Table of Contents
Advertisement
Quick Links
Download this manual
See also:
Administration Manual
Advertisement
Table of Contents
Related Manuals for TANDBERG VCS
Summary of Contents for TANDBERG VCS
- Page 1 Video Communication Server ADMINISTRATOR GUIDE Version X3.0 July 2008 Overview and System Zones and Call Bandwidth Firewall Introduction Getting Started Applications Maintenance Appendices Status Configuration Configuration Neighbors Processing Control Traversal D14049.04 JULY 2008...
-
Page 2: Table Of Contents
Disclaimer ..............10 Overview ................ 14 What’s in the Box? ............20 Intellectual Property Rights ..........10 VCS and the TANDBERG Total Solution......14 Connecting the Cables ............ 20 Copyright Notice ............. 10 VCS Base Applications ............ 15 Installation Site Preparations .......... 20 Patent Information ............ - Page 3 Grey Headline (continued) What’s in this Manual? TANDBERG VIDEO COMMUNICATIONS SERVER ADMINISTRATOR GUIDE Overview and Status Local Zone ................39 Configuration Log ..............52 Overview ................28 Viewing the Local Zone Page ........... 39 Viewing the Configuration Log Page ......... 52 Viewing the Overview Page ..........
- Page 4 SIP Registration Expiry ..........67 Configuring the LDAP Server Directory ....76 Logging ................62 Using the VCS as a SIP Proxy Server ......68 Securing the LDAP Connection with TLS ....76 Overview ................ 62 Using the VCS as a SIP Presence Server ....68 Configuring LDAP Server settings ......
- Page 5 Configuring Zones - All Types ........... 90 Viewing Peers ..............99 Zone Searching and Transforming ......... 108 Configuring Neighbor Zones ..........91 Neighboring the Local VCS to a Cluster ......100 About Zone Searching ..........108 Configuring Traversal Client Zones ........92 Dial Plans ................101 Match Mode .............
- Page 6 Configuring ENUM Zones ......... 127 Bandwidth Control Overview ..........135 SIP ................. 118 Configuring DNS Servers ......... 128 Bandwidth Control on the VCS ........135 Enabling URI Dialing ............118 ENUM Dialing for Incoming Calls ........129 Example Network Deployment ........135 URI Dialing for Outgoing Calls ........
- Page 7 VCS as a Firewall Traversal Server ......... 150 Creating Links .............. 140 Adding a New Traversal Server Zone ......158 Quick Guide to VCS Traversal Client - Server Configuration ..151 Editing Links ..............141 Configuring a Traversal Server Zone ....... 159 Overview ..............
- Page 8 Using TANDBERG’s FindMe™ ..........170 Limitations ............. 186 Installing and Restarting ..........177 About your FindMe User Account ........170 Creating a Backup of your VCS Configuration ....186 Upgrading Using SCP/PSCP ..........177 About FindMe™............170 Restoring a Previous Backup ......... 187 Upgrading via the Web Interface ........178 FindMe User Accounts ........170...
- Page 9 VCS Port Reference ............204 Appendices Overview ..............204 CPL Reference ..............194 VCS Ports ..............204 Overview of CPL on the VCS .......... 194 DNS Configuration .............. 207 address-switch ............. 194 Overview ..............207 Overview ..............194 Verifying the SRV Record ......... 207 address ..............
-
Page 10: Legal Notices
Administrator Guide are which it relates contain information that is Administrator Guide is protected under following patents: subject to change at any time, without notice, proprietary to TANDBERG and its licensors. copyright, patent, and other intellectual • EP01953201 by TANDBERG. -
Page 11: Safety Instructions And Approvals
EC Declaration of Conformity Do not operate the apparatus in areas with high Servicing Water and Moisture concentration of dust. Manufacturer: TANDBERG Telecom AS • Do not attempt to service the apparatus • Do not operate the apparatus under or near Product Name:... -
Page 12: Environmental Issues
Instead of a range of different user manuals, there is now one systems in your area. Those systems will reuse or recycle most CD – which can be used with all TANDBERG products – in a of the materials of your end of life equipment in a sound way. - Page 13 TANDBERG CONTENT SERVER Grey Headline (continued) USER GUIDE Environmental Issues TANDBERG VIDEO COMMUNICATIONS SERVER ADMINISTRATOR GUIDE Table of What’s New in Trademark/ Safety/ Administrator Conference View Introduction Installation Quick Setup Operation Appendices Contents this Version? Licenses Environmental Settings Setup Conferences...
-
Page 14: The Tandberg Vcs
SIP and H.323 devices utilizing IETF and ENTE RPRISE LAN/WAN ITU standards. The VCS is the center of the video communication network, and connects all H.323 and SIP endpoints, infrastructure, and management devices. The VCS provides... -
Page 15: Vcs Base Applications
The VCS Expressway provides standards-based firewall traversal for SIP and H.323 devices allowing It is normally deployed within your wide area network with endpoints that are behind the same secure firewall traversal of any firewall or NAT device. As well as all the functionality of a VCS firewalls or NAT devices. -
Page 16: Standard Features
Flexible zone configuration with prefix, suffix Dual Network Interfaces and regex support • SIP Proxy/Registrar Enables the LAN 2 ethernet port on the VCS Expressway, allowing you to have a secondary IP • Can function as a stand-alone VCS or be • SIP Presence Server address for your VCS. -
Page 17: What's New In This Version
VCS at a particular date and Presence either “Read Only” access, meaning they can view but not change time. You can then use this file at a later date to return the VCS Two new presence services are now supported: Presence Server configuration, or “Read Write”... -
Page 18: The Administrator Guide
Typographical conventions Your approach to this documentation depends on what you want to do and how much you already Most configuration tasks on the VCS can be performed via either the web interface or a command know. line interface. This Guide will describe how to use both methods. -
Page 19: Getting Started
ADMINISTRATOR GUIDE Getting Started This section describes how to install the VCS and carry out its initial configuration. It also gives an overview of the VCS’s Administrator settings and describes how to access the VCS via either the Command Line Interface (CLI) or the web interface. -
Page 20: What's In The Box
• To avoid damage to the unit during transportation, the Make sure that the VCS is accessible and that all cables can The socket outlet shall be installed near to the equipment TANDBERG VCS is delivered in a special shipping box, which be easily connected. -
Page 21: Initial Configuration
Connect the supplied serial cable from the LAN1 port. The IP default gateway of the system. • DATA port on the VCS to the COM port on a web interface via HTTPS Turn on the power switch on the back right ethernet speed. -
Page 22: Initial Configuration Via Front Panel
Grey Headline (continued) Initial Configuration TANDBERG VIDEO COMMUNICATIONS SERVER ADMINISTRATOR GUIDE Initial Configuration via Front Panel The LCD panel makes it possible to configure Use the UP/DOWN keys to navigate to Press ENTER to produce the Main... -
Page 23: System Administrator Access
By default, Administrator sessions do not time TANDBERG VCS via a PC connected directly to log into the VCS via the web UI or the CLI. You can add additional administrator accounts with out – they remain active until you logout. -
Page 24: Using The Web Interface
This can safely be ignored. Supported Browsers The VCS web interface is designed for use with Internet Explorer (6 and up) or Firefox (1.5 and up). It may work with Opera and Safari, but you may encounter unexpected behavior. -
Page 25: General Page Features
This icon appears on the top right corner information in ascending and descending order. of every page. Clicking on this icon will take you directly to the latest version of the VCS Select All Unselect All Administrator Guide on the TANDBERG website. -
Page 26: Command Line Interface
Supported Characters Using the Command Line Interface (CLI) How Command are Shown in this Guide The VCS supports the following characters when entering text in the CLI and web UI: In this Guide, instructions for performing a task using the The command line interface is available over SSH, Telnet and •... -
Page 27: Overview And Status
This section describes the information that appears on the Overview page and all the pages under the Status menu of the web interface. These pages provide information on the current status and configuration of the VCS. Overview and System Zones and Call Bandwidth... -
Page 28: Overview
Traversal calls System name Current: The number of traversal calls going The name that has been assigned to the VCS. through the VCS at this moment. (peak): The highest number of concurrent traversal calls handled by the VCS since it was Up time last restarted. -
Page 29: System Information
Viewing the System Information Page Understanding the System Information Page System Information page provides details System name of the software, hardware, and time settings of The name that has been assigned to the VCS. the VCS. To view the System Information page: Product •... -
Page 30: Ethernet
Understanding the Ethernet Status Page Ethernet page provides details of the MAC MAC address address and ethernet speed settings of the The MAC address of the VCS’s ethernet device. VCS. If the Dual Network Interfaces option key To view the Ethernet... -
Page 31: Ip Status
