Page 1 Microsoft® Lync™ Server Survivable Branch Appliance Mediant™ 1000B SBA SBA Installation and Maintenance Manual Mediant 1000B SBA for Microsoft Lync Server Version 6.8 April 2016 Document #: LTRT- 40111...
Page 3: Table Of Contents
Installation & Maintenance Manual Contents Table of Contents Introduction ....................... 15 Verifying Package Contents ................19 Hardware Description ..................... 21 Front Panel ......................23 Rear Panel ......................25 OSN Platform ..................... 27 OSN3B and OSN4 Modules ................. 28 5.1.1 Ports Description .....................28 5.1.2 OSN3B/OSN4 Gigabit Ethernet Cable Connector Pinouts ........29 5.1.3...
Page 4 Mediant 1000B SBA 10.1.2 Initially Connecting to the SBA Using the External NIC ..........76 11 Installing and Configuring the SBA ..............79 11.1 Step 1: Define IP Settings..................81 11.2 Step 2: Change Computer Name................85 11.3 Step 3: Change Admin Password ................. 88 11.4 Step 4: Set Date and Time ...................
Page 5 Installation & Maintenance Manual Contents 16 Configuring Secure Real-Time Transport Protocol ........163 17 Configuring Voice Coders (with Silence Suppression) ....... 165 18 Configuring Comfort Noise and Gain Control ..........167 19 Configuring Early Media ................. 169 20 Configuring FXS Ports and PSTN Trunks ............. 173 20.1 Enabling FXS Ports and PSTN Trunks ...............
Page 6 Mediant 1000B SBA 30.3 Upgrading or Recovering with Online Monitoring using EMS ......222 30.4 Acquiring an IP Address ..................227 Appendices ......................233 A SBA Security Default Template ..............235 Server Roles....................... 235 Client Features ....................237 Administration and Other Options ............... 238 Services ......................
Page 7 Figure 6-8: RJ-48c Connector Pinouts for E1/T1 ...................46 Figure 6-9: Cabling (Ports 1 and 2) PSTN Fallback ................47 Figure 7-1: Connecting Mediant 1000B SBA LAN Port on CRMX Module (Front Panel) ......49 Figure 7-2: Login Screen ........................49 Figure 7-3: IP Settings Screen .......................50 Figure 7-4: Maintenance Actions: Reset Gateway .................50...
Page 8 Mediant 1000B SBA Figure 11-1: Setup Tab Displaying Tasks ....................80 Figure 11-2: Set IP Configuration Page ....................81 Figure 11-3: OSN3 SBA Server ......................82 Figure 11-4: OSN3B SBA Server ......................82 Figure 11-5: IP Settings – Login Again ....................83 Figure 11-6: IP Settings - Complete .......................84 Figure 11-7: Change Computer Name Screen..................85...
Page 9 Installation & Maintenance Manual Contents Figure 11-60: Lync Test Call Screen ....................119 Figure 11-61: Lync Test Call – Logged Call Test Result ..............119 Figure 11-62: Lync Test Call Completed Successfully .................120 Figure 11-63: Apply Security-No Policy ....................121 Figure 11-64: Confirmation-Security Policy Setup Skipped ..............122 Figure 11-65: Apply Security Policy- Use Default Template ..............123 Figure 11-66: System Logout-Default Security Template Applied ............124 Figure 11-67: System Logout-Security Template .................124...
Page 10 Figure 30-12: GoreCover ........................226 Figure 30-13: Logged Messages ......................226 Figure 30-14: Connecting Mediant 1000B SBA LAN Port on CRMX Module (Front Panel) ....227 Figure 30-15: Connecting to LAN Port on OSN3B and OSN4 Module (Rear Panel View) ....228 Figure 30-16: Connecting to LAN Port on OSN3 Module (Rear Panel View) ........228 Figure 30-17: Cabling OSN3B/OSN4 to PC for Serial Communication ..........229...
Page 11 Table A-4: Services ..........................239 Table A-5: Firewall Rules ........................258 Table A-6: SBA Network Firewall Setting .....................276 Table D-1: Mediant 1000B SBA Rear-Panel Description ..............291 Table D-2: Mediant 1000B SBA HDD Type RAID 1 Compatibility Table ..........292 Version 6.8 Microsoft Lync Server...
Page 12 Mediant 1000B SBA This page is left intentionally blank. Installation & Maintenance Manual Document #: LTRT-40111...
Page 13: Customer Support
Customer Support Customer technical support and services are provided by AudioCodes or by an authorized AudioCodes Service Partner. For more information on how to buy technical support for AudioCodes products and for contact information, please visit our Web site at www.audiocodes.com/support.
Page 14: Related Documentation
Mediant 1000B SBA Related Documentation Manual Name Mediant 1000B SBA Quick Guide Installation & Maintenance Manual Document #: LTRT-40111...
Page 15: Introduction
Survivable Branch Appliance (SBA) application running on AudioCodes Mediant 1000B OSN, located at the remote branch office and deployed in the Microsoft Lync Server 2013 or 2010 environments. The Mediant 1000B SBA includes an OSN Server platform with Windows Server 2008 R2 operating system and Mediation Server software installation (MSI), and a PSTN gateway, all in a single appliance chassis.
Page 16: Figure 1-1: Sba Home Page (Additional Audiocodes Applications Link) New Sba Image
Mediant 1000B SBA Figure 1-1: SBA Home Page (Additional AudioCodes Applications Link) New SBA Image Figure 1-2: SBA Home Page (Additional AudioCodes Applications Link) SBA Upgrade Installation & Maintenance Manual Document #: LTRT-40111...
Page 17: Figure 1-3: Typical Branch Office Deployments
Installation & Maintenance Manual 1. Introduction The figure below illustrates typical SBA branch office deployment scenarios. Figure 1-3: Typical Branch Office Deployments Version 6.8 Microsoft Lync Server...
Page 18: Figure 1-4: Summary Of Steps For Installing And Configuring Sba
Mediant 1000B SBA A summary of the steps required to setup the SBA environment is shown in the figure below: Figure 1-4: Summary of Steps for Installing and Configuring SBA Installation & Maintenance Manual Document #: LTRT-40111...
Page 19: Verifying Package Contents
Installation & Maintenance Manual 2. Verifying Package Contents Verifying Package Contents Ensure that your Mediant 1000B SBA package is shipped with the following items: Four anti-slide bumpers for desktop installation  19-inch rack mounting kit (two flanges and six screws) ...
Page 20 Mediant 1000B SBA This page is left intentionally blank. Installation & Maintenance Manual Document #: LTRT-40111...
Page 21: Hardware Description
Hardware Description This part provides a hardware description overview of the Mediant 1000B SBA device. The Mediant 1000B SBA is resident on the Mediant 1000B Gateway and E-SBC chassis. The chassis's panels are described as follows: Front Panel - see Section on page ...
Page 23: Front Panel
Installation & Maintenance Manual 3. Front Panel Front Panel The Mediant 1000B SBA front panel is shown below and described in the subsequent table. Figure 3-1: Mediant 1000B SBA Front Panel Table 3-1: Front-Panel Description Label/ Component Description Item #...
Page 24 Mediant 1000B SBA Label/ Component Description Item # Module If in the future you need to add such interfaces to your device, you can order this module separately. Power 1 (Optional) Spare Power Supply module slot. The device can provide two extractable power supply units (Power 1 and Power 2).
Page 25: Rear Panel
Installation & Maintenance Manual 4. Rear Panel Rear Panel The Mediant 1000B SBA rear panel is shown below and described in the subsequent table. Figure 4-1: Rear Panel of Mediant 1000B SBC and Gateway Table 4-1: Rear-Panel Description Item #...
Page 26 Mediant 1000B SBA This page is intentionally left blank. Installation & Maintenance Manual Document #: LTRT-40111...
Page 27: Osn Platform
The OSN of the Mediant 1000 SBA-ES is OSN3B (see specifications in the above table and additional details in Section on page 32). The Mediant 1000B SBA-ES type is equipped with a Solid State Drive (SSD) storage. The SSD significantly improves reliability, shortens boot-up time, and increases the mean time between failures (MTBF).
Page 28: Osn3B And Osn4 Modules
Mediant 1000B SBA OSN3B and OSN4 Modules The OSN3B and OSN4 module is part of the OSN3B and OSN4 server platform. This module provides the port connector interfaces and is housed in Slot #2 on the rear panel. 5.1.1 Ports Description The OSN3B and OSN4 module is shown below and described in the subsequent table.
Page 29: Osn3B/Osn4 Gigabit Ethernet Cable Connector Pinouts
Installation & Maintenance Manual 5. OSN Platform 5.1.2 OSN3B/OSN4 Gigabit Ethernet Cable Connector Pinouts The RJ-45 connector pinouts for the Gigabit Ethernet interface are listed in the table below: Table 5-2: RJ-45 Connector Pinouts for Gigabit Ethernet Interface 100Base-Tx 1000Base-T Signal Signal Function...
Page 30 Mediant 1000B SBA Item Color State Description Orange 1000Base-TX connection. Green 100Base-T connection. 10Base-T connection if LED #3 is active. Blue Flashing Module undergoing shutdown sequence when handle is pulled out to first extraction position, or module had been inserted and handle is still in first extraction position Module shutdown sequence complete and the module can be extracted from the chassis slot.
Page 31: Hdmi Type-D Cable Connector Pinouts
Installation & Maintenance Manual 5. OSN Platform 5.1.4 HDMI Type-D Cable Connector Pinouts The HDMI Type-D connector pinouts are described in the table below. Table 5-4: HDMI Type-D Connector Pinouts Signal TMDS Data2+ TMDS Data2 Shield TMDS Data2- TMDS Data1+ TMDS Data1 Shield TMDS Data1- TMDS Data0+...
Page 32: Osn3 Module
Mediant 1000B SBA OSN3 Module The OSN3 module provides the port connector interfaces and is housed in Slot #2 on the Mediant 1000B SBA rear panel. Note: SBA servers with the OSN3 module are no longer available for purchase. However, this document describes the OSN3 platform for customers who have already purchased the SBA with the OSN3 module.
Page 33: Led Description
Installation & Maintenance Manual 5. OSN Platform 5.2.2 LED Description The OSN3 module LEDs are shown in the figure below and described in the subsequent table. Figure 5-4: OSN3 Module LEDs Table 5-6: OSN3 Module LEDs Description Item Label Color State Description Green...
Page 34 Mediant 1000B SBA Item Label Color State Description Blue Flashing Module undergoing shutdown sequence when module pulled out to first extraction position. Module shutdown sequence complete and the module can be extracted from the chassis slot. Module correctly inserted in chassis slot.
Page 35: Osn3 Gigabit Ethernet Cable Connector Pinouts
Installation & Maintenance Manual 5. OSN Platform 5.2.3 OSN3 Gigabit Ethernet Cable Connector Pinouts The RJ-45 connector pinouts for the Gigabit Ethernet interface are described in the table below: Table 5-7: Gigabit Ethernet Interface (RJ-45) Connector Pinouts 100Base-Tx 1000Base-T Signal Signal Function BI_DA+...
Page 36: Hdmx (Hard-Disk Drive) Module
Mediant 1000B SBA HDMX (Hard-Disk Drive) Module The HDMX module provides the hard-disk drive functionality for the OSN platform. This module is housed in Slot #1 on the Mediant 1000B SBA rear panel. Note: • For additional storage capacity per HDMX module, contact your AudioCodes representative.
Page 37: Setting Up The Mediant 1000B Pstn Gateway
Part II Setting up the Mediant 1000B PSTN Gateway This part describes how to cable the Mediant 1000B PSTN gateway and how to connect it to the IP network.
Page 39: Cabling The Mediant 1000B Pstn Gateway
Installation & Maintenance Manual 6. Cabling the Mediant 1000B PSTN Gateway Cabling the Mediant 1000B PSTN Gateway This section describes how to cable the Mediant 1000B PSTN gateway in the branch site: Grounding the Device – see Chapter  Connecting to the LAN – see Chapter ...
Page 40 Mediant 1000B SBA This page is intentionally left blank. Installation & Maintenance Manual Document #: LTRT-40111...
Page 41: Connecting To Lan With Port-Pair Redundancy
Installation & Maintenance Manual 6. Cabling the Mediant 1000B PSTN Gateway Connecting to LAN with Port-Pair Redundancy The LAN ports are provided on the CRMX and SWX LAN Expansion modules. These ports operate in pairs (groups) to provide LAN port 1+1 redundancy, where one port is active, while the other port is standby.
Page 42: Figure 6-4: Connecting To Lan
Mediant 1000B SBA  To connect to the LAN: Connect one end of a straight-through RJ-45 Ethernet Cat 5/5e cable to the active LAN port on the CRMX or SWX module. Figure 6-4: Connecting to LAN Connect the other end of the cable to the LAN.
Page 43: Connecting To Fxs Interfaces
Installation & Maintenance Manual 6. Cabling the Mediant 1000B PSTN Gateway Connecting to FXS Interfaces The procedure below describes how to connect to FXS interfaces such as fax machines, modems, and plain old telephone system (POTS) telephones. Warnings: • Ensure that FXS ports are connected to the appropriate external devices; otherwise, damage to the device may occur.
Page 44: Connecting To Isdn Bri Interfaces
Mediant 1000B SBA Connecting to ISDN BRI Interfaces This section describes how to connect to the ISDN BRI Interfaces. 6.4.1 Connecting to BRI Lines The procedure below describes how to connect to BRI lines. Warning: To protect against electrical shock and fire, use a 26 AWG min wire to connect the BRI ports to the PSTN.
Page 45: Connecting The Pstn Fallback For Bri Lines
Installation & Maintenance Manual 6. Cabling the Mediant 1000B PSTN Gateway 6.4.2 Connecting the PSTN Fallback for BRI Lines The device supports a PSTN Fallback feature for BRI lines, whereby if a power outage or IP connectivity problem (e.g., no ping) occurs, IP calls are re-routed to the PSTN. This guarantees call continuity.
Page 46: Connecting To Isdn E1/T1 Interfaces
Mediant 1000B SBA Connecting to ISDN E1/T1 Interfaces This section describes how to connect to ISDN E1/T1 Interfaces. 6.5.1 Connecting to E1/T1 Trunks The procedure below describes how to connect to E1/T1 trunks. Warning: To protect against electrical shock and fire, use a 26 AWG min wire to connect T1 or E1 ports to the PSTN.
