa routed cpl CPL examples Block calls from Default Zone and Default Subzone The same script...

Страница 188: ...hema instance xsi schemaLocation urn ietf params xml ns cpl cpl xsd taa routed address switch field destination address regex 9 address switch field originating zone Calls coming from the traversal zo...

Страница 189: ...multiple failure outputs to be specified within a single proxy node This allows a script to redirect the call to different locations e g different recorded messages based on the exact reason for call...

Страница 190: ...s example attempts to subscribe the presence of user example com are rejected xml version 1 0 encoding UTF 8 cpl xmlns urn ietf params xml ns cpl xmlns taa http www tandberg net cpl extensions xmlns x...

Страница 191: ...iving the first character in the range followed by the character and then the last character in the range You can not use special characters within the they will be taken literally a z will match agai...

Страница 192: ...currently configured on the VCS not applicable ipv4 xConfiguration Ethernet 1 IP V4 Address xConfiguration Ethernet 2 IP V4 Address Matches the IPv4 addresses currently configured on the VCS for LAN...

Страница 193: ...ration Also used to replicate FindMe data if the VCS is part of a cluster with FindMe enabled 22 TCP inbound not configurable Telnet Used for unencrypted command line administration 23 TCP inbound not...

Страница 194: ...port for TURN relay requests 3478 UDP inbound 1024 65534 VCS configuration Expressway TURN xConfiguration Traversal Server TURN Port VCS database and TMS Agent for clusters or TMS Encrypted administr...

Страница 195: ...range of ports to be used for the media Ports are allocated from this range in pairs with the first port number of each pair being an even number See Configuring the Traversal Subzone ports for more...

Страница 196: ...ain into which you wish to insert the record service _ name is the name of the service you re adding Priority is the priority as defined by RFC 2782 3 Weight is the weight as defined by RFC 2782 3 Por...

Страница 197: ...e for H 323 an LDAP schema to represent H 323 endpoints H 350 2 Directory services architecture for H 235 an LDAP schema to represent H 235 elements H 350 4 Directory services architecture for SIP an...

Страница 198: ...s Adding H 350 objects Create the organizational hierarchy 1 Open up the Active Directory Users and Computers MMC snap in 2 Under your BaseDN right click and select New Organizational Unit 3 Create an...

Страница 199: ...lation on the Linux platform For installations on other platforms the location of the OpenLDAP configuration files may be different See the OpenLDAP installation documentation for details Installing t...

Страница 200: ...izational unit to contain the H 350 objects dn ou h350 dc my domain dc com objectClass organizationalUnit ou h350 2 Add the ldif file to the server using the command slapadd l ldif _ file This organiz...

Страница 201: ...lements type xConfiguration element sub element to return all current configuration for that group of sub elements To obtain information about using each of the xConfiguration commands type xConfigura...

Страница 202: ...ample xConfiguration Administration HTTPS Mode On Administration HTTPS RequireClientCertificate On Off Determines whether the VCS requires a valid client certificate from your web browser before setti...

Страница 203: ...ongs A cluster consists of up to 6 peers including the local VCS Note this must be a valid IPv4 or IPv6 address Example xConfiguration Alternates 1 Peer Address 10 13 0 2 Applications ConferenceFactor...

Страница 204: ...domains already configured on the VCS and must be the same domain used by all FindMe names Example xConfiguration Applications OCS Relay OCS Domain example com Applications OCS Relay OCS Routing Prefi...

Страница 205: ...will occur if the original attempt failed due to resource issues or other transitory errors Default 5 Example xConfiguration Applications Presence User Agent RetryDelta 5 Authentication Credential 1 2...

Страница 206: ...nfiguration Authentication Password password123 Authentication UserName S 0 128 The username used by the VCS when authenticating with another system Note this does not apply to traversal client zones...

Страница 207: ...ndwidth Link 1 Pipe2 Name 2Gb Broadband Bandwidth Pipe 1 1000 Bandwidth PerCall Limit 1 100000000 If this pipe has limited per call bandwidth sets the maximum amount of bandwidth in kbps available for...

Страница 208: ...neighbors Direct allows an endpoint to make a call to an unknown IP address without the VCS querying any neighbors The call setup would occur just as it would if the far end were registered directly...