IPv4 or IPv6 address, and will take calls using either protocol. If a call is between an IPv4-only and an IPv6-only endpoint, the VCS will act as an IPv4 to IPv6 LAN 1 gateway (note that this will require a traversal Shows the IPv4 Address and subnet mask, and call licence). -
Page 32: Resource Usage
5 seconds. (peak): The highest number of concurrent To view the Resource Usage page: traversal calls handled by the VCS since it was • Status > System > Resource Usage last restarted. Total: The total number of traversal calls handled by the VCS since it was last restarted. -
Page 33: Registrations
Understanding the Registrations Page Registrations page lists all the devices Name that are currently registered with the VCS. The H.323 alias or SIP AOR that the device Devices that are configured for both SIP and registered. H.323 will register twice; once as an H.323 Clicking on an individual name will take you endpoint and once as a SIP UA. -
Page 34: Registration History
Grey Headline (continued) Registration History TANDBERG VIDEO COMMUNICATIONS SERVER ADMINISTRATOR GUIDE Viewing the Registration History Page Understanding the Registration History Page Registration History page lists all the Name registrations that are no longer current. It lists The H.323 alias or SIP AOR that the device the most recent historical registrations since registered. -
Page 35: Presence
• Presentities • Subscribers. These pages provide information about endpoints and presentities using the Presence services on the VCS. Refer to the Viewing Presence Status section for a full explanation of the information on these pages. Overview and System Zones and... -
Page 36: Calls
Start time taking place to or from devices registered with The date and time at which the call was placed. the VCS, or that are passing through the VCS. To view the Calls page: •... -
Page 37: Call History
Call History page lists all the calls that are Start time no longer active that have taken place since The date and time at which the call was placed. the VCS was last restarted. To view the Call History page: •... -
Page 38: Search History
Viewing the Search History Page Understanding the Search History Page Search History page lists all the searches Start time that have taken place since the VCS was last The date and time at which the search was restarted. initiated. To view the... -
Page 39: Local Zone
Subzone Name together make up the Local Zone. This will The names of each subzone currently always include the Default Subzone and the configured on this VCS. Traversal Subzone, plus any other subzones that you have created. To view the... -
Page 40: Zones
Understanding the Zones Page Zones status page lists all the zones Name that are currently configured on your VCS, the The names of each zone currently configured number of calls and amount of bandwidth being on this VCS. used by each, and their current status. -
Page 41: Links
Name of all the links currently configured on your The name of each link. VCS, along with the number of calls and the bandwidth being used by each link. To view the Links status page: •... -
Page 42: Pipes
Understanding the Pipes Page The Pipes page provides a Name list of all the pipes currently The name of each pipe. configured on your VCS, along Clicking on the name will take with the number of calls and you to the Edit Pipe... -
Page 43: Stun Relays
Understanding the STUN Relays Page The STUN Relays page provides a list of all Client the currently active STUN Relays on the VCS. The IP address and port For each Relay, it shows the requesting client on the NAT (or the client if... -
Page 44: Applications
VIDEO COMMUNICATIONS SERVER ADMINISTRATOR GUIDE Viewing the Applications Page Understanding the Applications Page The Applications page shows the status of Applications all external applications running on the VCS. All Applications that are Currently this includes: installed on the VCS are • Presence shown on the left. -
Page 45: Warnings
VCS that resolution), is listed here. requires some manual Administrator intervention, such as a reboot. When there are warnings in place on the VCS, a warning icon will appear at the top right of the page. -
Page 46: Event Log
Grey Headline (continued) Event Log TANDBERG VIDEO COMMUNICATIONS SERVER ADMINISTRATOR GUIDE Viewing the Event Log Page Understanding the Event Log Page Event Log page allows you to view and Search for search the event log, which is a list of all the This field allows you to filter the event log. -
Page 47: Interpreting The Event Log
TANDBERG VCS processes web[ ] for all web login and configuration events. but will differ for messages from third party processes which are used in the VCS product message _ details the body of the message (see... -
Page 48: Message Details Field
The event which caused the log message to be generated. See Events and Levels for a Specifies the source port: the IP port of the device attempting to establish list of all events that are logged by the VCS, and the level at which they are logged. communications. User Src-Alias The username that was entered when a login attempt was made. -
Page 49: Events And Levels
The VCS has started. Further detail may be provided in the event parameter. Application Warning Detail The VCS application is still running but has experienced a recoverable problem. Further detail may be provided in the event parameter. Beginning System Backup A system backup has started. - Page 50 VCS. Clustering is enabled but bandwidth across the cluster has not been configured identically, and the VCS has received a message relating to an unknown Peer, Link, Pipe, Subzone or Zone. Use TMS to synchronize configuration across Peers.
- Page 51 Grey Headline (continued) Event Log TANDBERG VIDEO COMMUNICATIONS SERVER ADMINISTRATOR GUIDE Events and Levels Event Description Level Request Sent A call-related SIP request has been sent. Request Sent A non-call-related SIP request has been sent. Response Received A call-related SIP response has been received.
-
Page 52: Configuration Log
Configuration Log page allows you to view Types of Configuration Events and search login and configuration activities triggered via the VCS web interface. It shows Administrator sessions all web login attempts for administrators and Findme users (both failed and successful), and... - Page 53 This section describes all the options that appear under the System Configuration menu of the web interface. These options enable you to configure the VCS in relation to the network in which it is located, for example its IP settings and the external services used by the VCS (e.g.
-
Page 54: System Configuration System Administration
ADMINISTRATOR GUIDE Overview Configuration To configure the VCS’s system administration System name settings: Defines the name of the VCS. Choose a name • System Configuration > System that uniquely identifies the system. You will be taken to the System Administration page. -
Page 55: Ethernet
LAN1 and LAN2. About Ethernet Speed The Ethernet speed setting determines the speed of the connection between the VCS and the ethernet switch. It must be set to the same value on both systems. The default is Auto, which means that the two systems will auto-negotiate the appropriate speed. -
Page 56: Overview
IP routes are configured via the CLI only using: Click here to save • xConfiguration IP Route Calls for which the VCS is acting as an IPv4 to IPv6 gateway are traversal calls. They will your changes. therefore require a traversal call licence. •... -
Page 57: Lan
About LAN Configuration IPv6 address Specifies the IPv6 address of the VCS’s LAN1 LAN 1 is the primary network port on the VCS. port. You can configure the IPv4 address and subnet mask, and IPv6 address for this port. -
Page 58: Dns
URI dialing ENUM dialing. Sets the IP address of a DNS You can specify up to 5 DNS servers. The VCS sends requests server to be queried when to all configured servers in parallel taking the first result resolving domain names. -
Page 59: Ntp
NTP server to be used when synchronizing system time. About the NTP Server The NTP server is a remote server with which the VCS synchronizes in order to ensure its time setting is accurate. The NTP server provides the VCS with UTC time. -
Page 60: Snmp
Click here to restart the system. of the potentially sensitive nature of the information involved. Do not enable SNMP on a VCS on the public internet or in any Save other environment where you do not want to Click here to save your changes. -
Page 61: External Manager
The use of an External Manager is optional. Manager. In order to use an External Manager, you must configure the VCS with the IP address or host name and path of the External Manager to be used. If you are using TMS as your external manager,... -
Page 62: Logging
The VCS provides an event logging facility The event log is always stored locally on the VCS. However, it is To enable remote logging, you must configure the VCS with the address of the for troubleshooting and auditing purposes. often convenient to collect copies of all event logs from various central log server to which the event log will be copied. -
Page 63: Log Levels
Select the level of logging you All events have an associated level in the range 1-4, with level 1 You can control which events are logged by the VCS by setting the log level. All events with a level require. - Page 64 VCS Configuration menu. These pages allow you to configure the functionality of the VCS in each of these areas. This section includes the following information: • an overview of H.323 and the H.323 configuration options available on the VC •...