Page 47: Connecting The Pstn Fallback For E1/T1 Trunks
Installation & Maintenance Manual 6. Cabling the Mediant 1000B PSTN Gateway 6.5.2 Connecting the PSTN Fallback for E1/T1 Trunks The device supports a PSTN Fallback feature, whereby upon a power outage or IP connectivity problem (e.g., no ping), IP calls are re-routed to the PSTN. This guarantees call continuity.
Page 48: Connecting To Power
Mediant 1000B SBA Connecting to Power The procedure below describes how to connect the device to the AC power supply. Warning: • Units must be connected (by service personnel) to a socket-outlet with a protective earthing connection. • Use only the AC power cord supplied with the device.
Page 49: Connecting The Pstn Gateway To The Network
(PSTN Gateway). The IP address used for accessing this Web interface must be changed to suit the networking scheme in which your Mediant 1000B SBA is deployed. Before you can configure the PSTN Gateway, you need to first access it with the default VoIP / Management LAN IP address, and configure the port settings.
Page 50: Changing Oamp Interface
Mediant 1000B SBA Log in with the default, case-sensitive user name (“Admin”) and password (“Admin”), and then click OK; the Web interface appears, displaying the Home page. Change your OAMP interface as described in the next chapter. Changing OAMP Interface Once you have accessed your device using the default IP address, you can change your management interface (OAMP) to suit your network environment.
Page 51: Configuring Physical Ethernet Ports
Installation & Maintenance Manual 7. Connecting the PSTN Gateway to the Network Configuring Physical Ethernet Ports The device's physical LAN ports are grouped into pairs (termed Group Members), where each group consists of an active port and a standby port. This provides LAN port redundancy within a group, whereby if an active port is disconnected and the other port is connected the device switches over to the standby port, making it active and the previously active port becomes non-active.
Page 52 Mediant 1000B SBA Parameter Description Mode (Read-only field) Displays the mode of the port: [0] Disable  [1] Enable (default)  Native Vlan Defines the Native VLAN or PVID of the port. Incoming packets without a VLAN ID are tagged with this VLAN. For outgoing packets, if the VLAN ID as defined in the Multiple Interface table is the same as the Native VLAN ID, the device sends the packet without a VLAN;...
Page 53: Preparing Sba At Datacenter
Part III Preparing SBA at DataCenter Prior to installing and configuring the SBA at the branch office you must perform the following at the datacenter (typically, located at headquarters): Add the SBA Device to the Active Directory (AD). See Chapter on page 55.
Page 55: Adding The Sba Device To The Active Directory
Installation & Maintenance Manual 8. Adding the SBA Device to the Active Directory Adding the SBA Device to the Active Directory The procedure below describes how to add the SBA device to the AD.  To add the SBA device to the Active Directory: Add the planned Survivable Branch Appliance device name to the Active Directory Domain Services: Start the Active Directory Users and Computers program (Start >...
Page 56: Figure 8-2: Rtcuniversalreadonlyadmins
Mediant 1000B SBA Figure 8-2: RTCUniversalReadOnlyAdmins Start the ADSI Edit program (Start > Administrative Tools > ADSI Edit). Right-click the Survivable Branch Appliance computer name (that you created in Step 'b' above), and then choose Properties. In the Attributes list, set servicePrincipalName to "HOST/<SBA FQDN>", where SBA FQDN is the FQDN of your Survivable Branch Appliance (e.g.,...
Page 57: Defining The Branch Office Topology Using Topology Builder
Installation & Maintenance Manual 9. Defining the Branch Office Topology using Topology Builder Defining the Branch Office Topology using Topology Builder This section describes how to add the Survivable Branch Appliance to your topology, using Lync Server 2013 Topology Builder. This configuration includes the following main steps: Defining the branch office –...
Page 58: Defining The Branch Office
Mediant 1000B SBA Defining the Branch Office The procedure below describes how to create and define the branch office.  To create branch sites: Start the Lync Server 2013 Topology Builder program: (Start menu > All Programs > Microsoft Lync Server 2013, Lync Server Topology Builder) (Start menu >...
Page 59: Figure 9-2: Menu Path To Topology Builder Program Lync 2010
Installation & Maintenance Manual 9. Defining the Branch Office Topology using Topology Builder Figure 9-2: Menu Path to Topology Builder Program Lync 2010 The Topology Builder opens as shown in the examples below: Figure 9-3: Topology Builder Lync 2013 Version 6.8 Microsoft Lync Server...
Page 60: Figure 9-4: Topology Builder Lync 2010
Mediant 1000B SBA Figure 9-4: Topology Builder Lync 2010 Select the Download Topology from existing deployment option (assuming your Lync Server 2013 or Lync Server 2010 deployment already has a topology), and then click OK; a dialog box opens, prompting you to save the existing topology file.
Page 61: Figure 9-6: Lync Server 2010 Topology Builder
Installation & Maintenance Manual 9. Defining the Branch Office Topology using Topology Builder Figure 9-6: Lync Server 2010 Topology Builder From the Topology Builder console tree, do one of the following: • If you used the Planning tool to design your Enterprise Voice topology, expand the Branch sites node, and then expand the name of the branch site you specified in the tool.
Page 62: Figure 9-8: Specify Site Details
Mediant 1000B SBA In the dialog box, do the following: In the ‘Name’ field, type the name of the branch site. Only this field is required, the other fields are optional. In the ‘Description’ field, type a meaningful description of the branch site.
Page 63: Figure 9-9: New Branch Site Successfully Defined
Installation & Maintenance Manual 9. Defining the Branch Office Topology using Topology Builder In the dialog box, do the following: In the ‘City’ field, type the name of the city in which the branch site is located. In the ‘State/Province’ field, type the name of the state or region in which the branch site is located.
Page 64: Figure 9-11: Select The Front End Pool
Mediant 1000B SBA In the ‘FQDN’ field, type the FQDN of the SBA, and then click Next. Note: The Survivable Branch Appliance FQDN that you configured in the ‘FQDN’ field must be the same as the FQDN that you configured using the ADSI Edit program in Section on page 39.
Page 65: Figure 9-13: Define The Pstn Gateway-Lync 2013
Installation & Maintenance Manual 9. Defining the Branch Office Topology using Topology Builder From the ‘Edge pool’ drop-down list, select the Edge pool to be used with this SBA (optional), and then click Next; the following dialog box example screens appear: Figure 9-13: Define the PSTN Gateway-Lync 2013 Figure 9-14: Define the PSTN Gateway-Lync 2010 Version 6.8...
Page 66 Mediant 1000B SBA Do the following: In the ‘Gateway FQDN or IP Address’ field, type the PSTN Gateway FQDN or IP address on which the Mediation Server component of the SBA is running. This is the IP address as configured for the PSTN Gateway. If you are using FQDN, ensure that your DNS server is configured to resolve the FQDN into this IP address.
Page 67: Publishing The Topology
Installation & Maintenance Manual 9. Defining the Branch Office Topology using Topology Builder Publishing the Topology Once you have defined the Branch Office (as described in the previous section), you need to publish this new topology, as described below.  To publish the topology: Right-click the root of the Lync Server 2013 node, and then choose Publish Topology.
Page 68: Figure 9-17: Publish Wizard Complete
Mediant 1000B SBA Click Next; the following screen appears: Figure 9-17: Publish Wizard Complete Verify that all steps display the 'Success' status, and then click Finish. Installation & Maintenance Manual Document #: LTRT-40111...
Page 69: Setting Up The Sba Management Interface
Part IV Setting up the SBA Management Interface This part describes how to connect to the SBA Management interface, and to install and configure the SBA.
Page 71: Initially Connecting To The Sba Management Interface
Management Interface The SBA Web-based, graphical user interface (GUI) tool is used for installing and configuring the SBA application running on the Mediant 1000B SBA OSN server. Note: The SBA Management Interface is supported from Internet Explorer 9 and later (Compatibility disabled), Firefox, and Google Chrome.
Page 72: Initially Connecting To The Sba Using The Internal Nic
Connect the first Ethernet port on the CRMX module on the front panel of the device directly to the network using a straight-through Ethernet cable. Figure 10-1: Connecting Mediant 1000B SBA LAN Port on CRMX Module (Front Panel) If you wish to monitor the connection process via an HDMI monitor, do the following (otherwise, skip to Step 3): Connect the USB hub into the USB hub port on the OSN3B and OSN4 server.
Page 73: Figure 10-2: Hdmi Connection
Installation & Maintenance Manual 10. Initially Connecting to the SBA Management Interface Figure 10-2: HDMI Connection Determine the NIC used for the Ethernet port, by removing the network cable from the Ethernet port and viewing on the monitor that the NIC (ID) has changed to "Disconnected".
Page 74: Figure 10-4: Cabling Osn3 To Pc For Serial Communication
Mediant 1000B SBA • OSN3: Connect an RJ-45 network cable to the RJ-45 serial port of the OSN3 module ( ), and then connect the other end of the cable to the serial port of your PC. Figure 10-4: Cabling OSN3 to PC for Serial Communication Notes: •...
Page 75: Figure 10-5: Welcome To Sba Screen
Installation & Maintenance Manual 10. Initially Connecting to the SBA Management Interface Open a standard Web browser (Firefox, Google Chrome, or Internet Explorer 9 and later is recommended), and then in the URL address field, enter the IP address that was determined in Step 6 above.
Page 76: Initially Connecting To The Sba Using The External Nic
Mediant 1000B SBA 10.1.2 Initially Connecting to the SBA Using the External NIC When you initially connect to the SBA using the external NIC, the network cable should be connected to Ethernet port 1 on the OSN module. The SBA Management Interface is initially accessed using the pre-configured factory default IP address of the OSN server (192.168.0.20/16).
Page 77: Figure 10-9: Welcome To Sba Screen
Installation & Maintenance Manual 10. Initially Connecting to the SBA Management Interface The Survivable Branch Appliance Management Interface opens: Figure 10-9: Welcome to SBA Screen Log in with the default username ("Administrator") and password ("Pass123"), Select the “Yes, I accept the term and condition” checkbox, and then click Login; the Home screen appears: Figure 10-10: SBA Home Screen Change the default IP address of the SBA Management Interface to suit your network...
Page 78 Mediant 1000B SBA This page is intentionally left blank. Installation & Maintenance Manual Document #: LTRT-40111...
Page 79: Installing And Configuring The Sba
Installation & Maintenance Manual 11. Installing and Configuring the SBA Installing and Configuring the SBA Once you are logged in to the SBA Management Interface, you can start configuring SBA, as described in this section. The SBA configuration is done in the Setup tab. For the configuration to be successful, it is imperative that all Setup options are performed correctly and in sequence (according to their order of appearance in the graphical user interface / GUI): Define IP Settings - See Section...
Page 80: Figure 11-1: Setup Tab Displaying Tasks
Mediant 1000B SBA Figure 11-1: Setup Tab Displaying Tasks In each of the configuration menu screens, the current CPU of the OSN module is displayed in the background. In the Setup pane, a list of all the configurable items is displayed.
Page 81: Step 1: Define Ip Settings
Installation & Maintenance Manual 11. Installing and Configuring the SBA 11.1 Step 1: Define IP Settings The IP Settings option defines the IP address and domain name server (DNS).  To set the IP address and DNS: Select the Setup tab, and then select the 'IP Settings' check box; the following screen is displayed: Figure 11-2: Set IP Configuration Page Clear the 'Enable / Disable NIC' check box for those interfaces that you are not using.
Page 82: Figure 11-3: Osn3 Sba Server
Mediant 1000B SBA The following figure shows an example of the configured Ethernet ports on the OSN3 Windows server. In this example, the disconnected internal NIC is labeled "Local Area Connection", the connected external NIC is labeled "Local Area Connection 2" and the disconnected external NIC is labeled "Local Area Connection 3".
Page 83: Figure 11-5: Ip Settings - Login Again
Installation & Maintenance Manual 11. Installing and Configuring the SBA Figure 11-5: IP Settings – Login Again Click OK. A new login screen appears. Enter the Username, Password and then click Login. Notes: • The system logs in with the new IP address. Every time you change the NIC interface option, click Apply for the change to take •...
Page 84: Figure 11-6: Ip Settings - Complete
Mediant 1000B SBA A green check mark is displayed next to the 'IP Settings' option under the Setup tab, as shown in the figure below. Figure 11-6: IP Settings - Complete Installation & Maintenance Manual Document #: LTRT-40111...
Page 85: Step 2: Change Computer Name
Installation & Maintenance Manual 11. Installing and Configuring the SBA 11.2 Step 2: Change Computer Name The Change Computer Name option defines the computer name of the SBA. Note: This procedure requires you to reboot the SBA server to successfully apply the •...
Page 86: Figure 11-8: Reboot Computer After Computer Name Change