Страница 209: ...address of that static NAT Note you must restart the system for any changes to take effect Example xConfiguration Ethernet 1 IP V4 StaticNAT Address 64 22 64 85 Ethernet 1 2 IP V4 StaticNAT Mode On O...

Страница 210: ...Server Certificate Verification Mode On H323 Gatekeeper AutoDiscovery Mode On Off Determines whether or not the VCS responds to gatekeeper discovery requests from endpoints Default On Example xConfig...

Страница 211: ...Live 60 65534 Specifies the interval in seconds at which an H 323 endpoint must re register with the VCS in order to confirm that it is still functioning Default 1800 Example xConfiguration H323 Gatek...

Страница 212: ...servers Example xConfiguration IP DNS Domain Name example com IP DNS Hostname S 0 63 Defines the DNS host name that this system is known by Note that this is not the fully qualified domain name just t...

Страница 213: ...S Value 0 63 The value to be stamped onto all signaling and media traffic routed through the VCS Note you must restart the system for any changes to take effect Example xConfiguration IP QoS Value 16...

Страница 214: ...P Password password123 LDAP Server Address S 0 128 Sets the IP address or Fully Qualified Domain Name FQDN of the LDAP server to use when making LDAP queries Example xConfiguration LDAP Server Address...

Страница 215: ...dministrator login credentials are authenticated before access is allowed to the VCS Remote credentials are verified against an external credentials directory for example Windows Active Directory Loca...

Страница 216: ...e when binding to the LDAP server None no mechanism is used DIGEST MD5 The DIGEST MD5 mechanism is used Default DIGEST MD5 Example xConfiguration Login Remote LDAP SASL DIGEST MD5 Login Remote LDAP Se...

Страница 217: ...ed ReadWrite configuration can be viewed and changed Default ReadWrite Example xConfiguration Login User Groups Group 1 Access ReadWrite Login User Groups Group 1 15 Name S 0 128 Defines the name of a...

Страница 218: ...y FindMe Mode Off On ThirdPartyManager Configures how the FindMe application operates Off disables FindMe On enables FindMe ThirdPartyManager uses an off box third party FindMe manager Default Off Exa...

Страница 219: ...uffix regular expression or must be matched exactly Exact the string must match the alias character for character Prefix the string must appear at the beginning of the alias Suffix the string must app...

Страница 220: ...el 90 Services AdvancedMediaGateway Policy Mode On Off Controls whether the policy rules are used to control access to the Advanced Media Gateway Default Off Example xConfiguration Services AdvancedMe...

Страница 221: ...200 State Enabled Disabled Indicates if the policy rule is enabled or disabled Disabled policy rules are ignored Default Enabled Example xConfiguration Services AdvancedMediaGateway Policy Rules Rule...

Страница 222: ...nts that support it Default On Example xConfiguration SIP Require Duo Video Mode On SIP Require UDP BFCP Mode On Off Controls whether the VCS will require the use of the com tandberg udp bfcp extensio...

Страница 223: ...be routed Default 5060 Note this command is intended for developer use only Example xConfiguration SIP Routes Route 1 Port 22400 SIP Routes Route 1 20 Request Line Pattern S 0 128 Regular expression...

Страница 224: ...bound Port End 1024 65534 Specifies the upper port in the range to be used by outbound TCP TLS SIP connections Default 29999 Example xConfiguration SIP TCP Outbound Port End 29999 SIP TCP Outbound Por...

Страница 225: ...Smith SNMP SystemLocation S 0 70 Specifies the physical location of the VCS Example xConfiguration SNMP SystemLocation Server Room 128 SystemUnit AdminAccount 1 15 Access AccountDisabled ReadOnly Rea...

Страница 226: ...guration SystemUnit Password password123 SystemUnit StrictPassword Enforce On Off Determines whether or not administrator passwords must meet a certain level of complexity before they are accepted Def...

Страница 227: ...n order of priority and the priority must be unique for each transform Default 1 Example xConfiguration Transform 1 Priority 10 Transform 1 100 State Enabled Disabled Indicates if the transform is ena...

Страница 228: ...the port on the VCS to be used for demultiplexing RTP media Note You must restart the system for any changes to take effect Default 2776 Example xConfiguration Traversal Server Media Demultiplexing RT...