-
Page 65: Vcs Configuration
Once the endpoint is in a call, the VCS will periodically poll it to used by H.323 calls once they are established. You can determine how the VCS will behave in this situation by confirm whether it is still in the call. -
Page 66: Configuring H.323
Call time to live Specifies the interval (in seconds) at which the Call signaling port range start VCS polls the endpoints in a call to verify that Specifies the lower port in the range to be used they are still in the call by H.323 calls once they are established. -
Page 67: Sip
SIP mode must be enabled and at least one of the SIP transport protocols (i.e. UDP, TCP or TLS) must be If no Domains are configured, then the VCS will not act as a SIP active. Registrar. Proxying Registration Requests... -
Page 68: Using The Vcs As A Sip Proxy Server
Only, the VCS will proxy requests with an existing Route Set only for such calls. You can also specify the range of ports the VCS will use once calls are established. if the request was received from a Neighbor zone (including Traversal Client and Traversal Server This range must be sufficient to support all required concurrent calls. -
Page 69: Configuring Sip - Registrations, Protocols And Ports
TCP. will be handled. The default is 5060. Off: Registration requests will not be proxied (but will still be permitted locally if the VCS is authoritative for that domain). Invite requests TLS mode with existing Route Sets will be rejected. -
Page 70: Configuring Sip - Domains
Name of the domain and click Save. authoritative. The name of the domain will be changed. The VCS will act as a SIP Registrar and • To delete an existing domain, click View/ Presence Server for this domain, and will Edit. -
Page 71: Interworking
Off: the VCS will not act as a SIP-H.323 gateway. traversal call licence. RegisteredOnly: the VCS will act as a SIP-H.323 gateway but only if at least one of the endpoints is locally registered. On: the VCS will act as SIP-H.323 gateway regardless of whether the endpoints are locally registered. -
Page 72: Registration Control
Registrations on a VCS Expressway MCU, Gateway and Content Server Registration In order for an endpoint to use the TANDBERG VCS as its H.323 If a traversal-enabled endpoint registers directly with a VCS H.323 systems such as gateways, MCUs and Content Servers... -
Page 73: Finding A Vcs With Which To Register
(consult your endpoint manual for how to access this setting). • If the mode is set to automatic, the endpoint will try to register with any VCS it can find. It does this by sending out a Gatekeeper Discovery Request, to which eligible VCSs will respond. -
Page 74: Authentication
LDAP: A remote LDAP database is used. You must configure the LDAP server to use this In order to verify the identity of the device, the VCS needs option. access to a database on which all authentication credential information (usernames, passwords, and other relevant The default is LocalDatabase. -
Page 75: About External Registration Credentials
Authenticatio VCS is forwarding an invite from an endpoint to another VCS, that other system may have authentication enabled and will therefore require your local VCS to provide it with a Authentication username username and password. Authentication Username is the name that... -
Page 76: Authentication Databases
VCS, and the alias(es) with which it wishes to register LDAP The VCS looks up the username in the LDAP database and obtains the authentication and alias The alias(es) presented by the endpoint will be used as long as they are listed in the LDAP information for that entry. -
Page 77: Configuring Ldap Server Settings
LDAP database. Password The default is LDAP. The password to be used by the VCS when binding to the LDAP server. Upload a CA Certificate file for TLS Clicking here will take you to the... -
Page 78: Authentication Using A Local Database
The local database is included as part of your entries in the Local Database. VCS system. It consists of a list of usernames and passwords, which you add via the web interface and/or the CLI. The database can hold up to 2500 entries. -
Page 79: Registering Aliases
H.323 When registering, the H.323 endpoint presents the VCS with one An H.323 endpoint may attempt to register with the VCS using an alias that has already been registered on the VCS from another IP or more of the following: address. -
Page 80: Allow And Deny Lists
When an endpoint attempts to register with the VCS it presents a list of aliases. To activate the use of Allow or Deny lists to determine which aliases are allowed to register with the VCS: You can control which endpoints are allowed to register by setting the Restriction •... -
Page 81: Managing Entries In The Allow List
To view and manage the entries in the Allow Allow List. List: You can sort these entries by clicking • VCS Configuration > Registration > Allow on the relevant column heading. List. You will be taken to the Registration Allow List page. -
Page 82: Managing Entries In The Deny List
This page shows all the existing entries in the To view and manage the entries in the Deny Deny List. List: • VCS Configuration > Registration > Deny You can sort these entries by clicking List. on the relevant column heading. You will be taken to the... -
Page 83: Zones And Neighbors
It then provides information on the pages that appear under the Local Zone, Zones Alternates sub-menus of the VCS Configuration menu. These pages allow you to: • configure the VCS’s Local Zon (which is made up of subzones, including the Traversal Subzone and Default Subzone) •... -
Page 84: Introduction
However, depending on the size and complexity of your enterprise the VCS may be part of a network of endpoints, other VCSs and other network infrastructure LOCAL ZONE devices, with one or more firewalls between it and the internet. -
Page 85: Local Zone And Subzones
Zone. The Local Zone’s subzones exist for the purposes of bandwidth One of the functions of the VCS is to route a call received from The Local Zone is divided into subzones. These include an management. Once you have set up your subzones you can... -
Page 86: Traversal Subzone
(i.e. calls for which the VCS is taking the media in addition to the signaling) will pass The VCS allows you to configure the range of ports to be used for the media in traversal calls. A through it. The Traversal Subzone exists in order to allow you to control the amount of bandwidth single traversal call can consist of up to 5 types of media (audio, video, far end camera control, used by traversal calls, as these can be particularly resource-intensive. -
Page 87: About Zones
Traversal Server Zone A zone is a collection of endpoints, either all registered to a In order to be able to traverse a firewall, the VCS must be A VCS Expressway is able to act as a traversal server, providing single system (e.g. -
Page 88: Enum Zone
Once you have configured one or more DNS zones, you can: The VCS comes pre-configured with the Default Zone and default Once you have configured one or more ENUM zones, you can: links between it and both the Default Subzone and the Traversal •... -
Page 89: Adding Zones
ENUM or DNS zone, you must add a new traversal server zones, traversal client zones zone on the local VCS. When adding a new and neighbor zones this will include providing zone you will be asked to specify its Type; this... -
Page 90: Configuring Zones - All Types
Neighbor: the new zone will be a connection to a neighbor of the local VCS. TraversalClient: the local VCS is a traversal client of the new zone, and there is a firewall between the two. TraversalServer: the local VCS is a traversal server for new zone, and there is a firewall between the two. -
Page 91: Configuring Neighbor Zones
SIP mode Searches are automatically responded to Determines whether SIP calls will be allowed to Determines what happens when the VCS receives a SIP search and from the neighbor zone. that originated as an H.323 search, destined for this zone. The default is Off. -
Page 92: Configuring Traversal Client Zones
H.323 port Specifies the port on the traversal server to be used for H.323 calls to and from the local VCS. Peer 1 to Peer 6 address For firewall traversal to work via H.323, The IP Address or FQDN of the traversal server. -
Page 93: Configuring Traversal Server Zones
H.323 protocol Sets the frequency (in seconds) with which Determines the protocol (Assent or H.460.18) the client will send a UDP probe to the VCS to be used to traverse the firewall/NAT. Expressway if a keep alive confirmation has not... -
Page 94: Configuring Enum Zones
Grey Headline (continued) Zones TANDBERG VIDEO COMMUNICATIONS SERVER ADMINISTRATOR GUIDE Configuring ENUM Zones DNS suffix Specifies the domain to be appended to the transformed E.164 number to create an ENUM domain for which this zone is queried. SIP mode Determines whether SIP records will be looked up for this zone. -
Page 95: Configuring Dns Zones
Dialing. Empty INVITE allowed Searches are automatically responded to Determines whether the VCS will generate a SIP INVITE Determines what happens when the VCS receives a search messages which has no SDP to send to this zone. destined for this zone. -
Page 96: Clustering, Peers And Alternates
VIDEO COMMUNICATIONS SERVER ADMINISTRATOR GUIDE About Clustering A VCS can be part of a Cluster of up to six VCSs. Each VCS in the Cluster is a Peer of every other VCS in the Cluster. The purpose of a Cluster is twofold: •... -
Page 97: Configuring Clusters
Each • Administration Accounts Determine which VCS is to be the master and configure it with the settings you wish to apply to Peer can use a different Gateway. the entire cluster. The password for the default... -
Page 98: Sharing Registrations Across Peers
If you have clustering configured and subsequently downgrade to registrations being spread over all the Peers in the Cluster. a version of VCS software prior to X3.0, the VCS will retain all its You should change the registration Time to live... -