Mediant 1000B SBA Click Apply; the ''Operation Completed Successfully'' message appears on the bottom of the screen. A message also appears to advise that a re-boot is necessary for the setting to take effect: Figure 11-8: Reboot Computer after Computer Name Change Click Reboot;...
Page 87: Figure 11-10: Login Screen
Installation & Maintenance Manual 11. Installing and Configuring the SBA Figure 11-10: Login Screen Enter your username and password and then click Login to log in once again to the SBA Management Interface; the Setup tab appears, displaying a green check mark next to the 'Change Computer Name' option, as shown in the figure below.
Page 88: Step 3: Change Admin Password
Mediant 1000B SBA 11.3 Step 3: Change Admin Password The Change Admin Password option resets the local Administrator password.  To change the Administrator password: Select the Setup tab, and then select the 'Change Admin Password' check box; the following screen is displayed: Figure 11-12: Change Admin Password Screen In the 'Current Password' field, enter the current password.
Page 89: Figure 11-13: Change Admin Password - Applied Changes
Installation & Maintenance Manual 11. Installing and Configuring the SBA Figure 11-13: Change Admin Password – Applied Changes Click Next to proceed to the next setup task; a green check mark appears next to the 'Change Admin Password' option under the Setup tab, as shown in the figure below. Figure 11-14: Change Admin Password –...
Page 90: Step 4: Set Date And Time
Mediant 1000B SBA 11.4 Step 4: Set Date and Time The Set Date and Time option resets the date and time zone.  To set the date and time: Select the Setup tab, and then select the 'Set Date and Time' check box; the following...
Page 91: Figure 11-17: Set Date And Time - Notification Message
Installation & Maintenance Manual 11. Installing and Configuring the SBA From the drop-down list, select the appropriate time zone. Select the Date tab, and then define the date and time. Click Apply; the “Operation Completed Successfully” message appears on the bottom of the screen.
Page 92: Figure 11-19: Set Date And Time - Completed Successfully
Mediant 1000B SBA Figure 11-19: Set Date and Time - Completed Successfully Installation & Maintenance Manual Document #: LTRT-40111...
Page 93: Step 5: Join To A Domain
Installation & Maintenance Manual 11. Installing and Configuring the SBA 11.5 Step 5: Join to a Domain The Join to Domain option enables you to join the SBA application to a domain. Note: This procedure requires you to reboot the SBA server to successfully apply the configuration.
Page 94: Figure 11-22: Join To A Domain - Reboot Message Box
Mediant 1000B SBA In the ‘Domain Name’ field, enter the domain name. In the ‘User’ and ‘Password’ fields, enter the user and password of an account that has permission to join the SBA to the domain as configured in Chapter on page 57.
Page 95: Figure 11-24: Welcome To Sba
Installation & Maintenance Manual 11. Installing and Configuring the SBA When the reboot completes, the Welcome to SBA login screen appears, now displaying a Domain user check box (which is selected by default): Figure 11-24: Welcome to SBA Log in with the Domain user username and password, and then click Login; a green check mark is displayed next to the 'Join to a Domain' option under the Setup tab, as shown in the figure below.
Page 96: Step 6: Device Preparation
Mediant 1000B SBA 11.6 Step 6: Device Preparation The Device Preparation menu option completes the SQL preparation and installs the Lync Server 2013 components. Note: This procedure requires you to reboot the SBA server to successfully apply the configuration. However, if you forget to do so, the server automatically reboots after a session timeout.
Page 97: Figure 11-27: Device Preparation - Started
Installation & Maintenance Manual 11. Installing and Configuring the SBA Figure 11-27: Device Preparation - Started Figure 11-28: Device Preparation – All Components Installed When the installation completes, you are prompted to reboot the SBA server. Version 6.8 Microsoft Lync Server...
Page 98: Figure 11-29: Device Preparation - Reboot Message Box
Mediant 1000B SBA Figure 11-29: Device Preparation – Reboot Message Box Click OK, and then do one of the following: • If all steps have been completed successfully, click Reboot. • If you wish to review some of the steps, refer to the Detailed Log for corrective information, rectify the problem, and then click Apply to install the remaining components.
Page 99: Step 7: Cs Database Installation
Installation & Maintenance Manual 11. Installing and Configuring the SBA 11.7 Step 7: Cs Database Installation The Cs Database installation option installs CsDatabase for Lyss and registrar. Note: This step is not relevant for Microsoft Lync Server 2010 deployments.  To install the CsDatabase: Select the Setup tab, and then select the 'Cs Database installation' check box;...
Page 100: Figure 11-32: Cs Database Installation - Applied Successfully
Mediant 1000B SBA Click Apply; the following screen appears: Figure 11-32: Cs Database Installation – Applied Successfully A green check mark appears next to the 'Cs Database' option under the Setup tab, as shown in the figure below. Figure 11-33: Cs Database–Completed Successfully Installation &...
Page 101: Step 8: Backup
Installation & Maintenance Manual 11. Installing and Configuring the SBA 11.8 Step 8: Backup The Backup option creates a backup copy of the Central Management Server on the SBA server.  To create a backup of the Central Management Server: Select the Setup tab, and then select the 'Backup' check box;...
Page 102: Figure 11-36: Backup - Completed Successfully
Mediant 1000B SBA A green check mark appears next to the 'Backup' option under the Setup tab, as shown in the figure below. Figure 11-36: Backup – Completed Successfully Installation & Maintenance Manual Document #: LTRT-40111...
Page 103: Step 9: Enable Replication
Installation & Maintenance Manual 11. Installing and Configuring the SBA 11.9 Step 9: Enable Replication The 'Enable Replication' option enables the replication process with the Central Management Server. The actual replication is executed after all Lync services have been enabled (after Step 12 has been completed - see Section 11.12 on page 113).
Page 104: Figure 11-39: Enable Replication - Completed Successfully
Mediant 1000B SBA A green check mark appears next to the 'Enable Replication' option under the Setup tab, as shown in the figure below. Figure 11-39: Enable Replication – Completed Successfully Note: The replication status may not immiediately display the status "Up to Date-True or "Up to Date-False.
Page 105: Step 10: Activate Lync
Installation & Maintenance Manual 11. Installing and Configuring the SBA 11.10 Step 10: Activate Lync The Activate Lync option activates the SBA server machine to run a Lync server 2013 service role. Installing the required software does not automatically cause the SBA server machine to adopt a new service role;...
Page 106: Figure 11-42: Activate Lync - Completed Successfully
Mediant 1000B SBA A green check mark appears next to the 'Activate Lync' option under the Setup tab, as shown in the figure below. Figure 11-42: Activate Lync – Completed Successfully Installation & Maintenance Manual Document #: LTRT-40111...
Page 107: Step 11: Lync Certificate
Installation & Maintenance Manual 11. Installing and Configuring the SBA 11.11 Step 11: Lync Certificate The 'Lync Certificate' option installs a certificate from the domain’s certificate authority. This certificate is used to secure the connection between the SBA server and the Central Management Server.
Page 108: Figure 11-44: Request Certificate
Mediant 1000B SBA  To request a new certificate: Select the Request Certificate radio button. Figure 11-44: Request Certificate Requesting a certificate supports Auto-enrollment. Enter all fields. Those fields beginning with a CA prefix are mandatory. The correct Certificate Authority (CA), User and Password must also be supplied.
Page 109: Figure 11-45: Lync Certificate - Detailed Log
Installation & Maintenance Manual 11. Installing and Configuring the SBA Figure 11-45: Lync Certificate – Detailed Log If the CA field is not entered, the system creates an enrollment certificate, which can be downloaded. Figure 11-46: Lync Certificate – Download Enrolled Certificate Version 6.8 Microsoft Lync Server...
Page 110: Figure 11-47: Lync Certificate - Download Enrolled Certificate
Mediant 1000B SBA Click Apply; the following screen appears. Figure 11-47: Lync Certificate – Download Enrolled Certificate Click the Download Enrolled Certificate link; the following screen appears. Figure 11-48: Lync Certificate – File Download Click Save. Once the Enrollment Certificate has been signed, select the Import Certification radio button as shown below and upload the signed certificate to be uploaded by using the Browse and File to Upload fields.
Page 111: Figure 11-49: Lync Certificate - File Upload
Installation & Maintenance Manual 11. Installing and Configuring the SBA Figure 11-49: Lync Certificate – File Upload Click Apply; the following screen appears: Figure 11-50: Lync Certificate – Detail Log Version 6.8 Microsoft Lync Server...
Page 112: Figure 11-51: Lync Certificate - Complete
Mediant 1000B SBA A green check mark appears next to the 'Lync Certificate' option under the Setup tab, as shown in the figure below. Figure 11-51: Lync Certificate – Complete Installation & Maintenance Manual Document #: LTRT-40111...
Page 113: Step 12: Start Lync Services
Installation & Maintenance Manual 11. Installing and Configuring the SBA 11.12 Step 12: Start Lync Services The Start Lync Services option enables you to start a Lync Server 2013 (formerly, termed Communications Server) component that runs as a Windows service. ...
Page 114: Figure 11-54: Start Lync Services - Completed Successfully
Mediant 1000B SBA A green check mark appears next to the 'Start Lync Services' option under the Setup tab, and in the Lync Services information pane all of the Lync Services are shown as "Running" as shown in the figure below.
Page 115: Step 13: Configure Gateway And Test Calls
11.13 Step 13: Configure Gateway and Test Calls The Gateway Configuration option enables you to connect to the Web-based interface of the PSTN Gateway functionality of the Mediant 1000B SBA in order to configure the gateway for testing calls to the PSTN.
Page 116: Figure 11-56: Enabling Telnet
Mediant 1000B SBA Establish a telnet session (enable Telnet on the PSTN Gateway): Open the Telnet/SSH Settings page (Configuration tab > System menu > Management > Telnet/SSH Settings). From the ‘Embedded Telnet Server’ drop-down list, select Enable Unsecured. In the ‘Telnet Server TCP Port’ field, ensure that the port used for Telnet is '23' (default).
Page 117: Figure 11-58: Test Call Succeeded
Installation & Maintenance Manual 11. Installing and Configuring the SBA If the phone does not ring, an error message is displayed and the call test fails. If the phone rings, lift the handset and confirm that you can hear the DTMFs. The following screen appears when you answer the phone: Figure 11-58: Test Call Succeeded Note:...
Page 118: Step 14: Test Lync Calls
Mediant 1000B SBA 11.14 Step 14: Test Lync Calls The Lync Test Call option allows you to test a PSTN call initiated by the Lync Server 2013. 11.14.1 Test Prerequisites Before running the Lync Test Call, the following prerequisites must be met : The gateway call has been successfully tested as described above in Section 11.13...
Page 119: Running The Lync Call Test
Installation & Maintenance Manual 11. Installing and Configuring the SBA 11.14.2 Running the Lync Call Test The procedure for running the Lync test call is described below.  To run the Lync test call: Select the Setup tab, and then select the Lync Test Call option; the Lync Test Call screen is displayed: Figure 11-60: Lync Test Call Screen In the ‘Dial Check Phone Number’...
Page 120: Figure 11-62: Lync Test Call Completed Successfully
Mediant 1000B SBA A green check mark appears next to the 'Lync Test Call' option under the Setup tab, as shown in the figure below. Figure 11-62: Lync Test Call Completed Successfully Installation & Maintenance Manual Document #: LTRT-40111...
Page 121: Step 15: Apply Security
No Policy-use a default hardening setup (no security template is loaded to the SBA  device) as was the case until this release. Use default template-Load an AudioCodes built default security template to the SBA  device. Upload a security template-Load an administrator-defined template to the SBA device.
Page 122: Figure 11-64: Confirmation-Security Policy Setup Skipped
Mediant 1000B SBA Select the 'No Policy-skip action' check box option, and then click Apply; the following screen is displayed: Figure 11-64: Confirmation-Security Policy Setup Skipped Installation & Maintenance Manual Document #: LTRT-40111...
Page 123: Apply Default Security Template
Installation & Maintenance Manual 11. Installing and Configuring the SBA 11.15.2 Apply Default Security Template This procedure describes how to apply the default security template.  To apply the default security template: Select the Setup tab, and then click the Apply Security option; the following screen is displayed: Figure 11-65: Apply Security Policy- Use Default Template Version 6.8...
Page 124: Figure 11-66: System Logout-Default Security Template Applied
Mediant 1000B SBA Select the 'Use default template' check box, and then click Apply; the SBA automatically logs out: Figure 11-66: System Logout-Default Security Template Applied Click OK for the system to log out while running the security template;the following...
Page 125: Figure 11-68: Security Template Successfully Applied
Installation & Maintenance Manual 11. Installing and Configuring the SBA Login and then select the Setup tab. A green check mark appears next to the 'Apply Security' option, as shown in the figure below. Figure 11-68: Security Template Successfully Applied Version 6.8 Microsoft Lync Server...
Page 126: Apply User-Defined Security Template