Страница 229: ...ubzone applies only if the mode is set to Limited Default 1920 Example xConfiguration Zones LocalZone DefaultSubZone Bandwidth PerCall Intra Limit 1920 Zones LocalZone DefaultSubZone Bandwidth PerCall...

Страница 230: ...ied and thus to which subzone the endpoint is assigned if an endpoint s address satisfies multiple rules The rules with the highest priority 1 then 2 then 3 and so on are applied first If multiple Sub...

Страница 231: ...this subzone Default Unlimited Example xConfiguration Zones LocalZone SubZones SubZone 1 Bandwidth PerCall Inter Mode Limited Zones LocalZone SubZones SubZone 1 1000 Bandwidth PerCall Intra Limit 1 1...

Страница 232: ...or not H 323 calls using H460 18 mode for firewall traversal will be allowed Applies to traversal enabled endpoints registered directly with the VCS Default On Example xConfiguration Zones LocalZone T...

Страница 233: ...irewall s NAT bindings open Default 20 Example xConfiguration Zones LocalZone Traversal H323 UDPProbe KeepAliveInterval 20 Zones LocalZone Traversal H323 UDPProbe RetryCount 1 65534 Sets the number of...

Страница 234: ...query to the DNS zone Zones Policy SearchRules Rule 1 2000 Mode AliasPatternMatch AnyAlias AnyIPAddress Determines whether a query is sent to the target zone AliasPatternMatch queries the zone only i...

Страница 235: ...ared to the priority of the other search rules All Priority 1 search rules are applied first followed by all Priority 2 search rules and so on Default 100 Example xConfiguration Zones Policy SearchRul...

Страница 236: ...G711u Zones Zone 1 1000 DNS Interworking SIP EmptyInviteAllowed On Off Determines whether the VCS will generate a SIP INVITE message with no SDP to send to this zone INVITEs with no SDP mean that the...

Страница 237: ...e 1 1000 DNS SIP Record Route Address Type IP Hostname Controls whether the VCS uses its IP address or host name in the record route or path headers of outgoing SIP requests to this zone Note setting...

Страница 238: ...SIP UDP BFCP Filter Mode Off Zones Zone 1 1000 DNS ZoneProfile Default Custom MicrosoftOCS2007 CiscoUnifiedCommunicationsManager NortelCS1000 AdvancedMediaGateway Determines how the zone s advanced s...

Страница 239: ...Determines whether the VCS will generate a SIP INVITE message with no SDP to send to this zone INVITEs with no SDP mean that the destination device is asked to initiate the codec selection and are us...

Страница 240: ...Mode On Off Controls whether authenticated SIP messages ones containing a P Asserted Identity header from this zone are trusted On messages are trusted without further challenge Off messages are chal...

Страница 241: ...hat if they are received by the local VCS again they will be rejected On SIP requests sent out via this zone that are received again by this VCS will be rejected Off SIP requests sent out via this zon...

Страница 242: ...On Off Controls X 509 certificate checking and mutual authentication for inbound and outbound connections between this VCS and the neighbor system When enabled the neighbor system s FQDN or IP address...

Страница 243: ...Zones Zone 1 1000 TraversalClient Authentication UserName S 0 128 The user name used by the VCS when connecting to the traversal server Example xConfiguration Zones Zone 1 TraversalClient Authenticati...

Страница 244: ...ne 4 TraversalClient SIP Port 5061 Zones Zone 1 1000 TraversalClient SIP TLS Verify Mode On Off Controls X 509 certificate checking and mutual authentication between this VCS and the traversal server...

Страница 245: ...Zones Zone 1 1000 TraversalServer SIP Poison Mode On Off Determines whether SIP requests sent out to this zone will be poisoned such that if they are received by the local VCS again they will be reje...

Страница 246: ...traversal client will attempt to send a TCP probe to the VCS Default 5 Example xConfiguration Zones Zone 5 TraversalServer TCPProbe RetryCount 5 Zones Zone 1 1000 TraversalServer TCPProbe RetryInterv...

Страница 247: ...TraversalClient TraversalServer ENUM DNS Determines the nature of the specified zone in relation to the local VCS Neighbor the new zone will be a neighbor of the local VCS TraversalClient there is a...

Страница 248: ...mation about using each of the xCommand commands from within the CLI type xCommand or xCommand to return all current xCommand commands available on the VCS type xCommand to return all current xCommand...