Page 99: Clustering And Findme
Alternates page lists the IP Addresses of all the Peers in the Do not make any Cluster to which this VCS belongs, including the IP Address of changes directly to Clustering supports the use of FindMe. Each the VCS to which you are currently logged in. -
Page 100: Neighboring The Local Vcs To A Cluster
Neighboring the Local VCS to a Cluster You can neighbor your local VCS (or VCS Cluster) to a remote VCS Cluster; this could be a Neighbor, The IP Addresses of each Peer in the zone to which you are connecting are configured in the Traversal Client, or Traversal Server to your local VCS. -
Page 101: Dial Plans
As you start deploying more than one VCS, The simplest approach is to assign each An alternative deployment would use a In this type of structure one VCS is nominated it is useful to neighbor the systems together endpoint a unique alias and divide the endpoint... -
Page 102: Call Processing
• how to apply transforms to the address that was diale d, either before searching on the local VCS or when sending the search request to the Local Zone and external zones • how to use Call Policy to manage call •... -
Page 103: Call Processing Diagram
If the alias is found within the Local Zone or by one of the external zones, the VCS will attempt to place the call to that zone. If the alias is not found, the VCS will respond with a message to say that the call has failed. -
Page 104: Dialing By Address Types
Dialing. could be the local VCS, or it could be one of its neighbors (in which case the local VCS would route the call to the neighbor, which would then place the call directly to the IP address). -
Page 105: Hop Counts
Click on the name of the zone you wish to configure. reaches 0, the request will not be forwarded on any further. You will be taken to the Edit Zone page. For search requests initiated by the local VCS, the hop count In the Configuration section, in the Hop Count field, enter the hop count value you wish to use for assigned to the request is configurable on a zone-by-zone basis. -
Page 106: Searches And Transforms
All Peers in a cluster should be configured identically, including any pre-search transforms. for more information. A VCS in a cluster will treat search requests from any of its Peers as having come from its own Local Zone, and will not re-apply any pre-search transforms on receipt of the request. -
Page 107: Configuring Pre-Search Transforms
Pattern string Specifies the pattern against which the alias is To configure the way in which aliases are compared. transformed before being searched for: • VCS Configuration > Transforms You will be taken to the Transforms page. Click New. Priority... -
Page 108: Zone Searching And Transforming
About Zone Transforms Zone Search and Transform Process The VCS allows you to filter the search requests sent to each The VCS allows you to change the alias being searched for Zones searching takes place after call policy has been applied. -
Page 109: Configuring Zone Searches And Transforms
AlwaysMatch: the zone will always be queried. Local Zone PatternMatch: the zone will only be queried if the alias queried for matches the specified • VCS Configuration > Local Zone > Matches Pattern String. You will be taken to the Local Zone Matches page. -
Page 110: Examples
Grey Headline (continued) Searches and Transforms TANDBERG VIDEO COMMUNICATIONS SERVER ADMINISTRATOR GUIDE Examples Combining Match Types Never Query a Zone Always Query a Zone, Never Apply Transforms and Priorities To configure the zone so that it is never sent an alias search request (for example... -
Page 111: Filter Queries To A Zone Without Transforming
VCS with a suffix of @sales.example.com. In this situation, it makes sense for your Head Office VCS to query the Sales Office VCS only when it receives a search request for an alias with a suffix of @sales.example.com. -
Page 112: Query A Zone For Original And Transformed Alias
For example, you may wish to query a neighbor zone for both a full URI and just the name (i.e. the URI with the domain removed). To achieve this, on your local VCS configure the zone representing the neighbor VCS as shown: Overview and... -
Page 113: Query A Zone For Two Or More Transformed Aliases
Pattern String to be matched, but each with a different replacement pattern. In this situation, the VCS will query that zone for each of the new aliases simultaneously. (Any duplicate aliases produced by the transforms will be removed prior to the search requests being sent out.) -
Page 114: Call Policy
If your VCS is part of a secure environment, any policy decisions based on the source redirected to a different destination. These rules are known as of the call should only be made when that source can be authenticated. -
Page 115: Enabling The Use Of Administrator Policy
ADMINISTRATOR GUIDE Enabling the use of Administrator Policy To enable Administrator Policy: Administrator Policy Mode • VCS Configuration > Call Policy On: Administrator Policy is enabled. If a CPL You will be taken to the Call Policy page. script has been uploaded, this policy will be •... -
Page 116: Configuring Administrator Policy Via The Web Interface
Each combination of Source Destination • VCS Configuration > Policy > Administrator is compared, in the order shown, with the You will be taken to the Administrator Policy details of the call being made until a match is page. -
Page 117: Configuring Administrator Policy Via A Cpl Script
XML schemas which are used to check the script before it If you download a web-configured is uploaded to the VCS, so you can check in Administrator policy as a CPL script and advance that your CPL script is valid. -
Page 118: Uri Dialing
VCS is neighbored with another VCS that has been configured for DNS. In this case, any URI dialed calls will go via the neighbor. This neighbor system. This is because these configuration is useful if you want all URI dialing to be made via one particular system, e.g. -
Page 119: Uri Dialing For Outgoing Calls
Configuring Matches for DNS Zones When a user places a call using URI dialing, they will typically dial an address in the form If you wish locally registered endpoints to be able to place URI calls via the VCS, then at a minimum name@example.com from their endpoint. -
Page 120: Adding And Configuring Dns Zones
Adding and Configuring DNS Zones Name Assigns a name to this zone. In order for locally registered endpoints to use URI dialing through the VCS, you must configure at least one DNS zone. To do this: Type • VCS Configuration > Zones For DNS zones, this will be DNS. -
Page 121: Configuring Dns Servers
In order for endpoints registered to the local VCS to make outgoing calls using URI dialing to endpoints that are not registered to the local VCS or one of its neighbors, you must configure at least one DNS server for the VCS to query. For resilience, you can specify up to five DNS servers. -
Page 122: Uri Dialing For Incoming Calls
• Port AAAA records , which provide the IPv6 address of the VCS is the port on the VCS that has been configured to listen for that particular service and protocol combination • Target is the FQDN of the VCS. -
Page 123: Uri Dialing And Firewall Traversal
In this case you would configure a Pre-Search Transform that would strip the IP address of the VCS from the incoming URI and replace it with the domain name of example.com. Overview and System... -
Page 124: Enum Dialing
Enabling ENUM Dialing ENUM dialing allows an endpoint to be contacted by a caller When a VCS is attempting to dial a destination endpoint using ENUM dialing is enabled separately for incoming and outgoing dialing an E.164 number - a telephone number - even if that ENUM, the general process is as follows: calls. -
Page 125: Enum Dialing For Outgoing Calls
DNS NAPTR record mapping this alias to his There must be a NAPTR record available in DNS that maps The VCS initiates a search for the E.164 number as dialed. It E.164 number: +44123456789. the called endpoint’s E.164 number to its URI. It is the... -
Page 126: Configuring Matches For Enum Zones
Configuring Transforms for ENUM Zones If you wish locally registered endpoints to be able to make ENUM calls via the VCS, then at a You can configure transforms for ENUM zones in the same way as any other zones (see... -
Page 127: D14049.04
ENUM dialing, you must configure an ENUM zone for each ENUM service used by remote Type endpoints. To do this: For ENUM zones, this will be ENUM. • VCS Configuration > Zones You will be taken to the Zones page. • Click New. -
Page 128: Configuring Dns Servers
ENUM dialing and URI dialing DNS server for the VCS to query. For resilience, processes. you can specify up to five DNS servers. Overview and... -
Page 129: Enum Dialing For Incoming Calls
(i.e. the full stop character). a public ENUM database such as http://www.e164.org. Non-terminal rules in ENUM are not currently supported by the VCS. For more information on these, see section 2.4.1 of RFC 3761 [8], Overview and... -
Page 130: Unregistered Endpoints
Instead, we recommend that callers from unregistered endpoints dial the IP address or the domain name (if configured) of the local unregistered endpoint. VCS, prefixed by the alias they wish to call (for example, john.smith@82.118.9.0). The VCS will then place the call as normal. Calls to an Unregistered Endpoint... -
Page 131: Fallback Alias
ADMINISTRATOR GUIDE Overview Configuration Example Usage It is possible for the VCS to receive a call that To configure the Fallback Alias: You may wish to configure your Fallback is destined for it but which does not specify Alias to be that of your receptionist, so that •... -
Page 132: Call Ids, Serial Numbers And Tags
Call Tags are used to track calls passing through a number of VCSs. When the VCS receives a call, it checks to see if there is a Call Tag already assigned to it. If so, the VCS will use the existing Call Tag;... -