Mediant 1000B SBA 11.15.3 Apply User-Defined Security Template This procedure describes how to apply a user-defined security template.  To apply a user-defined security template: Select the Setup tab, and then select the 'Apply Security' check box, the following screen is displayed: Figure 11-69: Apply Security Policy- Upload a Security Template Select the 'Upload a security template' check box;...
Page 127: Figure 11-71: System Logout-Custom Security Template Applied
Installation & Maintenance Manual 11. Installing and Configuring the SBA Browse to a custom security template to upload and run, and then click Apply; the SBA automatically logs out: Figure 11-71: System Logout-Custom Security Template Applied Click OK for the system to log out while running security template; the following screen appears: Figure 11-72: System Logout-Security Template After a few minutes the security setup completes, and the SBA login screen appears.
Page 128: Figure 11-73: Custom Security Template Successfully Applied
Mediant 1000B SBA A green check mark appears next to the 'Apply Security' option, as shown in the figure below. Figure 11-73: Custom Security Template Successfully Applied Installation & Maintenance Manual Document #: LTRT-40111...
Page 129: Step 16: (Optional) Remote Control
Installation & Maintenance Manual 11. Installing and Configuring the SBA 11.16 Step 16: (Optional) Remote Control This section describes how to enable or disable the RDP (Remote Desktop Protocol) and the Remote Windows Powershell on the SBA device. Remote Power Shell - The Remote PowerShell is by default enabled. Note that for previous versions (prior to version 1.1.12.0), the Remote PowerShell was by default disabled, and could only be enabled by configuring the parameter 'PSRemoting = Force' in the PowerShell.
Page 130: Figure 11-75: Remote Desktop Disabled And Remote Powershell Enabled
Mediant 1000B SBA The following screen is displayed after disabling the Remote Desktop and enabling the Remote Powershell: Figure 11-75: Remote Desktop Disabled and Remote Powershell Enabled Installation & Maintenance Manual Document #: LTRT-40111...
Page 131: Step 17 (Optional) Snmp Setup
11. Installing and Configuring the SBA 11.17 Step 17 (Optional) SNMP Setup The AudioCodes SBA device can be configured to report SNMP info and traps to an external SNMP Trap Manager, such as the AudioCodes Element Management System (EMS). You can configure the following: Stop and start the SNMP service.
Page 132: Figure 11-77: Snmp Setup-Restart Confirmation
Mediant 1000B SBA The following screen is displayed: Figure 11-77: SNMP Setup-Restart Confirmation Click OK, and then click Restart. The following screen is displayed: Figure 11-78: SNMP Setup after Restart Installation & Maintenance Manual Document #: LTRT-40111...
Page 133: Figure 11-79: Snmp Service Started
Installation & Maintenance Manual 11. Installing and Configuring the SBA If the SNMP service is stopped, the following screen is displayed: Figure 11-79: SNMP Service Started Click Start to start the SNMP service. The following screen is displayed: Figure 11-80: SNMP Service Confirmation Version 6.8 Microsoft Lync Server...
Page 134: Figure 11-81: Snmp Service Is Not Installed
Mediant 1000B SBA If SNMP service is not installed, the following screen is displayed: Figure 11-81: SNMP Service is not Installed Click Install to install the SNMP service; the following screen is displayed: Figure 11-82: SNMP Service Install Confirmation Installation & Maintenance Manual...
Page 135: Figure 11-83: Snmp Setup
Installation & Maintenance Manual 11. Installing and Configuring the SBA Click the Tools tab, and then select the 'SNMP Setup' check box ;the following screen is displayed: Figure 11-83: SNMP Setup Version 6.8 Microsoft Lync Server...
Page 136: Step 18: Completing Sba Setup
Mediant 1000B SBA 11.18 Step 18: Completing SBA Setup Once you have completed all configurations as described in the previous sections, you need to perform the procedure described below to complete the SBA setup.  To complete SBA setup: Log in to the SBA Web wizard (if not logged in already).
Page 137: Figure 11-86: Complete Setup – Completed Successfully
Installation & Maintenance Manual 11. Installing and Configuring the SBA A green check mark appears next to the 'Complete Setup' option under the Setup tab, as shown in the figure below. Figure 11-86: Complete Setup – Completed Successfully Version 6.8 Microsoft Lync Server...
Page 138: Maintaining The Sba
Mediant 1000B SBA 11.19 Maintaining the SBA This chapter describes basic SBA maintenance activities. 11.19.1 Viewing General SBA Status in the Home Page The general operating status of the SBA can be viewed in the Home page. This page displays the following: Central management store location ...
Page 139: Starting And Stopping Sba Services
Installation & Maintenance Manual 11. Installing and Configuring the SBA 11.19.2 Starting and Stopping SBA Services You can stop and start SBA services as described in the procedure below.  To start and stop services: Select the Tools menu tab, and then select the 'Start or Stop Service' check box; the Start and Stop Service page appears: Figure 11-88: Start and Stop Service Page Stop or Start the following services:...
Page 140: Viewing Logged Events
Mediant 1000B SBA 11.19.3 Viewing Logged Events The procedure below describes how to view and handle logged events.  To view and handle logged events: Select the Logs tab; the Logs screen appears displaying logged events: Figure 11-89: Logs Screen Displaying Logged Events To view details of a logged event, select the event.
Page 141: Configuring The Pstn Gateway
Configuring the PSTN Gateway This part provides step-by-step procedures for configuring the PSTN Gateway functionality of the Mediant 1000B SBA located at the branch office. The configuration is done through the embedded Web server (Web interface) of the Mediant 1000B PSTN Gateway.
Page 143: Pstn Gateway Pre-Requirements
Installation & Maintenance Manual 12. PSTN Gateway Pre-Requirements PSTN Gateway Pre-Requirements Before configuring the PSTN Gateway, ensure the following: The PSTN Gateway is running latest GA 6.60A SIP firmware Version.  The PSTN Gateway must be installed with the following Feature Keys: ...
Page 144 Mediant 1000B SBA This page is intentionally left blank. Installation & Maintenance Manual Document #: LTRT-40111...
Page 145: Configuring The Mediation Server With The Pstn Gateway
If you have more than one Mediation Server in the cluster, proxy redundancy functionality can also be configured. If the Mediation Server running on the Mediant 1000B SBA is unavailable (i.e., a SIP 503 is received in response to an INVITE), then the PSTN Gateway re-sends the INVITE to the next Mediation Server (located at the datacenter).
Page 146: Figure 13-2: Proxy Sets Table
Mediation Server located at the datacenter. Index 1: IP address or FQDN of the Mediation Server running on the ♦ Mediant 1000B SBA (configured in Section 15.1.4 on page 154). Index 2: IP address or FQDN of the Mediation Server running at the ♦...
Page 147: Figure 13-3: Reasons For Alternative Routing
Installation & Maintenance Manual 13. Configuring the Mediation Server with the PSTN Gateway When the PSTN Gateway receives a SIP 503 response from the Mediation Server in response to an INVITE, it re-sends the INVITE to the redundant Mediation Server (located at the datacenter).
Page 148 Mediant 1000B SBA This page is intentionally left blank. Installation & Maintenance Manual Document #: LTRT-40111...
Page 149: Restricting Communication To Mediation Server Only
Installation & Maintenance Manual 14. Restricting Communication to Mediation Server Only Restricting Communication to Mediation Server Only The procedure below describes how to restrict IP communication, by allowing communication only between the PSTN Gateway and the Mediation Server. This ensures that the PSTN Gateway accepts and sends SIP calls only from and to the Mediation Server (as required by Microsoft).
Page 150 Mediant 1000B SBA This page is intentionally left blank. Installation & Maintenance Manual Document #: LTRT-40111...
Page 151: Configuring The Sip Transport Type
Installation & Maintenance Manual 15. Configuring the SIP Transport Type Configuring the SIP Transport Type The following SIP transport types can be employed for communication between the PSTN Gateway and the Mediation Server: Transport Layer Security (TLS) – enabled by default (and recommended) - see ...
Page 152: Step 2: Configure The Ntp Server
Mediant 1000B SBA 15.1.2 Step 2: Configure the NTP Server The procedure below describes how to configure the Network Time Protocol (NTP) server. This is important for maintaining the correct time and date on the PSTN Gateway, by synchronizing it with a third-party NTP server. This ensures that the PSTN Gateway has the same date and time as the Certification Authority (CA), discussed later in Section 15.1...
Page 153: Step 3: Configure The Dns Server
Installation & Maintenance Manual 15. Configuring the SIP Transport Type 15.1.3 Step 3: Configure the DNS Server The procedure below describes how to configure the IP address of the Domain Name System (DNS) servers. This is required if the Mediation Server is configured with an FQDN, in which case, the DNS is used to resolve it into an IP address.
Page 154: Step 4: Configure The Gateway Name
Mediant 1000B SBA 15.1.4 Step 4: Configure the Gateway Name The procedure below describes how to configure the host name for the PSTN Gateway. This appears as the URI host name in the SIP From header in INVITE messages sent by the PSTN Gateway to the Mediation Server.
Page 155: Step 5: Configure A Certificate
Open the TLS Contexts page (Configuration tab > VoIP menu > Security > General Security Settings). In the ‘TLS Version’ field, choose the ‘TLS 1.0 only’ from the drop-down list. Use TLS version 1.0 only. AudioCodes recommends implementing only TLS to avoid flaws in SSL Figure 15-5: Configuring TLS version 1.0 Click Submit.
Page 156: Figure 15-6: Certificate Signing Request – Creating Csr
Mediant 1000B SBA Figure 15-6: Certificate Signing Request – Creating CSR Note: The value entered in this field must be identical to the gateway name configured in the Topology Builder for Lync Server 2013 (see Chapter on page 57). Copy the CSR from the line "----BEGIN CERTIFICATE" to "END CERTIFICATE REQUEST----"...
Page 157: Figure 15-8: Request A Certificate
Installation & Maintenance Manual 15. Configuring the SIP Transport Type Figure 15-8: Request a Certificate Page Click advanced certificate request, and then click Next. Figure 15-9: Advanced Certificate Request Page Click Submit a certificate request ..., and then click Next. Version 6.8 Microsoft Lync Server...
Page 158: Figure 15-10: Submit A Certificate Request Or Renewal Request
Mediant 1000B SBA Figure 15-10: Submit a Certificate Request or Renewal Request Page Open the certreq.txt file that you created and saved above, and then copy its contents to the 'Saved Request' field. From the 'Certificate Template' drop-down list, select Web Server.
Page 159: Figure 15-12: Download A Ca Certificate, Certificate Chain, Or Crl
Installation & Maintenance Manual 15. Configuring the SIP Transport Type Figure 15-12: Download a CA Certificate, Certificate Chain, or CRL Page Under the 'Encoding method' group, select the Base 64 option for encoding. Click Download CA certificate. Save the file as certroot.cer to a folder on your computer. In the E-SBC's Web interface, return to the TLS Contexts page and do the following: Scroll down to the Upload certificates files from your computer group, click the Browse button corresponding to the 'Send Device Certificate...' field, navigate...
Page 160: Figure 15-14: Importing Root Certificate Into Trusted Certificates Store
Mediant 1000B SBA Figure 15-14: Importing Root Certificate into Trusted Certificates Store Click OK; the certificate is loaded to the device and listed in the Trusted Certificates store. Reset the E-SBC with a burn to flash for your settings to take effect.
Page 161: Configuring Tcp Transport Type
Installation & Maintenance Manual 15. Configuring the SIP Transport Type 15.2 Configuring TCP Transport Type TCP provides unencrypted SIP signaling between the PSTN Gateway and Mediation Server. The procedure below describes how to configure the SIP TCP transport type. Note: Microsoft does not recommend implementing TCP for the SIP transport type between the PSTN Gateway and the Mediation Server.
Page 162 Mediant 1000B SBA This page is intentionally left blank. Installation & Maintenance Manual Document #: LTRT-40111...
Page 163: Configuring Secure Real-Time Transport Protocol
Installation & Maintenance Manual 16. Configuring Secure Real-Time Transport Protocol Configuring Secure Real-Time Transport Protocol If you configure TLS as the SIP transport type between the PSTN Gateway and Mediation Server, you must enable Secure RTP (SRTP) encryption and set its mode of operation to one of the following (and that which matches the SRTP supported at the Mediation Server): Preferable (default): The PSTN Gateway initiates encrypted calls.
Page 164 Mediant 1000B SBA From the 'Media Security Behavior' drop-down list, select one of the following: • Mandatory: To force Media Security, usually used when the Mediation Server is configured to Encryption "Required". • Preferable-Single media: To prefer Media Security but support RTP as well, usually used when the Mediation Server is configured to Encryption "Optional".
Page 165: Configuring Voice Coders (With Silence Suppression)
Installation & Maintenance Manual 17. Configuring Voice Coders (with Silence Suppression) Configuring Voice Coders (with Silence Suppression) The PSTN Gateway communicates with the Mediation Server using either the G.711 A-law or G.711 µ-law (Mu-Law) voice coder. In addition, silence suppression can be enabled per coder, which is recommended for improving the performance of the Mediation Server.
Page 166 Mediant 1000B SBA This page is intentionally left blank. Installation & Maintenance Manual Document #: LTRT-40111...