Страница 249: ...Example xCommand AMGWPolicyRuleDelete AMGWPolicyRuleId 1 AdminAccountAdd Creates a new administrator account Name r S 0 25 Defines the name of an administrator user who can login to the VCS web interf...

Страница 250: ...dministrator login group AdminLoginGroupId r 1 30 The index of the administrator login group to be deleted Example xCommand AdminLoginGroupDelete AdminLoginGroupId 1 AllowListAdd Adds an entry to the...

Страница 251: ...h 512 CallType nontraversal CheckPattern A diagnostic tool that allows you to check the result of an alias transform local or zone before you configure it on the system Note that this command does not...

Страница 252: ...tems to their default value Level 3 resets all critical configuration items plus Level 1 and Level 2 items to their default value See the Restoring default configuration section for full details Examp...

Страница 253: ...and Presence Server for this domain and will accept registration requests for any SIP endpoints attempting to register with an alias that includes this domain The domain name can comprise multiple le...

Страница 254: ...XML format to the specified URL Up to 15 expressions may be registered for each of 3 feedback IDs ID 1 3 The ID of this particular feedback request URL r S 1 256 The URL to which notifications are to...

Страница 255: ...to which this link will be applied Node2 S 1 50 Specifies the second zone or subzone to which this link will be applied Pipe1 S 1 50 Specifies the first pipe to be associated with this link Pipe2 S 1...

Страница 256: ...from which to simulate the search request Choose from the Default Zone an unknown remote system the Local Zone a locally registered endpoint or any other configured neighbor traversal client or trave...

Страница 257: ...ximum bandwidth in kbps available at any one time on the pipe Default 500000 PerCallMode Unlimited Limited NoBandwidth Determines whether or not this pipe is limiting the bandwidth of individual calls...

Страница 258: ...es the IP address of the gateway for this route Interface Auto LAN1 LAN2 Specifies the LAN interface to use for this route Auto the VCS will select the most appropriate interface to use Default Auto E...

Страница 259: ...select this route e g INVITE SUBSCRIBE RequestLinePattern r S 0 128 Regular expression to match against the SIP request line HeaderName r S 0 64 Name of SIP header field to match e g Event HeaderPatt...

Страница 260: ...vailable No calls can be made to from or within this subzone Default Unlimited Total 1 100000000 Sets the total bandwidth limit in kbps of this subzone applies only if the mode is set to Limited Defau...

Страница 261: ...membership rule Type r Subnet AliasPatternMatch The type of address that applies to this rule Subnet assigns the device if its IP address falls within the configured IP address subnet Alias Pattern M...

Страница 262: ...ppends the replace string to the alias Default Strip Replace S 0 60 The text string to use in conjunction with the selected Pattern behavior Priority 1 65534 Assigns a priority to the specified transf...

Страница 263: ...Example xCommand WarningLower WarningID ab3d63f6 c0bb 4a9c a121 e683abfedff0 WarningRaise Raises a warning Note this command is intended for developer use only WarningID r S 36 36 The warning ID Warni...

Страница 264: ...aintenance Command reference xCommand ZoneDelete Deletes a zone ZoneId r 1 1000 The index of the zone to be deleted Example xCommand ZoneDelete ZoneId 2 ZoneList A diagnostic tool that returns the lis...

Страница 265: ...us element returns information about one or more sub elements The following pages list all the xStatus commands currently available on the VCS and the information that is returned by each To obtain in...

Страница 266: ...ommand reference xStatus Alternates Peer 1 6 Hidden for Peer n when Peer n is self Status Active Failed Unknown Cause Visible if status is Failed No response from gatekeeper DNS resolution failed Inva...

Страница 267: ...traversal Appendices Applications Maintenance Command reference xStatus Subscriptions Subscribers Count 0 n Max 0 n Subscriber 1 2500 URI S 1 255 Subscription Count 1 100 Count 1 2500 Max 1 2500 Expi...

Страница 268: ...Subscription successful Subscription error response Failed Notification received Active Registration State Registered Not Registered Presence OCS Machine State Offline Available Undefined User State U...

Страница 269: ...323Id Value S 1 60 SIP visible if Protocol SIP Address IPv4Addr IPv6Addr 1 65534 Transport UDP TCP TLS undefined Aliases Alias 1 50 Type URL Value S 1 60 EncryptionType None DES AES 128 CheckCode S 1...