Page 133: Disconnecting Calls
However, SIP calls are peer- that Call Serial to-peer and as a SIP proxy the VCS has no authority over the Number will be disconnected. endpoints. Although releasing the resources may have the side-... -
Page 134: Bandwidth Control
This section describes the pages that appear under the Local Zone Bandwidth sub-menus of the VCS Configuration menu in the web interface. These pages allow you to control the bandwidth that is used for calls within your local zone, as well as calls out to other zones. -
Page 135: Bandwidth Control Overview
VIDEO COMMUNICATIONS SERVER ADMINISTRATOR GUIDE Bandwidth Control on the VCS Example Network Deployment The TANDBERG VCS allows you to control The diagram below shows a typical network deployment: the amount of bandwidth used by endpoints • a broadband LAN between the Enterprise and the internet, where high bandwidth calls are acceptable on your network. -
Page 136: Subzones
Traversal Subzone (and Default Zone) non-traversal call for that VCS. Other systems in the route may need to take the media as well, and to a subzone based on their IP address. You already created, and with links between the so the call will count as a traversal call on that particular VCS. -
Page 137: Creating A Subzone
TANDBERG VIDEO COMMUNICATIONS SERVER ADMINISTRATOR GUIDE Creating a Subzone To add a new subzone: • VCS Configuration > Local Zone > Subzones You will be taken to the Subzones page. Select New. You will be taken to the Create Subzone page. -
Page 138: Configuring A Subzone
VIDEO COMMUNICATIONS SERVER ADMINISTRATOR GUIDE Configuring a Subzone To configure a subzone: • VCS Configuration > Local Zone > Subzones You will be taken to the Subzones page. Click on the subzone you wish to configure. You will be taken to the Edit Subzone page. -
Page 139: Applying Bandwidth Limitations To Subzones
Grey Headline (continued) Subzones TANDBERG VIDEO COMMUNICATIONS SERVER ADMINISTRATOR GUIDE Applying Bandwidth Limitations to Subzones Types of Limitations How Different Bandwidth Limitations are Managed You can apply bandwidth limits to the Default Subzone, Traversal Subzone and all manually In situations where there are differing bandwidth limitations applied to the same link, the lower limit configured subzones. -
Page 140: Links
If multiple routes are possible, your VCS will perform the bandwidth Node 1, Node 2 calculations using the one with the fewest Select the names of the two subzones, or the links. -
Page 141: Editing Links
VIDEO COMMUNICATIONS SERVER ADMINISTRATOR GUIDE Editing Links To edit a link: Name • VCS Configuration > Bandwidth > Links Enter the name you wish to assign to this link. You will be taken to the Links page. Click View/Edit. You will be taken to the Edit Link page. -
Page 142: Default Links
Default Zone already created, and with default links pre- automatically created as follows: subzone. For this reason, the VCS comes shipped with a set of configured between the three. These links will be named as New zone/subzone type Default links are created to... -
Page 143: Pipes
NoBandwidth: there is no bandwidth available. To create a pipe: Total bandwidth limit (kbps) • VCS Configuration > Bandwidth > Pipes Sets the limit on the total concurrent You will be taken to the Pipes page. bandwidth of this pipe. -
Page 144: Editing Pipes
Enter the name you wish to give to this pipe. To configure details of a pipe: You will refer to this name when creating links. • VCS Configuration > Bandwidth > Pipes You will be taken to the Pipes page. -
Page 145: Applying Pipes To Links
One Pipe, One Link Applying a single pipe to a single link is useful when you wish to apply specific limits to calls VCS CONTROL between a subzone and another specific subzone or zone. One Pipe, Two or More Links... -
Page 146: Default Bandwidth And Downspeeding
VCS Configuration > Bandwidth > Configuration cases where the endpoint has not specified the bandwidth, you You will be taken to the Bandwidth Configuration page. can set the VCS to apply a default bandwidth value. • xConfiguration Bandwidth Defaul • xConfiguration Bandwidth Downspee... -
Page 147: Bandwidth Control Examples
An example deployment is shown opposite. In this example, there are three geographically separate offices: Enterprise, Branch and Home. All endpoints in the Enterprise office register with the VCS Control, as do those in the Branch and Home offices. VCS CONTROL Each of the three offices is represented as a separate subzone on the VCS, with bandwidth configured according to local policy. -
Page 148: Example With A Firewall
TANDBERG’s Expressway™ firewall traversal solution to maintain connectivity. We do this by adding a VCS Expressway outside the firewall on the public internet, which will work in conjunction with the VCS Control and Home and Branch office endpoints to traverse the firewalls. -
Page 149: Firewall Traversal
ADMINISTRATOR GUIDE Firewall Traversal This section describes how to configure your VCS Control and VCS Expressway in order to traverse firewalls. It also describes how to configure the additional firewall traversal server functions of a VCS Expressway, including STUN services. -
Page 150: Firewall Traversal Overview
In order to act as a firewall traversal client, the VCS must be configured with information about the system(s) that will be acting as its network will be prevented. However, firewalls can be configured firewall traversal server. -
Page 151: Quick Guide To Vcs Traversal Client - Server Configuration
Grey Headline (continued) Quick Guide to VCS Traversal Client - Server Configuration TANDBERG VIDEO COMMUNICATIONS SERVER ADMINISTRATOR GUIDE Overview VCS Control (Client) VCS Expressway (Server) Full details of how to configure a VCS Control and VCS Expressway as traversal client and ... -
Page 152: Firewall Traversal Protocols And Ports
Once established, the client constantly sends a probe to connect to these specific ports on the server. The only port the VCS Expressway via this connection in order to keep the In order for a traversal server and traversal client to configuration that is done on the client is the range of ports it connection alive. -
Page 153: Ports For Initial Connections From Traversal Clients
VCS Expressway that will be used for calls If your VCS Expressway does not have any endpoints registering directly with it, and it has are unique for each traversal server zone. to and from endpoints on the public internet no Alternates configured, then UDP/1719 is not required. -
Page 154: Firewall Traversal And Authentication
• • The VCS client provides its Authentication Username The traversal server zone for the VCS client must be configured with the Upon receiving the initial connection Authentication Password. These are set on the VCS client via Client Authentication Username. -
Page 155: Other Issues
• allow initial outbound traffic from the client to the ports being used by the VCS Expressway VCS Expressway is located in a DMZ that consists of two separate networks - an inner DMZ and an • allow return traffic from those ports on the VCS Expressway back to the originating client. -
Page 156: Configuring The Vcs As A Traversal Client
VIDEO COMMUNICATIONS SERVER ADMINISTRATOR GUIDE Overview Adding a New Traversal Client Zone • To enable your VCS to act as a traversal VCS Configuration > Zones client on behalf of its endpoints and neighbor You will be taken to the Zones page. -
Page 157: Configuring A Traversal Client Zone
The IP Address or FQDN of the traversal server. Specifies the interval in seconds with which a If the traversal server is a VCS cluster, this failed attempt to establish a connection to the includes all of its Peers. See the section traversal server should be retried. -
Page 158: Configuring The Vcs As A Traversal Server
This feature means you can: You will be taken to the Zones page. Select New. • Allow your VCS to act as a traversal server You will be taken to the Create Zone page. for other VCSs and TANDBERG Gatekeepers. •... -
Page 159: Configuring A Traversal Server Zone
SIP transport Client authentication username Determines which transport type will be used If the traversal client is a VCS, this must be the for SIP calls to and from the traversal client. VCS’s Authentication Username. You must also add the client’s Authentication H.460.19 demux mode... -
Page 160: Configuring Traversal For Endpoints
Sets the interval (in seconds) with which locally registered endpoints will send a UDP probe to H.323 Assent mode the VCS Expressway once a call is established, Determines whether or not H.323 calls using in order to keep the firewall’s NAT bindings Assent mode for firewall traversal will be open. -
Page 161: Configuring Traversal Server Ports
ADMINISTRATOR GUIDE Configuring Traversal Server Ports Overview Media demultiplexing RTP port Specifies the port on the VCS to be used for The VCS Expressway has specific listening demultiplexing RTP media. ports used for firewall traversal. Rules must be set on your firewall to allow connections to these ports. -
Page 162: Stun Services
NAT (STUN) [12]. the relay should forward on media. Any incoming calls to this IP address and port on the VCS server are relayed via the allocated binding on the NAT to the client. About ICE Currently, the most likely users of STUN services are ICE endpoints. -
Page 163: Configuring Stun Services
• xConfiguration Traversal Server STUN Discovery Port STUN Specifies the port on the VCS on which it will be listening for STUN Discovery requests. STUN Relay Mode Determines whether the VCS will offer STUN Relay services to traversal clients. - Page 164 Applications This section provides information on each of the additional services that are available under the Applications menu of the VCS. You must purchase the appropriate option key in order to use each of these applications. They are: • FindM e (User Policy) •...