Page 167: Configuring Comfort Noise And Gain Control
Installation & Maintenance Manual 18. Configuring Comfort Noise and Gain Control Configuring Comfort Noise and Gain Control The Lync network provides high voice quality by implementing suppression of typing noise during calls and improved generation of “comfort noise,” which reduces hissing and smoothes over the discontinuous flow of audio packets.
Page 168: Figure 18-2: Ip Media Settings
Mediant 1000B SBA Figure 18-2: IP Media Settings Page From the ‘IPMedia Detectors’ drop-down list, select Enable. This parameter requires a PSTN Gateway reset (see Step 8 below). From the ‘Enable AGC’ drop-down list, select Enable. Click Submit to apply your changes.
Page 169: Configuring Early Media
According to Lync requirements, AudioCodes PSTN Gateway must send a SIP 183 with SDP immediately after it receives an INVITE. The RTP packets however, will not be sent until the PSTN Gateway receives an ISDN Progress, Alerting and Progress Indicator or Connect message.
Page 170: Figure 19-2: Sip General Parameters Page (2)
Mediant 1000B SBA From the ‘Forking Handling Mode’ drop-down list, select Sequential handling. The PSTN Gateway opens a voice stream toward the first 18x SIP response that includes an SDP and disregards any 18x response with an SDP received thereafter.
Page 171: Figure 19-3: Advanced Parameters
Installation & Maintenance Manual 19. Configuring Early Media Figure 19-3: Advanced Parameters Page From the ‘Enable Early 183’ drop-down list, select Enable. Click Submit to apply your changes. On the toolbar, click Burn to save the changes to the PSTN gateway flash memory. Version 6.8 Microsoft Lync Server...
Page 172 Mediant 1000B SBA This page is intentionally left blank. Installation & Maintenance Manual Document #: LTRT-40111...
Page 173: Configuring Fxs Ports And Pstn Trunks
Installation & Maintenance Manual 20. Configuring FXS Ports and PSTN Trunks Configuring FXS Ports and PSTN Trunks This section describes how to configure FXS ports and PRI (i.e., E1/T1) or BRI trunks connected to the PSTN Gateway. 20.1 Enabling FXS Ports and PSTN Trunks The procedure below describes how to enable the FXS ports and PSTN trunk (E1/T1) channels of the Enhanced gateway.
Page 174: Configuring The Channel Select Method
Mediant 1000B SBA 20.1.1 Configuring the Channel Select Method Once you have enabled the PSTN trunk and FXS ports, and assigned them to Trunk Groups, you need to configure the method for which IP-to-Tel calls are assigned to channels within each Trunk Group.
Page 175: Configuring Ip-To-Trunk Group Routing
Installation & Maintenance Manual 20. Configuring FXS Ports and PSTN Trunks 20.2 Configuring IP-to-Trunk Group Routing The procedure below describes how to configure an IP-to-Trunk Group routing rule, whereby all calls to +17326521000 and +17326521001 from the Mediation Server need to be route to Trunk Group 1 (the internal FXS ports) all other calls from Mediation server need to be route to Trunk Group 2 (the PRI trunk) ...
Page 176: Configuring The Trunk
Mediant 1000B SBA 20.3 Configuring the Trunk The procedure below describes basic configuration of the physical trunk.  To configure the physical trunk: Open the Trunk Settings page (Configuration tab > VoIP menu > PSTN > Trunk Settings). Figure 20-4: Trunk Settings Page...
Page 177 Installation & Maintenance Manual 20. Configuring FXS Ports and PSTN Trunks Basic trunk configuration: From the ‘Protocol Type’ drop-down list, select the required trunk protocol. Notes: • If the ‘Protocol Type’ field displays 'NONE' (i.e., no protocol type selected) and no other trunks have been configured, after selecting a PRI protocol type, you must reset the PSTN Gateway.
Page 178: Configuring The Tdm Bus
Mediant 1000B SBA 20.4 Configuring the TDM Bus The procedure below describes how to configure the TDM bus of the PSTN Gateway.  To configure the TDM bus: Open the TDM Bus Settings page (Configuration tab > VoIP menu > TDM > TDM Bus Settings).
Page 179: Configuring Normalization Rules For E.164 Format
Installation & Maintenance Manual 21. Configuring Normalization Rules for E.164 Format Configuring Normalization Rules for E.164 Format Lync 2013 implements the standard E.164 format, while the PBX or PSTN implements other number formats for dialing. If the PSTN Gateway is connected to a PBX or directly to the PSTN, the PSTN Gateway may need to perform number manipulations for the called and/or calling number to match the PBX or PSTN dialing rules or to match Lync 2013 E.164 format.
Page 180: Table 21-1: Number Manipulation Parameters Description
Mediant 1000B SBA Click the Action tab, and then configure the manipulation operation. For a description of the parameters, see the table below. Configure manipulation rules as required. Click Submit to apply your changes. On the toolbar, click Burn to save the settings to the PSTN Gateway; the PSTN Gateway resets, saving the settings to flash memory.
Page 181 Installation & Maintenance Manual 21. Configuring Normalization Rules for E.164 Format Parameter Description Source Trunk Group Defines the source Trunk Group ID for Tel-to-IP calls. To denote all Trunk Groups, leave this field empty. Notes: The value -1 indicates that this field is ignored in the rule. ...
Page 182 Mediant 1000B SBA Parameter Description Defines the Numbering Plan Indicator (NPI). [0] Unknown (default)  [9] Private  [1] E.164 Public  [-1] Not Configured = value received from PSTN/IP is used  Notes: This parameter is applicable only to number manipulation tables for ...
Page 183: Number Normalization Examples
Installation & Maintenance Manual 21. Configuring Normalization Rules for E.164 Format 21.1 Number Normalization Examples Two examples are provided below for number normalization. The examples are based on the following assumptions: PBX with prefix (local) number 333  4-digit extension numbers that begin with the digit 1 (i.e., 1xxx) ...
Page 184: Modifying Pbx, Local, And National Calls To E.164 Format For Inbound Calls
Mediant 1000B SBA The configuration of the above scenarios is shown in Figure 21-2. Figure 21-2: Destination Phone Number Manipulation Table for IPTel Calls 21.1.2 Modifying PBX, Local, and National Calls to E.164 Format for Inbound Calls Inbound calls refer to calls received by Lync clients from the PBX / PSTN. Each entry is...
Page 185: Figure 21-3: Destination Phone Number Manipulation Table For TelIp Calls
Installation & Maintenance Manual 21. Configuring Normalization Rules for E.164 Format The configuration of the above scenarios is shown in the figure below: Figure 21-3: Destination Phone Number Manipulation Table for TelIP Calls Version 6.8 Microsoft Lync Server...
Page 186 Mediant 1000B SBA This page is intentionally left blank. Installation & Maintenance Manual Document #: LTRT-40111...
Page 187: Configuring Srtp Behavior Upon Rekey Mode
Installation & Maintenance Manual 22. Configuring SRTP Behavior upon Rekey Mode Configuring SRTP Behavior upon Rekey Mode  To configure the SRTP behavior upon rekey mode: Open the Admin page by appending the case-sensitive suffix ‘AdminPage’ to the SBC’s address your browser's field...
Page 188 Mediant 1000B SBA This page is intentionally left blank. Installation & Maintenance Manual Document #: LTRT-40111...
Page 189: Configuring Fxs Port Transfer Behavior
Installation & Maintenance Manual 23. Configuring FXS Port Transfer Behavior Configuring FXS Port Transfer Behavior Since the Mediation server does not support receiving SIP Refer messages, you must configure the Enhanced gateway FXS port to send INVITE messages (in the event when call transfer is initiated from the FXS port).
Page 190 Mediant 1000B SBA Figure 4-29: IP Media Settings Click Submit. Installation & Maintenance Manual Document #: LTRT-40111...
Page 191: Upgrading The Sba Components
Part VI Upgrading the SBA Components This part describes how to upgrade the SBA components.
Page 193: Upgrading Msft And Cu System Components
Installation & Maintenance Manual 24. Upgrading MSFT and CU System Components Upgrading MSFT and CU System Components This section describes how to update system components using the SBA interface. The following components can be updated: Microsoft system components  CU updates ...
Page 194: Figure 24-2:System Update Screen
Mediant 1000B SBA The System Update screen is displayed: Figure 24-2:System Update Screen The currently installed Microsoft components are listed in the Installed Components pane. In the ‘File to upload’ field, click Browse to select the 'LyncServerUpdateInstaller.exe' file to upload, and then click Apply.
Page 195: Figure 24-4: Login Screen After Automatic Log Out
Installation & Maintenance Manual 24. Upgrading MSFT and CU System Components Wait a few minutes for the update to apply. At the end of the process, the System Logs out automatically and the login screen is displayed: Figure 24-4: Login Screen after Automatic Log Out Enter your login and password details, and if the Terms and Conditions checkbox is displayed, select it and then click Login.
Page 196 Mediant 1000B SBA This page is intentionally left blank. Installation & Maintenance Manual Document #: LTRT-40111...
Page 197: Upgrading The Management Interface
Installation & Maintenance Manual 25. Upgrading the Management Interface Upgrading the Management Interface This section describes how to update the SBA Management Interface.  To update the SBA Management Interface: Login to the SBA Management Interface. Select the Tools tab, and then select the 'System Update' check box. Figure 25-1: Tools System Update Menu Version 6.8 Microsoft Lync Server...
Page 198: Figure 25-2:System Update Screen
Mediant 1000B SBA The System Update screen is displayed: Figure 25-2:System Update Screen In the ‘File to upload’ field, click Browse to select the file to upload and then click Apply; the following screen is displayed: Figure 25-3: System Update Message-SBA Management Interface Version A time-stamp of the time that you commenced the System Update is displayed in the right-hand pane.
Page 199: Figure 25-4: Login Screen After Automatic Log Out
Installation & Maintenance Manual 25. Upgrading the Management Interface Wait a few minutes for the update to apply. At the end of the process, the System Logs out automatically and the login screen is displayed. Figure 25-4: Login Screen after Automatic Log Out In the Login screen, verify that the new SBA version number is displayed.
Page 200 Mediant 1000B SBA This page is intentionally left blank. Installation & Maintenance Manual Document #: LTRT-40111...
Page 201: Upgrading Using The Sba Proconnect
Upgrading using the SBA ProConnect A customer with large SBA deployments might have difficulties updating their SBA manually. Consequently, for better servicing of such deployments, AudioCodes now offers a new application 'SBA ProConnect', which is a Web Management tool for the purposes of easily installing Microsoft Cumulative Updates (CU) and for upgrading Microsoft Lync Server from a central location to the SBA devices.
Page 202 Mediant 1000B SBA This page is intentionally left blank. Installation & Maintenance Manual Document #: LTRT-40111...
Page 203: Upgrading And Recovering The Sba Image
Part VII Upgrading and Recovering the SBA Image This part describes how to upgrade the Survivable Branch Appliance (SBA) software application and how to recover it (in case of failure).
Page 205: Upgrade And Recovery - Introduction
Microsoft Lync Server 2013 environment. Upon a WAN outage, the Mediant 1000B SBA maintains call continuity among Microsoft Lync clients and devices within the branch office, and provides PSTN termination (if implemented) for these clients.
Page 206 Mediant 1000B SBA This page is intentionally left blank. Installation & Maintenance Manual Document #: LTRT-40111...
Page 207: Upgrade And Recovery - Prerequisites
Upgrade and Recovery - Prerequisites Before you can begin the SBA upgrade and recovery, do the following: Ensure that you have received the USB dongle in your SBA kit (from AudioCodes).  Figure 28-1: SBA Upgrade and Recovery USB Dongle Set the location of the SBA image file that you want to burn to the OSN server to one ...
Page 208 Mediant 1000B SBA This page is intentionally left blank. Installation & Maintenance Manual Document #: LTRT-40111...
Page 209: Preparing Sba Upgrade And Recovery
Installation & Maintenance Manual 29. Preparing SBA Upgrade and Recovery Preparing SBA Upgrade and Recovery The RecoveryUtil.ini file is a text-based file that is located in the root directory on the supplied USB dongle. This file contains parameters for defining various options relating to the SBA upgrade and recovery process.
Page 210: Running The Process Immediately Or Upon User Confirmation
Mediant 1000B SBA 29.2 Running the Process Immediately or Upon User Confirmation You can configure the SBA upgrade and recovery to start automatically (immediately) or only upon user confirmation, by using the Automatic parameter. Upon Confirmation: To start the SBA upgrade and recovery only after user ...
Page 211: Creating Disk Partitions
Installation & Maintenance Manual 29. Preparing SBA Upgrade and Recovery 29.4 Creating Disk Partitions You can configure the SBA upgrade and recovery to create disk partitions on the OSN server, using the DiskPartitions parameter. To enable disk partitions (recommended and default): set the DiskPartitions parameter ...
Page 212: Defining Exit Operation Upon Process Completion
Mediant 1000B SBA 29.6 Defining Exit Operation upon Process Completion You can configure the SBA upgrade and recovery to perform a specific operation upon the completion of the process, using the OnExit parameter. Start command prompt: Set the OnExit parameter to 0 to start the command prompt ...
Page 213: Defining Network Parameters
Installation & Maintenance Manual 29. Preparing SBA Upgrade and Recovery 29.7 Defining Network Parameters You can configure the network parameters for the SBA upgrade and recovery process, using the parameters under the [NetworkCardConfiguration] section in the *.ini file. Note: These network settings are used only for communication between the OSN and an FTP server or a local network for downloading the image file, as described in Section 29.9...