Страница 270: ...Command reference xStatus Bandwidth Requested 0 100000000 kbps Allocated 0 100000000 kbps Route Zone Link S 1 50 Node name 0 150 entries Media visible if MediaRouted True Channels Channel 1 n Type AU...

Страница 271: ...from external manager Failed to register to external manager DNS resolution failed Address IPv4Addr IPv6Addr Protocol HTTP URL S 0 255 Feedback 1 3 Status On Off URL S 1 255 Expression S 1 127 0 15 en...

Страница 272: ...tenance Command reference xStatus Assent CallSignaling Status Active Inactive Failed IPv4 Visible if Status Active Address IPv4Addr 1 2 entries IPv6 Visible if Status Active Address IPv6Addr 1 2 entri...

Страница 273: ...e LDAP server certificate is signed by a CA and that CA is included on the CA certificate installed on the VCS Failed to authenticate with LDAP server A valid CA certificate for the LDAP database has...

Страница 274: ...1 128 Pipes Pipe 1 1000 Name S 1 50 Pipe name Bandwidth LocalUsage 0 100000000 ClusterUsage 0 100000000 Calls Call 0 900 0 900 entries CallID S 1 255 Registrations Registration 1 3750 Protocol H323 SI...

Страница 275: ...s IPv4Addr IPv6Addr 1 65534 Apparent IPv4Addr IPv6Addr 1 65534 Prefix S 1 20 0 50 entries Aliases Alias 1 50 Type E164 H323Id URL Email GW Prefix MCU Prefix Prefix Suffix IPAddress Origin Endpoint LDA...

Страница 276: ...traversal Appendices Applications Maintenance Command reference xStatus TURN Relays Current 0 1400 Max 0 1400 Total 0 4294967295 SIP Ethernet 1 2 IPv4 UDP Status Active Inactive Failed Address IPv4Add...

Страница 277: ...time Time in seconds SystemTime Time not set date time TimeZone GMT or one of 300 other timezones LocalTime local date time Software Version X5 1 Build Number Uncontrolled Name Release ReleaseDate Dat...

Страница 278: ...aintenance Command reference xStatus TURN Server Status Active Inactive Interface 1 2 Address IPv4Addr IPv6Addr Relays Count 0 1400 Relay 1 1400 Address IPv4Addr IPv6Addr Client Address IPv4Addr IPv6A...

Страница 279: ...pplications Maintenance Command reference xStatus Received Requests Total 0 65535 Allocate 0 65535 Refresh 0 65535 Permission 0 65535 ChannelBind 0 65535 Sent Responses Total 0 65535 Allocate 0 65535...

Страница 280: ...535 NoPermission 0 65535 InvalidType 0 65535 FilterFailure 0 65535 Warnings Warning 1 n ID S 36 36 Reason S 0 255 State Acknowledged Unacknowledged Zones DefaultZone Name DefaultZone Bandwidth LocalUs...

Страница 281: ...e TraversalSubZone Bandwidth LocalUsage 0 100000000 ClusterUsage 0 100000000 Calls Section visible only if there are calls Call 0 900 0 900 entries CallId S 1 255 ClusterSubZone Name ClusterSubZone Ba...

Страница 282: ...Peer 1 6 H323 Visible if H323 Mode On for Zone Status Unknown Active Failed Cause Visible if Status is Failed No response from gatekeeper DNS resolution failed Invalid IP address Address IPv4Addr IPv6...

Страница 283: ...iled Cause Visible if Status is Failed No response from neighbor DNS resolution failed Address IPv4Addr IPv6Addr One Address line per address from DNS lookup Port 1 65534 LastStatusChange Time not set...

Страница 284: ...as been temporarily disabled because an upgrade is in progress Wait until the upgrade has completed Cluster replication error cannot find master or this peer s configuration file manual synchronizatio...

Страница 285: ...ount security mode Configure login account LDAP server HTTPS client certificate checking client certificate checking mode has changed however a restart is required for this to take effect Restart the...

Страница 286: ...more administrators has a password that does not meet strictness requirements View and edit administrator accounts Security alert the admin user has the default password set Change the admin password...

Страница 287: ...9 12 Traversal Using Relays around NAT TURN Relay Extensions to Session Traversal Utilities for NAT STUN http tools ietf org html draft ietf behave turn 16 13 RFC 4787 Network Address Translation NAT...