-
Page 165: Findme™ (User Policy)
• FindMe is a form of User Policy, which is the set of rules that When the VCS receives a call for a particular alias, it checks The FindMe name should be in the form of a URI, and should determines what happens to a call for a particular user or group to see whether User Policy has been enabled. -
Page 166: Enabling Findme On The Vcs
User Policy Manager. Path The URL of the remote User Policy Manager. Username The username used by the VCS to log in and query the remote User Policy Manager. Password The password used by the VCS to log in and query the remote User Policy Manager. -
Page 167: Managing Findme User Accounts
Creating a New User Account • FindMe user accounts must be created by the Applications > FindMe > User Accounts VCS Administrator before they can be accessed You will be taken to the User Accounts page. and configured by users. -
Page 168: Changing A User Password
This is useful when the user has forgotten their password. To change the password: • VCS Configuration > Policy > User Accounts You will be taken to the User Accounts page. Click on the user account whose password Confirm password you wish to change. -
Page 169: Deleting A User Account
To delete a FindMe user account: To select all the accounts, click on Select All. • VCS Configuration > Policy > User Accounts You will be taken to the User Accounts page. Delete Click here to delete the selected accounts. -
Page 170: Using Tandberg's Findme
Grey Headline (continued) Using TANDBERG’s FindMe™ TANDBERG VIDEO COMMUNICATIONS SERVER ADMINISTRATOR GUIDE About your FindMe User Account Accessing the FindMe Configuration Page About FindMe™ To configure your FindMe user account, log in via a web browser as described below: The FindMe feature allows you as an individual or part of a group to have a single name on which you can always be called, and you chose where calls to that name will be routed. -
Page 171: Configuring Your Findme User Account
Grey Headline (continued) Using TANDBERG’s FindMe™ TANDBERG VIDEO COMMUNICATIONS SERVER ADMINISTRATOR GUIDE Configuring your FindMe User Account Primary Devices If no devices are configured for a FindMe name, all calls to that name List the all the device(s) that will ring when your will be rejected. -
Page 172: Presence
The Presence Server application on the VCS is responsible for managing the presence information status - such as whether they are offline, online, or in a call. Any entity which provides presence for all presentities in the SIP domain(s) for which the VCS is authoritative (refer to the Configuring information, or about whom presence information can be requested, is known as a presentity. -
Page 173: Presence User Agent (Pua)
30 minutes. This means that when the PUA is because it is assumed that the other source of information is enabled on a VCS with existing registrations, it may take up to In order for the PUA to successfully provide presence information the presentity itself, and this information is more accurate. -
Page 174: Enabling And Disabling Presence Services
Presence Server on the VCS Control. This presence server on just one VCS. This will For information about how Presence works within a VCS cluster, see the Clustering and will ensure that all PUBLISH messages... -
Page 175: Viewing Presence Status
All endpoints Subscription Count: The number of local presentities about that are registered to the VCS will have information published on URI: The address of the presentity whose presence information whom this endpoint is requesting information. -
Page 176: Maintenance
ADMINISTRATOR GUIDE Maintenance This section describes the pages that appear under the Maintenance menu of the VCS web interface. These pages allow you to perform the following tasks: • upgrade to a new release of softwar • downgrade to a previous version of softwar •... -
Page 177: Upgrading Software
ADMINISTRATOR GUIDE Overview Upgrading Using SCP/PSCP It is possible to install new releases of the VCS software on your Upgrading and Option Keys To upgrade using SCP or PSCP (part of the PuTTY free Telnet/ existing hardware. Software upgrade can be done via the VCS in... -
Page 178: Upgrading Via The Web Interface
Grey Headline (continued) Upgrading Software TANDBERG VIDEO COMMUNICATIONS SERVER ADMINISTRATOR GUIDE Upgrading via the Web Interface To upgrade your software via the web interface: System Information • Maintenance > Upgrade This section tells you about the You will be taken to the Upgrade page. - Page 179 Software successfully upgraded This screen indicates that the software has been copied to your system successfully. You will need to restart the VCS in order for the new version to take effect. Restarting will cause all current calls to terminate, and all current registrations to be ended.
-
Page 180: Downgrading Software
Any local zone matches will be deleted after downgrading from version X3.0. Call Tags Call tags will not be added or recognized by VCS software prior to X3.0. Once you downgrade from X3.0, any call tags received from other VCSs will be deleted and not forwarded on. -
Page 181: Option Keys
VCS at any one time. A traversal call is any call where the VCS is required to take the media as well as the signalling, i.e. firewall traversal calls, calls that are interworked between IPv4 and IPv6 calls, and calls that are interworked between SIP and H.323. -
Page 182: Adding Options Via The Web Interface
Enter the 20-character Option Key that has been provided to you for the option you wish to add. Some option keys require that the VCS is restarted before the option key will Add Option take effect. You will receive a warning Click Option. -
Page 183: Security
CLI. Click here once you have selected both the Shows you the currently uploaded PEM file containing the certificate used by the VCS to identify private key and certificate files to upload them. itself to SIP and HTTPS clients when communicating over SSL/TLS. -
Page 184: Administration Accounts
Administration Accounts page. with full read/write access. This account is Click New. used to log into the VCS via the web UI or the You will be taken to the Create Administration Account page. CLI. The username for this account is... -
Page 185: Editing An Administration Account
Enter the password that this administrator will use to log in to the VCS. The password can be up to 16 characters. All passwords on the VCS are encrypted, so you will only see placeholder characters here. Cancel Click here to return to the... -
Page 186: Backup And Restore
VCS at a particular date and Navigate to Maintenance > Backup and Restore. time. You can then use this file at a later date to return the VCS You will be taken to the Backup and Restore page. -
Page 187: Restoring A Previous Backup
Click Upload System Backup File. The VCS will check the file and if it is valid, you will be taken to the Restore Configuration page. If the backup file is not valid, you will receive... -
Page 188: System Snapshot
Select a location from which you can easily send the file to your TANDBERG support representative. You can configure the VCS to automatically send reports to a specified web service each time it experiences application failures such as system crashes. The information contained in these reports can then be used by TANDBERG technical support to diagnose the cause of the failures. -
Page 189: Restarting
VIDEO COMMUNICATIONS SERVER ADMINISTRATOR GUIDE Overview Restarting the VCS Some configuration changes will require a restart of the VCS before they take effect. There will be a Restart button at the bottom of any web pages that include such options, and clicking... -
Page 190: Shutting Down
Click here to shut down the system. Shutting Down page will appear. This page will remain in place once the system has successfully shut down but any attempts to refresh the page or access the VCS will then be unsuccessful. Overview and System... -
Page 191: Restoring Default Configuration
TANDBERG VIDEO COMMUNICATIONS SERVER ADMINISTRATOR GUIDE Overview DefaultValuesSet Level 3 It is possible to restore the VCS to its default configuration. This Default value after xCommand DefaultValuesSet Level: 3 Configuration item xCommand DefaultValuesSet. This is done via the CLI using SystemUnit Name <blank>... -
Page 192: Password Encryption
Overview Maximum length of Passwords All passwords configured on the VCS are stored in encrypted form. This applies to the following, When a password is encrypted, it uses more characters than the original plain text version of the which all have usernames and passwords associated with them: password. - Page 193 Grey Headline (continued) TANDBERG VIDEO COMMUNICATIONS SERVER ADMINISTRATOR GUIDE Appendices This section includes the following appendices which provide supplementary information regarding the administration of the VCS: • CPL Referenc • Regular Expression Referenc • Pattern Variable Referenc • VCS Port Referenc •...
-
Page 194: Cpl Reference
VIDEO COMMUNICATIONS SERVER ADMINISTRATOR GUIDE Overview of CPL on the VCS address-switch This Appendix gives details of the VCS’s implementation of the CPL language and should be read in Overview conjunction with the CPL standard RFC 3880 [5] and the TANDBERG guide to writing CPL [22]. -
Page 195: Field
The destination aliases. If the selected field contains multiple aliases then the VCS will attempt to match each address node with all of the aliases before proceeding to the next address node i.e. an address node matches if it matches any alias. -
Page 196: Subfield
This form is most useful when authentication is being used. With authentication enabled the VCS will only use authenticated aliases when running policy so not-present action can be used to take appropriate action when a call is received from an... -
Page 197: Location
CPL RFC. If an attempt is made to upload a script containing any of the following elements an error message will be generated and the VCS will continue to use its existing policy. rule-switch The following elements are not currently supported: •... -
Page 198: Cpl Examples
Grey Headline (continued) CPL Reference TANDBERG VIDEO COMMUNICATIONS SERVER ADMINISTRATOR GUIDE CPL Examples Call Screening of Authenticated Users Call Screening Based on Alias In this example, only calls from users with authenticated source addresses are allowed. In this example, user... -
Page 199: Call Screening Based On Domain
Grey Headline (continued) CPL Reference TANDBERG VIDEO COMMUNICATIONS SERVER ADMINISTRATOR GUIDE CPL Examples Call Screening Based on Domain Change of Domain Name In this example, user fred will not accept calls from anyone at annoying.com, or from any In this example, Example Inc has changed its domain from example.net... -
Page 200: Allow Calls From Locally Registered Endpoints Only
<taa:routed> <address-switch field="registered-origin"> <address-switch field="registered-origin"> <not-present> <not-present> <reject status="403" reason="Only local endpoints can use this <address-switch field="originating-zone"> Tandberg VCS"/> <address is="DefaultZone"> </not-present> <!-- Reject call with a status code of 403 (Forbidden) --> </address-switch> <reject status="403" reason="Denied by policy"/> </taa:routed>... -
Page 201: Restricting Access To A Local Gateway
CPL Examples Restricting Access to a Local Gateway Using the rule-switch node In these examples, a gateway is registered to the VCS with a prefix of and the administrator wants to stop calls from outside the organization being routed through it. -
Page 202: Regular Expression Reference
Regular expressions can be used in conjunction Character Description Example with a number of VCS features such as alias transformations, zone transformations, CPL Matches any single character. policy and ENUM. The VCS uses POSIX format Matches 0 or more repetitions of the previous match. -
Page 203: Pattern Variable Reference
Ethernet 1 IP V4 Address Matches the IPv4 addresses currently not applicable configured on the VCS for LAN 1 and LAN 2. These variables can be used as either or both xConfiguration Ethernet 2 IP V4 Address %ipv4 _ 1%... -
Page 204: Vcs Port Reference
The table below shows all the ports on the VCS that are used for each of these services and functions. It shows the default port(s) range and it conflicts with another service, you will get a and protocol used, and if the ports are configurable it shows the available range and how to configure them via the web UI or CLI. - Page 205 Demultiplexing RTP RTP media xConfiguration Traversal Server Media Demultiplexing RTP Port Assent call signaling used on the VCS Expressway for Assent signaling 2776 TCP 1024 - 65534 VCS Configuration > Expressway > Ports xConfiguration Traversal Server H323 Assent CallSignaling Port H.460.18 call signaling...