Page 214: Defining The Sba Image File Source
Mediant 1000B SBA 29.9 Defining the SBA Image File Source You can configure the source (location) from where the image file can be obtained for the SBA upgrade and recovery process, using the Source parameter: FTP: Set Source to 1, as shown below: ...
Page 215: Defining The Local Network
[LocalNetworkSettings] Path: Defines the network URI:  [LocalNetworkSettings] Path=\\192.168.1.4\images [LocalNetworkSettings] User: Defines the login user name:  [LocalNetworkSettings] User=audiocodes\john.smith [LocalNetworkSettings] Password: Defines the password:  [LocalNetworkSettings] Password=1234 29.9.3 Defining the Disk On Key If the SBA image file is located on the USB dongle (i.e., [ImageSource] Source = 3, as defined in Section 29.9...
Page 216: Defining The Mac Address Prefix
Mediant 1000B SBA 29.10 Defining the MAC Address Prefix You can configure the MAC address (prefix or full address) of the Mediant 1000B for which the SBA upgrade and recovery process can run, using the MacPrefix parameter. This prevents accidental running of the SBA upgrade and recovery on your PC. If not configured, the procedure runs on any system.
Page 217: Sba Upgrade And Recovery
RecoveryLog.txt. This file is located on the USB dongle. Warnings: Before proceeding, note the following: • Contact your AudioCodes representative to verify if there are any required updates to the OSN's BIOS. • Enter the OSN server's BIOS setup and set the highest boot priority to the USB dongle and not the HDMX.
Page 218: Figure 30-1: Plugging Usb Dongle Into Osn3B And Osn4 Usb Port
Mediant 1000B SBA Figure 30-1: Plugging USB Dongle into OSN3B and OSN4 USB Port Figure 30-2: Plugging USB Dongle into OSN3 USB Port Power off and then power on the Mediant 1000B chassis to boot the OSN server from the USB dongle; the SBA upgrade and recovery process begins.
Page 219: Figure 30-3: Osn3 Led Indication For Shut Down
Installation & Maintenance Manual 30. SBA Upgrade and Recovery Figure 30-3: OSN3 LED Indication for Shut Down Note: If you are connecting to an OSN3B and OSN4 module, see Section 5.1.3 on page for more information when monitoring LEDs. Remove the USB dongle from the USB port on the OSN module. Power off and then power on the Mediant 1000B to reboot the OSN server;...
Page 220: Upgrading Or Recovering With Monitoring
Mediant 1000B SBA 30.2 Upgrading or Recovering with Monitoring You can monitor the SBA upgrade and recovery process for the OSN3B and OSN4 server using an HDMI monitor (via the Micro HDMI port). Notes: • This procedure is relevant for the OSN3B and OSN4 server only.
Page 221: Figure 30-5: Online Monitoring Using Hdmi
Installation & Maintenance Manual 30. SBA Upgrade and Recovery HDMI monitor. When the process completes, the following logged messages are displayed on the HDMI monitor: Figure 30-5: Online Monitoring Using HDMI Remove the USB dongle from the USB port on the USB hub. Power off and then power on the Mediant 1000B to reboot the OSN server;...
Page 222: Upgrading Or Recovering With Online Monitoring Using Ems
Mediant 1000B SBA 30.3 Upgrading or Recovering with Online Monitoring using EMS You can monitor the SBA upgrade and recovery process using Emergency Management Services (EMS). EMS is a technology that supports remote management and system recovery for servers that are not accessible through an in-band connection. An in-band...
Page 223: Figure 30-6: Cabling Osn3B Or Osn4 To Pc For Serial Communication
Installation & Maintenance Manual 30. SBA Upgrade and Recovery Figure 30-6: Cabling OSN3B or OSN4 to PC for Serial Communication • OSN3: Connect an RJ-45 cable connector (not supplied) to the RJ-45 serial port of the Mediant 1000B OSN3 ( ), and then connect the other end of the cable to the serial port of your PC.
Page 224: Figure 30-8: Windows Loading Files
Mediant 1000B SBA Plug the USB dongle into the USB port on the OSN module (see Figure 30-1 Figure 30-2). Power off and then power on Mediant 1000B to reboot the OSN server; during reboot, from the USB in the terminal window, the following message is displayed: “Windows is loading files…”, as shown in the figure below.
Page 225: Figure 30-10: Sac Initialized
Installation & Maintenance Manual 30. SBA Upgrade and Recovery When the message, “A new channel has been created” is displayed, type the following command: SAC> ch –si 0001 where 0001 is the number of the created channel. Figure 30-10: SAC Initialized The command console starts.
Page 226: Figure 30-12: Gorecover
Mediant 1000B SBA When the X:\windows\system32 prompt appears, type the following command: X:\windows\system32>gorecover Figure 30-12: GoreCover The SBA Recovery and Upgrade process starts and logged messages are displayed in the console. When the procedure completes successfully, the following logged messages are displayed: Figure 30-13: Logged Messages Remove the USB dongle from the USB port on the OSN module.
Page 227: Acquiring An Ip Address
Connect the first Ethernet port on the CRMX module on the front panel of the device directly to the network using a straight-through Ethernet cable. Figure 30-14: Connecting Mediant 1000B SBA LAN Port on CRMX Module (Front Panel) Version 6.8...
Page 228: Figure 30-15: Connecting To Lan Port On Osn3B And Osn4 Module (Rear Panel View)
Mediant 1000B SBA • If you are connecting to the network via an external NIC: OSN3B/OSN4: Using a network cable, connect one of the Ethernet ports (1 ♦ or 2) (labeled ) on the OSN3B/OSN4 module to the network: Figure 30-15: Connecting to LAN Port on OSN3B and OSN4 Module (Rear Panel View)
Page 229: Figure 30-17: Cabling Osn3B/Osn4 To Pc For Serial Communication
Installation & Maintenance Manual 30. SBA Upgrade and Recovery • For connecting to the network via the external NIC: Determine the NIC used for the Ethernet LAN port, by removing the network cable from the Ethernet port and viewing on the monitor that the NIC (ID) has changed to "Disconnected".
Page 230: Figure 30-18: Cabling Osn3 To Pc For Serial Communication
Mediant 1000B SBA Figure 30-18: Cabling OSN3 to PC for Serial Communication Notes: • The OSN3 does not provide a direct monitor connection (Micro HDMI), and therefore, the serial port is used for determining the Ethernet port NIC. • For the Mediant 1000B OSN3B/OSN4 serial interface port (micro-USB) to be operational, you must download a special USB driver from the Internet.
Page 231 Installation & Maintenance Manual 30. SBA Upgrade and Recovery • If you are connecting to the network via the external NIC: Determine the NIC used for the Ethernet port, by removing the network cable from the Ethernet port and viewing in the serial console that the NIC (ID) has changed to "Disconnected".
Page 232: Figure 30-19: Welcome To Sba Screen
Mediant 1000B SBA The Survivable Branch Appliance Management Interface opens: Figure 30-19: Welcome to SBA Screen Log in with the default username ("Administrator") and password ("Pass123"), Select the “Yes, I accept the term and condition” checkbox, and then click Login; the Home...
Page 233: Appendices
Part VIII Appendices...
Page 235: Asba Security Default Template
Installation & Maintenance Manual A. SBA Security Default Template SBA Security Default Template This appendix describes the AudioCodes provided default SBA security template (configured in Section 11.15.2 on page 123). The Microsoft SCW security configuration database utility was used to prepare this template. This utility contains information on the following: Server roles.
Page 236 Mediant 1000B SBA Server Role Description Internet Printing Internet Printing creates a Web site where users can manage print jobs on the server. It also enables users who have Internet Printing Client installed to use a Web browser to connect and print to shared printers on this server by using the Internet Printing Protocol (IPP).
Page 237: Client Features
Installation & Maintenance Manual A. SBA Security Default Template Client Features Servers also act as clients to other servers. Each client feature can be in one the following possible status: Installed and enabled  Installed and disabled  Not installed and disabled ...
Page 238: Administration And Other Options
Mediant 1000B SBA Administration and Other Options Each entry can be in one the following possible statuses: Installed and enabled  Installed and disabled  Not installed and disabled  The following list details only the administration and other options that must be installed and enabled.
Page 239: Services
Installation & Maintenance Manual A. SBA Security Default Template Services The SBA device doesn’t require all of the default services. The services that are not required were disabled. Only the required services are enabled (either automatic or manual). The following list details the services that are enabled during startup – manually or automatically.
Page 240 Mediant 1000B SBA Startup Service Description Default Application Management Processes installation, removal, and enumeration Manual requests for software deployed through the Group Policy. If this service is stopped, users will be unable to install, remove, or enumerate software deployed through the Group Policy. If this service is disabled, any services that explicitly depend on it will fail to start.
Page 241 Installation & Maintenance Manual A. SBA Security Default Template Startup Service Description Default Cluster Service Enables servers to work together as a cluster to keep Automatic server-based applications highly available, regardless of individual component failures. If this service is stopped, clustering will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Page 242 Mediant 1000B SBA Startup Service Description Default DCOM Server Process The DCOMLAUNCH service launches COM and Automatic Launcher DCOM servers in response to object activation requests. If this service is stopped or disabled, programs using COM or DCOM will not function properly.
Page 243 Installation & Maintenance Manual A. SBA Security Default Template Startup Service Description Default Distributed Transaction Coordinates transactions that span multiple resource Automatic Coordinator managers, such as databases, message queues, and file systems. If this service is stopped, these transactions will fail. If this service is disabled, any services that explicitly depend on it will fail to start.
Page 244 Mediant 1000B SBA Startup Service Description Default Function Discovery Provider The FDPHOST service hosts the Function Discovery Manual Host (FD) network discovery providers. These FD providers supply network discovery services for the Simple Services Discovery Protocol (SSDP) and Web Services – Discovery (WS-D) protocol. Stopping...
Page 245 Installation & Maintenance Manual A. SBA Security Default Template Startup Service Description Default IKE and AuthIP IPsec Keying The IKEEXT service hosts the Internet Key Automatic Modules Exchange (IKE) and Authenticated Internet Protocol (AuthIP) keying modules. These keying modules are used for authentication and key exchange in Internet Protocol security (IPsec).
Page 246 Mediant 1000B SBA Startup Service Description Default IP Helper Provides tunnel connectivity using IPv6 transition Automatic technologies (6to4, ISATAP, Port Proxy, and Teredo), and IP-HTTPS. If this service is stopped, the computer will not have the enhanced connectivity benefits that these technologies offer.
Page 247 Installation & Maintenance Manual A. SBA Security Default Template Startup Service Description Default Message Queuing Triggers Provides rule-based monitoring of messages arriving Automatic in a Message Queuing queue and, when the conditions of a rule are satisfied, invokes a COM component or a stand-alone executable program to process the message.
Page 248 Mediant 1000B SBA Startup Service Description Default Network Connections Manages objects in the Network and Dial-Up Manual Connections folder, in which you can view both local area network and remote connections. Network List Service Identifies the networks to which the computer has...
Page 249 Installation & Maintenance Manual A. SBA Security Default Template Startup Service Description Default Performance Logs & Alerts Performance logs and alerts collect performance Manual data from local or remote computers based on pre- configured schedule parameters, then writes the data to a log or triggers an alert.
Page 250 Mediant 1000B SBA Startup Service Description Default Remote Desktop Configuration Remote Desktop Configuration service (RDCS) is Automatic responsible for all Remote Desktop Services and Remote Desktop related configuration and session maintenance activities that require SYSTEM context. These include per-session temporary folders, RD themes, and RD certificates.
Page 251 Installation & Maintenance Manual A. SBA Security Default Template Startup Service Description Default Remote Registry Enables remote users to modify registry settings on Automatic this computer. If this service is stopped, the registry can be modified only by users on this computer. If this service is disabled, any services that explicitly depend on it will fail to start.
Page 252 Mediant 1000B SBA Startup Service Description Default Smart Card Manages access to smart cards read by this Automatic computer. If this service is stopped, this computer will be unable to read smart cards. If this service is disabled, any services that explicitly depend on it will fail to start.
Page 253 Installation & Maintenance Manual A. SBA Security Default Template Startup Service Description Default Task Scheduler Enables a user to configure and schedule automated Automatic tasks on this computer. The service also hosts multiple Windows system-critical tasks. If this service is stopped or disabled, these tasks will not be run at their scheduled times.