Страница 288: ...0 TANDBERG Deployment Guide Authenticating VCS accounts using LDAP document number D14526 www tandberg com support documentation php 31 TANDBERG Deployment Guide VCS and ENUM dialing document number D...

Страница 289: ...face or CPL script that determine the action s to be applied to calls matching a given criteria Also referred to as Administrator Policy CLI Command line interface A text based user interface used to...

Страница 290: ...ng FQDN Fully Qualified Domain Name A domain name that specifies the node s position in the DNS tree absolutely uniquely identifying the system or device Note that in order to use FQDNs instead of IP...

Страница 291: ...ll endpoints and other systems registered to all peers in that cluster LRQ Location Request A RAS query between gatekeepers to determine the location of an endpoint MCU Multipoint Control Unit A netwo...

Страница 292: ...SIP endpoints it does not participate in the call after it is set up QoS Quality of Service Mechanisms that give a network administrator the ability to provide different priorities to an applications...

Страница 293: ...where both signaling and media are routed through the local VCS See the What are traversal calls section for more information Traversal client A traversal entity on the private side of a firewall Exam...

Страница 294: ...l Zone Zones are used on the VCS to define and configure connections to locally registered and external systems and endpoints The Local Zone refers to all the locally registered endpoints and systems...

Страница 295: ...atent and other intellectual property rights of various jurisdictions This product is Copyright 2010 Tandberg Telecom AS All rights reserved This product includes copyrighted software licensed from ot...

Страница 296: ...2 Avenue of the Americas 24th Floor New York NY 10036 Telephone 1 212 692 6500 Fax 1 212 692 6501 Video 1 212 692 6535 Email tandberg tandberg com TANDBERG VIDEO COMMUNICATION SERVER ADMINISTRATOR GUI...

Отзывы:

Нет отзывов

Похожие инструкции для D14049.04

IBM BladeCenter S Installation And User Manual preview
BladeCenter S
Бренд: IBM Страницы: 84
IBM 9008-22L Manual preview
9008-22L
Бренд: IBM Страницы: 110
ACTi ACD-2200 Quick Installation Manual preview
ACD-2200
Бренд: ACTi Страницы: 15
TYAN Transport GT26-B4987 Service Manual preview
Transport GT26-B4987
Бренд: TYAN Страницы: 125
Supero SUPERSERVER 5015M-MF User Manual preview
SUPERSERVER 5015M-MF
Бренд: Supero Страницы: 120
TRENDnet TS-U100 - NAS Server - USB User Manual preview
TS-U100 - NAS Server - USB
Бренд: TRENDnet Страницы: 47
Supermicro SUPERSERVER 5028TK-HTR User Manual preview
SUPERSERVER 5028TK-HTR
Бренд: Supermicro Страницы: 138
BITMAIN T19 Hydro Server Installation Manual preview
T19 Hydro Server
Бренд: BITMAIN Страницы: 17
Dataton WATCHPAX 60 User Manual preview
WATCHPAX 60
Бренд: Dataton Страницы: 37
Red Hat DIRECTORY SERVER 8.0 Installation Manual preview
DIRECTORY SERVER 8.0
Бренд: Red Hat Страницы: 128
ADLINK Technology cPCI-6510 Series User Manual preview
cPCI-6510 Series
Бренд: ADLINK Technology Страницы: 112
evertz IXG CloudBridge User Manual preview
IXG CloudBridge
Бренд: evertz Страницы: 52
Supero A+ SERVER 2022TG-HIBQRF User Manual preview
A+ SERVER 2022TG-HIBQRF
Бренд: Supero Страницы: 107
IBM 4252E1U Datasheet preview
4252E1U
Бренд: IBM Страницы: 2
SAFARI RM-126X Installation Manual preview
RM-126X
Бренд: SAFARI Страницы: 28
Lantronix I/O 2100 User Manual preview
I/O 2100
Бренд: Lantronix Страницы: 190
Mackie MDR 24/96 Service Manual preview
MDR 24/96
Бренд: Mackie Страницы: 30
exemys SSE232-1C0-00-IA3-IS User Manual preview
SSE232-1C0-00-IA3-IS
Бренд: exemys Страницы: 39

Бренды по названию

Популярные бренды

Загрузить еще бренды