- Page 206 TCP/TLS xConfiguration SIP TCP Outbound Port Start xConfiguration SIP TCP Outbound Port End Traversal media port range For traversal calls (i.e. where the VCS is taking 50000 - 51199 1024 - 65533 VCS Configuration > Local Zone > Traversal Subzone...
-
Page 207: Dns Configuration
For example: It is assumed that both A and AAAA records already exist • dnscmd . /RecordAdd example.com _ h323ls. _ udp SRV 1 0 1719 vcs.example.com for vcs.example.com. If not, you will need to add one. Verifying the SRV Record BIND 8 &... -
Page 208: Ldap Configuration
ADMINISTRATOR GUIDE About the LDAP Databases Microsoft Active Directory The VCS can be configured to use a database on an LDAP Directory Server to store authentication Prerequisites credential information (usernames, passwords, and other relevant information) These step-by-step instructions assume that Active Directory has already been installed. For details This section describes how to download the schemas that must be installed on the LDAP server, on installing Active Directory please consult your Windows documentation. -
Page 209: Adding H.350 Objects
DNS entry in the subject alternative name objectClass: h323Identity extension. objectClass: h235Identity To configure the VCS to use TLS on the connection to the LDAP objectClass: SIPIdentity server you must upload the CA’s certificate as a trusted CA commUniqueId: comm1 certificate. -
Page 210: Openldap
Grey Headline (continued) LDAP Configuration TANDBERG VIDEO COMMUNICATIONS SERVER ADMINISTRATOR GUIDE OpenLDAP Prerequisites Installing the H.350 Schemas These instructions assume that an OpenLDAP server has Copy the OpenLDAP files to the OpenLDAP schema directory: already been installed. For details on installing OpenLDAP see /etc/openldap/schemas/commobject.ldif... -
Page 211: Adding H.350 Objects
MeetingRoom1, an E.164 alias of 626262 and a SIP URI settings to take effect. of MeetingRoom@domain.com. The entry also has H.235 and To configure the VCS to use TLS on the connection to the LDAP SIP credentials of ID meetingroom1 and password mypassword server you must upload the CA’s certificate as a trusted CA... -
Page 212: Command Reference - Xconfiguration
To obtain information about the existing angle brackets. configuration on the VCS: • xConfiguration type to return all current configuration settings for the VCS. • xConfiguration <element> type return all current configuration for that particular element and all its sub-elements. The valid value for this •... - Page 213 Alternates Peer [1..6] Address: <S: 0, 128> Specifies the IP Address of one of the Peers in the Cluster to which this VCS belongs. A Cluster consists of up to 6 Peers, including the local VCS. Note: Clusters should be managed via TMS.
- Page 214 Grey Headline (continued) Command Reference - xConfiguration TANDBERG VIDEO COMMUNICATIONS SERVER ADMINISTRATOR GUIDE Applications Presence Server Mode: <On/Off> Enables and disables the SIMPLE Presence Server. Note: SIP Mode must also be enabled for the Presence Server to function. Default: Off...
- Page 215 Authentication Password: <S: 0, 215> Specifies the password to be used by the VCS when authenticating with another system, including when your VCS is a traversal client connecting to a traversal server. The maximum plaintext length is 128 characters, which will then be encrypted.
- Page 216 Bandwidth Downspeed PerCall Mode: <On/Off> Determines whether or not the VCS will attempt to downspeed a call if there is insufficient per-call bandwidth available to fulfill the request. On: the VCS will attempt to place the call at a lower bandwidth.
- Page 217 Determines the way in which the VCS will attempt to call systems which are not registered with it or one of its neighbors. Direct: Allows an endpoint to make a call to an unknown IP Address without the VCS querying any neighbors. The call setup would occur just as it would if the far end were registered directly to the local system.
- Page 218 Sets the URL of the External Manager. Default: tms/public/external/management/SystemManagementService.asmx xConfiguration ExternalManager Path: "tms/public/external/management/SystemManagementService.asmx" Example: H323 Gatekeeper AutoDiscovery Mode: <On/Off> Determines whether or not the VCS responds to gatekeeper discovery requests from endpoints. Default: On xConfiguration H323 Gatekeeper AutoDiscovery Mode: On Example: Overview and...
- Page 219 H323 Gatekeeper CallSignaling TCP Port: 1720 Example: H323 Gatekeeper CallTimeToLive: <60..65534> Specifies the interval (in seconds) at which the VCS polls the endpoints in a call to verify that they are still in the call. Default: 120 xConfiguration H323 Gatekeeper CallTimeToLive: 120 Example: H323 Gatekeeper Registration ConflictMode: <Reject/Overwrite>...
- Page 220 Off: the VCS will not act as a SIP-H.323 gateway. RegisteredOnly: the VCS will act as a SIP-H.323 gateway but only if at least one of the endpoints is locally registered. On: the VCS will act as SIP-H.323 gateway regardless of whether the endpoints are locally registered.
- Page 221 IP Route 1 Gateway: "192.168.0.0" Example: IP Route [1..50] Interface: <Auto/LAN1/LAN2> Specifies the LAN interface to use for this route. Auto: The VCS will select the most appropriate interface to use. Default: Auto xConfiguration IP Route 1 Interface: Auto Example: IP Route [1..50] PrefixLength: <0..128>...
- Page 222 Example: Option [1..64] Key: <S: 0, 90> Specifies the option key of your software option. These are added to the VCS in order to add extra functionality, such as increasing the VCS’s capacity. Contact your TANDBERG representative for further information.
- Page 223 Policy UserPolicy Server Password: <S: 0, 82> Specifies the password used by the VCS to log in and query the remote User Policy Manager. The maximum plaintext length is 30 characters, which will then be encrypted. xConfiguration Policy UserPolicy Server Password: "password123"...
- Page 224 SIP Domains Domain [1..20] Name: <S: 0, 128> Specifies a domain for which this VCS is authoritative. The VCS will act as a SIP Registrar and Presence Server for this domain, and will accept registration requests for any SIP endpoints attempting to register with an alias that includes this domain.
- Page 225 ADMINISTRATOR GUIDE SIP Mode: <On/Off> Determines whether or not the VCS will provide SIP registrar and SIP proxy functionality. This mode must be enabled in order to use either the Presence Server or the Presence User Agent. Default: On xConfiguration SIP Mode: On Example: SIP Registration ExpireDelta: <30..7200>...
- Page 226 Default: Off xConfiguration SNMP Mode: On Example: SNMP SystemContact: <S: 0, 70> Specifies the name of the person who can be contacted regarding issues with the VCS. xConfiguration SNMP SystemContact: "John Smith" Example: SNMP SystemLocation: <S: 0, 70> Specifies the physical location of the VCS.
- Page 227 SystemUnit Password: <S: 0, 65> Defines the password for the default 'admin' account. This account is used to log in to the VCS via Telnet, HTTP(S), SSH, SCP, and on the serial port. The maximum plaintext length is 16 characters, which will then be encrypted.
- Page 228 Traversal Media Port End: <1025..65533> For traversal calls (i.e. where the VCS is taking the media as well as the signaling), specifies the upper port in the range to be used for the media. Ports are allocated from this range in pairs, the first of each being even.