Page 254 Mediant 1000B SBA Startup Service Description Default Web Client Enables Windows-based programs to create, access, Automatic and modify Internet-based files. If this service is stopped, these functions will not be available. If this service is disabled, any services that explicitly depend on it will fail to start.
Page 255 Installation & Maintenance Manual A. SBA Security Default Template Startup Service Description Default Windows Font Cache Service Optimizes performance of applications by caching Automatic commonly used font data. Applications will start this service if it is not already running. It can be disabled, though doing so will degrade application performance.
Page 256 Mediant 1000B SBA Startup Service Description Default Windows Remote Management Windows Remote Management (WinRM) service Automatic (WS-Management) implements the WS-Management protocol for remote management. WS-Management is a standard web services protocol used for remote software and hardware management. The WinRM service listens on the network for WS-Management requests and processes them.
Page 257 Installation & Maintenance Manual A. SBA Security Default Template Startup Service Description Default WinHTTP Web Proxy Auto- WinHTTP implements the client HTTP stack and Manual Discovery Service provides developers with a Win32 API and COM Automation component for sending HTTP requests and receiving responses.
Page 258: Windows Update Policy
Mediant 1000B SBA Windows Update Policy Note the following in reference to Windows Update Policy: AudioCodes is obligated to test and approve all SBA Cumulative Updates (CU) within  1 month of Microsoft releasing them. AudioCodes ships all SBAs with the Windows Update service disabled as default ...
Page 259 Installation & Maintenance Manual A. SBA Security Default Template Protocol Program/ Remote Firewall Rule Description Direction Local Ports Keyword Service Ports Allow inbound Inbound RtcSrv connections for service: RtcSrv for protocol: TCP Core Networking - Allows DHCP Inbound dhcp Dynamic Host (Dynamic Configuration Host...
Page 260 Mediant 1000B SBA Protocol Program/ Remote Firewall Rule Description Direction Local Ports Keyword Service Ports Core Networking - Outbound Outboun lsass.exe Group Policy rule to allow (LSASS-Out) remote LSASS traffic Description: . for Group Group: Core Policy Networking updates Protocol Keyword:...
Page 261 Installation & Maintenance Manual A. SBA Security Default Template Protocol Program/ Remote Firewall Rule Description Direction Local Ports Keyword Service Ports Core Networking - Destination ICMP_V Inbound Destination Unreachable Unreachable error (ICMPv6-In) messages are sent from any node that a packet traverses which is unable to...
Page 262 Mediant 1000B SBA Protocol Program/ Remote Firewall Rule Description Direction Local Ports Keyword Service Ports Core Networking - An IPv6 ICMP_V Inbound Multicast Listener multicast- Query (ICMPv6-In) capable router uses the Multicast Listener Query message to query a link for multicast...
Page 263 Installation & Maintenance Manual A. SBA Security Default Template Protocol Program/ Remote Firewall Rule Description Direction Local Ports Keyword Service Ports Core Networking - Multicast ICMP_V Inbound Multicast Listener Listener Report v2 (ICMPv6- Report v2 message is used by a listening node to either immediately...
Page 264 Mediant 1000B SBA Protocol Program/ Remote Firewall Rule Description Direction Local Ports Keyword Service Ports Core Networking - Neighbor ICMP_V Outboun Neighbor Discovery Discovery Advertisement Advertisemen (ICMPv6-Out) t messages are sent by nodes to notify other nodes of link- layer address...
Page 265 Installation & Maintenance Manual A. SBA Security Default Template Protocol Program/ Remote Firewall Rule Description Direction Local Ports Keyword Service Ports Core Networking - Parameter ICMP_V Outboun Parameter Problem Problem error (ICMPv6-Out) messages are sent by nodes as a result of incorrectly generated packets...
Page 266 Mediant 1000B SBA Protocol Program/ Remote Firewall Rule Description Direction Local Ports Keyword Service Ports Core Networking - Router ICMP_V Outboun Router Advertisemen Advertisement t messages (ICMPv6-Out) are sent by routers to other nodes for stateless auto- configuration. Core Networking -...
Page 267 Installation & Maintenance Manual A. SBA Security Default Template Protocol Program/ Remote Firewall Rule Description Direction Local Ports Keyword Service Ports Core Networking - IGMP IGMP Inbound Internet Group messages Management are sent and Protocol (IGMP-In) received by nodes to create, join and depart multicast...
Page 268 Mediant 1000B SBA Protocol Program/ Remote Firewall Rule Description Direction Local Ports Keyword Service Ports Core Networking - Outbound IPV6 Outboun IPv6 (IPv6-Out) rule required to permit IPv6 traffic for ISATAP (Intra-Site Automatic Tunnel Addressing Protocol) and 6to4 tunneling services...
Page 269 Installation & Maintenance Manual A. SBA Security Default Template Protocol Program/ Remote Firewall Rule Description Direction Local Ports Keyword Service Ports File and Printer Echo ICMP_V Inbound Sharing (Echo Request Request - ICMPv4- messages are sent as ping requests to other nodes File and Printer Echo...
Page 270 Mediant 1000B SBA Protocol Program/ Remote Firewall Rule Description Direction Local Ports Keyword Service Ports File and Printer Outbound Outboun Sharing (NB- rule for File Datagram-Out) and Printer Sharing to allow NetBIOS Datagram transmission reception. [UDP 138] File and Printer...
Page 271 Installation & Maintenance Manual A. SBA Security Default Template Protocol Program/ Remote Firewall Rule Description Direction Local Ports Keyword Service Ports File and Printer Inbound rule Inbound Sharing (SMB-In) for File and Printer Sharing to allow Server Message Block transmission and reception via Named Pipes.
Page 272 Mediant 1000B SBA Protocol Program/ Remote Firewall Rule Description Direction Local Ports Keyword Service Ports Message Queuing Message Outboun Mqsvc.exe Queuing Message Queuing Message Inbound Queuing Message Queuing Message Outboun Queuing Netlogon Service Inbound rule Inbound (NP-In) for the NetLogon...
Page 273 Installation & Maintenance Manual A. SBA Security Default Template Protocol Program/ Remote Firewall Rule Description Direction Local Ports Keyword Service Ports Remote Event Log Inbound rule Inbound DynamicRPC Management (RPC) for the local Event Log service to be remotely managed via RPC/TCP.
Page 274 Mediant 1000B SBA Protocol Program/ Remote Firewall Rule Description Direction Local Ports Keyword Service Ports SCW remote access Allow Inbound scshost RPCEndPoint firewall rule - inbound Mapper Scshost - End Point access for RPC Mapper scshost using end point RPC mapper...
Page 275 Installation & Maintenance Manual A. SBA Security Default Template Protocol Program/ Remote Firewall Rule Description Direction Local Ports Keyword Service Ports Windows An inbound Inbound nettcpactiva Communication rule for Foundation Net.TCP Windows Listener Adapter Communicati (TCP-In) Foundation to allow TCP traffic to the Net.TCP Listener...
Page 276: Sba Network Firewall Settings
Mediant 1000B SBA A.6.2 SBA Network Firewall Settings The table below describes the various network firewall settings that are required for connections between the different components in the SBA network. Table A-6: SBA Network Firewall Setting Destination Source Destination Transport...
Page 277 Installation & Maintenance Manual A. SBA Security Default Template Destination Source Destination Transport Protocol Notes port Front End 5090 SIP/MTLS WinFabFederationPort Servers Front End 5091 SIP/MTLS WinFabLeaseAgentPort Servers Front End WinFabClientConnectionP 5092 SIP/MTLS Servers Front End 5093 SIP/MTLS WinFabIPCPort Servers Front End 5094 SIP/MTLS...
Page 278 Mediant 1000B SBA This page is intentionally left blank. Installation & Maintenance Manual Document #: LTRT-40111...
Page 279: B Running Anti-Virus Software
Installation & Maintenance Manual B. Running Anti-Virus Software Running Anti-Virus Software When Anti-Virus software is run on SBA components, ensure that the Antivirus file scanning exclusions are based on the following Microsoft recommendations: SBA 2010: https://technet.microsoft.com/en-us/library/gg195736.aspx  SBA 2013: https://technet.microsoft.com/en- ...
Page 280 Mediant 1000B SBA This page is intentionally left blank. Installation & Maintenance Manual Document #: LTRT-40111...
Page 281: C Upgrading Hardware
Microsoft Lync Server Std 2010 64Bit EMB. Cable mini HDMI to HDMI 1.5m for monitor connections.  Cable micro USB to USB 1.5m for serial connections.  If any items are missing or damaged, contact your AudioCodes sales representative. Version 6.8 Microsoft Lync Server...
Page 282: Upgrading Enhanced Gateway To Sba
R1/R2 and Mediant 1000B Enhanced Gateway to a Mediant 1000B Survivable Branch Appliance (SBA). Note: You can upgrade to either the Mediant 1000B SBA-ES SBA or to the Mediant 1000B SBA-EO SBA. For more information, see Chapter on page or contact your AudioCodes sales representative.
Page 283: Figure C-2: Installing Osn Module
Installation & Maintenance Manual C. Upgrading Hardware Install the OSN module: Remove the blank-panel slot cover from Slot 2, by gently pulling on the handle of the module until it slides out of the slot. Hold the OSN module in the correct orientation, as shown in the figure below, and gently insert the module into the slot, sliding it along the slot's guide rails until it makes contact with the card-edge connector located on the backplane.
Page 284: Upgrading The Hard Drive To An Ssd
Mediant 1000B SBA Upgrading the Hard Drive to an SSD This section describes how to upgrade your OSN mechanical hard disk drive (HDD) to a Solid State Drive (SSD) drive. This involves replacing the HDMX module with an SSD module.
Page 285: Figure C-4: Osn Module Reset
Installation & Maintenance Manual C. Upgrading Hardware On the OSN module, gently pull the module's handle until you hear two click sounds (see figure below), indicating that the handle has been fully pulled out, and then push the handle all the way in again; the module undergoes a reset, indicated by the Hot Swap Blue LED switching off.
Page 286: Upgrading The Osn Platform To M1Kb Sba Es/Eo
To upgrade the OSN platform , order one of the following hardware upgrade kits: M1KB-SBA-ES-OSN-KIT or M1KB-SBA-EO-OSN-KIT. To order one of these kits, contact your AudioCodes sales representative. • The procedure assumes that the upgraded OSN module uses the same FQDN as the replaced OSN module.
Page 287: Figure C-6: Replacing Hdmx Module
Installation & Maintenance Manual C. Upgrading Hardware Insert the new HDMX module into Slot #1: Hold the new HDMX module in the correct orientation, as shown in the figure below, and gently insert the module into the slot, sliding it along the slot's guide rails until it makes contact with the card-edge connector located on the backplane.
Page 288: Figure C-8: Reset Sba Account
Mediant 1000B SBA Reset the SBA account on the Active Directory as shown in the screen example below: Figure C-8: Reset SBA Account Install the SBA application on the OSN platform using the supplied USB Upgrade and Recovery dongle (see Chapter on page 217).
Page 289: Replacing The Osn Module Only (Rma)
Installation & Maintenance Manual C. Upgrading Hardware Replacing the OSN Module Only (RMA) This procedure describes how to replace the OSN module for maintenance purposes (RMA). This procedure is intended for replacing an OSN module of the same type i.e. this is not an upgrade procedure.
Page 290 Mediant 1000B SBA This page is intentionally left blank. Installation & Maintenance Manual Document #: LTRT-40111...
Page 291: D Configuring Raid
Ensure that the storage capacity of both the HDMX disks is identical (e.g., 120 GB).  Slot Assignments for OSN Hard Drives The Mediant 1000B SBA rear panel is displayed in the figure below and described in the subsequent table. Figure D-1: Rear Panel Mediant 1000B SBA...
Page 292: Configuring Raid 1
CPN which ends with ES Configuring RAID 1 The procedure below describes how to configure RAID 1 on the Mediant 1000B SBA. Note: As this is an uptime solution (i.e., it allows you to plan the installation and keep the SBA running using the secondary HDD), if there is a hard disk failure, a complete re- install of the SBA is required.
Page 293: Figure D-3: Computer Management
Installation & Maintenance Manual D. Configuring RAID Figure D-3: Computer Management In the Server Manager, navigate to the Disk Management menu option. Figure D-4: Disk Management Version 6.8 Microsoft Lync Server...
Page 294: Figure D-5: Convert To Dynamic Disk
Mediant 1000B SBA Convert the disks to ‘Dynamic’ by right-clicking Disc 0, and then selecting the Convert to Dynamic Disk menu option. Figure D-5: Convert to Dynamic Disk Installation & Maintenance Manual Document #: LTRT-40111...
Page 295: Figure D-6: Convert To Dynamic Disk Selection
Installation & Maintenance Manual D. Configuring RAID Select one or more basic disks to convert to dynamic disks, and then click OK. Figure D-6: Convert to Dynamic Disk Selection In the Disks to Convert screen, click Convert. Figure D-7: Disks to Convert In the Disk Management screen, click Yes.
Page 296: Figure D-9: Add Mirror
Mediant 1000B SBA Add the Mirror, by right-clicking Partition C, and then select the Add Mirror menu option. Figure D-9: Add Mirror Select a location for a mirror of Disk C, and then click Add Mirror. Figure D-10: Add Mirror Disk 1 Installation &...
Page 297: Figure D-11: Disk Management - Resynching
Installation & Maintenance Manual D. Configuring RAID The ‘Add Mirror’ process appears displaying progress in the Status column. Figure D-11: Disk Management - Resynching When the process has completed, the following screen appears: Figure D-12: Disk Management – End of Process Version 6.8 Microsoft Lync Server...
Page 298 SBA Installation and Maintenance Manual www.audiocodes.com www.audiocodes.com...

AudioCodes Mediant 1000B SBA Installation And Maintenance Manual

1 Introduction

2 Verifying Package Contents

Hardware Description

3 Front Panel

4 Rear Panel

5 OSN Platform

Setting up the Mediant 1000B PSTN Gateway

6 Cabling the Mediant 1000B PSTN Gateway

7 Connecting the PSTN Gateway to the Network

Preparing SBA at Datacenter

8 Adding the SBA Device to the Active Directory

9 Defining the Branch Office Topology Using Topology Builder

Setting up the SBA Management Interface

10 Initially Connecting to the SBA Management Interface

11 Installing and Configuring the SBA

Configuring the PSTN Gateway

12 PSTN Gateway Pre-Requirements

13 Configuring the Mediation Server with the PSTN Gateway

14 Restricting Communication to Mediation Server Only

15 Configuring the SIP Transport Type

16 Configuring Secure Real-Time Transport Protocol

17 Configuring Voice Coders (with Silence Suppression)

18 Configuring Comfort Noise and Gain Control

19 Configuring Early Media

20 Configuring FXS Ports and PSTN Trunks

21 Configuring Normalization Rules for E.164 Format

22 Configuring SRTP Behavior Upon Rekey Mode

23 Configuring FXS Port Transfer Behavior

Upgrading the SBA Components

24 Upgrading MSFT and CU System Components

25 Upgrading the Management Interface

26 Upgrading Using the SBA Proconnect

Upgrading and Recovering the SBA Image

27 Upgrade and Recovery - Introduction

28 Upgrade and Recovery - Prerequisites

29 Preparing SBA Upgrade and Recovery

30 SBA Upgrade and Recovery

Appendices

ASBA Security Default Template

Quick Links

Need help?

Questions and answers

Subscribe to Our Youtube Channel

Related Manuals for AudioCodes Mediant 1000B SBA

Summary of Contents for AudioCodes Mediant 1000B SBA