- Page 229 ADMINISTRATOR GUIDE Traversal Server Media Demultiplexing RTP Port: <1024..65534> Specifies the port on the VCS to be used for demultiplexing RTP media. Note: You must restart the system for any changes to take effect. Default: 2776 xConfiguration Traversal Server Media Demultiplexing RTP Port: 2776 Example: Traversal Server STUN Discovery Mode: <On/Off>...
- Page 230 Grey Headline (continued) Command Reference - xConfiguration TANDBERG VIDEO COMMUNICATIONS SERVER ADMINISTRATOR GUIDE Zones LocalZone DefaultSubZone Bandwidth PerCall Inter Mode: <Limited/Unlimited/NoBandwidth> Determines whether there is a limit on the bandwidth for any one call to or from an endpoint in the Default Subzone.
- Page 231 Grey Headline (continued) Command Reference - xConfiguration TANDBERG VIDEO COMMUNICATIONS SERVER ADMINISTRATOR GUIDE Zones LocalZone Match [1..5] Pattern Behavior : <Strip/Leave/Replace> Determines how the matched part of the alias will be modified. Strip: the matching prefix or suffix will removed from the alias.
- Page 232 Example: Zones LocalZone Traversal H323 Assent Mode: <On/Off> Determines whether or not H.323 calls using Assent mode for firewall traversal will be allowed. Applies to traversal-enabled endpoints registered directly with the VCS. Default: On xConfiguration Zones LocalZone Traversal H323 Assent Mode: On...
- Page 233 Zones LocalZone Traversal H323 TCPProbe KeepAliveInterval: <1..65534> Sets the interval (in seconds) with which a traversal-enabled endpoint registered directly with the VCS will send a TCP probe to the VCS once a call is established, in order to keep the firewall’s NAT bindings open.
- Page 234 Example: Zones LocalZone TraversalSubZone Bandwidth PerCall Limit: <1..100000000> Specifies the bandwidth limit (in kbps) applied to any one traversal call being handled by the VCS (applies only if Mode is set to Limited). Default: 1920 xConfiguration Zones LocalZone TraversalSubZone Bandwidth PerCall Limit: 1920 Example: Zones LocalZone TraversalSubZone Bandwidth PerCall Mode: <Limited/Unlimited/NoBandwidth>...
- Page 235 Zones Zone [1..200] DNS Interworking SIP EmptyInviteAllowed : <On/Off> Determines whether the VCS will generate a SIP INVITE message with no SDP to send to this zone. INVITES with no SDP mean that the destination device is asked to initiate the codec selection, and are used when the call has been interworked locally from H.323.
- Page 236 Grey Headline (continued) Command Reference - xConfiguration TANDBERG VIDEO COMMUNICATIONS SERVER ADMINISTRATOR GUIDE Zones Zone [1..200] HopCount: <1..255> Specifies the hop count to be used when sending an alias search request to this zone. Note: if the search request was received from another zone and already has a hop count assigned, the lower of the two values will be used.
- Page 237 Zones Zone [1..200] Neighbor Interworking SIP EmptyInviteAllowed : <On/Off> Determines whether the VCS will generate a SIP INVITE message with no SDP to send to this zone. INVITES with no SDP mean that the destination device is asked to initiate the codec selection, and are used when the call has been interworked locally from H.323.
- Page 238 Latching: The media is always taken for calls to and from this neighbor. It will be forwarded to the IP Address and port from which media from this neighbor is received. Auto: Media is only taken if the call is a traversal call. If this neighbor is behind a NAT the VCS will forward the media to the IP Address and port from which media from this zone is received (latching).
- Page 239 Zones Zone [1..200] TraversalClient SIP Port: <1024..65534> Specifies the port on the traversal server to be used for SIP calls from this VCS. If your traversal server is a VCS Expressway, this must be the port number that has been configured in the Traversal Server zone for this VCS.
- Page 240 Zones Zone [1..200] TraversalServer Authentication UserName: <S: 1, 128> The name used by the traversal client when authenticating with the traversal server. If the traversal client is a VCS, this must be the VCS’s Authentication User Name. If the traversal client is a gatekeeper, this must be the gatekeeper’s System Name.
- Page 241 Zones Zone [1..200] TraversalServer TCPProbe KeepAliveInterval: <1..65534> Sets the interval (in seconds) with which the traversal client will send a TCP probe to the VCS once a call is established, in order to keep the firewall’s NAT bindings open. Default: 20...
-
Page 242: Command Reference - Xcommand
The following pages list all the commands currently available on the VCS. To issue a command, type the command as shown, followed by one or more of the given parameters and values. The valid values for each parameter are indicated in the angle brackets following each parameter;... - Page 243 Access(r): <Account Disabled/Read Only/Read Write> Defines the Access level of an administration user who can login to the VCS Web interface. The Access determines whether the user can access the VCS, and if so whether they can change the configuration or just view it.
- Page 244 Grey Headline (continued) Command Reference - xCommand TANDBERG VIDEO COMMUNICATIONS SERVER ADMINISTRATOR GUIDE CheckBandwidth A diagnostic tool that returns the status and route (as a list of nodes and links) that a call of the specified type and bandwidth would take between two nodes. Note that this command does not change any existing system configuration.
- Page 245 Grey Headline (continued) Command Reference - xCommand TANDBERG VIDEO COMMUNICATIONS SERVER ADMINISTRATOR GUIDE CredentialDelete Deletes an entry from the local authentication database. CredentialId(r): <1..2500> The index of the credential to be deleted. xCommand CredentialDelete CredentialId: 2 Example: DefaultLinksAdd Restores links between the Default Subzone, Traversal Subzone and the Default Zone.
- Page 246 DomainName(r): <S: 1, 128> Specifies a domain for which this VCS is authoritative. The VCS will act as a SIP Registrar and Presence Server for this domain, and will accept registration requests for any SIP endpoints attempting to register with an alias that includes this domain.
- Page 247 Example: CallAttempt" FindRegistration Returns information about the registration associated with the specified alias. The alias must be registered on the VCS on which the command is issued. Alias(r): <S: 1, 60> The alias that you wish to find out about.
- Page 248 Grey Headline (continued) Command Reference - xCommand TANDBERG VIDEO COMMUNICATIONS SERVER ADMINISTRATOR GUIDE LinkAdd Adds and configures a new link. LinkName(r): <S: 1, 50> Assigns a name to this link. Node1: <S: 1, 50> Specifies the first zone or subzone to which this link will be applied.
- Page 249 Locate Alias: "john.smith@example.com" HopCount: 15 Protocol: SIP Example: OptionKeyAdd Adds a new option key to the VCS. These are added to the VCS in order to add extra functionality, such as increasing the VCS's capacity. Contact your TANDBERG representative for further information. Key(r): <S: 0, 90>...
- Page 250 Specifies the IP Address of the Gateway for this route. Interface: <Auto/LAN1/LAN2> Specifies the LAN interface to use for this route. Auto: The VCS will select the most appropriate interface to use. Default: Auto xCommand RouteAdd Address: "10.13.8.0" PrefixLength: 32 Gateway: "192.44.0.1"...
- Page 251 Grey Headline (continued) Command Reference - xCommand TANDBERG VIDEO COMMUNICATIONS SERVER ADMINISTRATOR GUIDE SubZoneAdd Adds and configures a new subzone. SubZoneName(r): <S: 1, 50> Assigns a name to this subzone. Address: <S: 0, 39> Specifies an IP Address used (in conjunction with the IP Prefix Length) to identify a subnet to be assigned to this subzone.
- Page 252 Determines the nature of the specified zone, in relation to the Local VCS. Neighbor: the new zone will be a neighbor of the Local VCS. TraversalClient: there is a firewall between the zones, and the Local VCS is a traversal client of the new zone. TraversalServer: there is a firewall between the zones and the Local VCS is a traversal server for the new zone. ENUM: the new zone contains endpoints discoverable by ENUM lookup.
- Page 253 Grey Headline (continued) Command Reference - xCommand TANDBERG VIDEO COMMUNICATIONS SERVER ADMINISTRATOR GUIDE ZoneList A diagnostic tool that returns the list of zones (grouped by priority) that would be queried, and any transforms that would be applied, in a search for a given alias. Note that this command does not change any existing system configuration.
-
Page 254: Command Reference - Xstatus
ADMINISTRATOR GUIDE Overview xStatus xStatus group of commands are used to return information about the current status of the VCS. Each element returns information about one or more sub-elements. xStatus The following pages list all the commands currently available on the VCS, and the information that is returned by each. - Page 255 Grey Headline (continued) Command Reference - xStatus TANDBERG VIDEO COMMUNICATIONS SERVER ADMINISTRATOR GUIDE SystemUnit: Product: TANDBERG VCS Uptime: <Time in seconds> SystemTime: <Time not set/date-time> TimeZone: <GMT or one of 300 other timezones> LocalTime: <local-date-time> Software: Version: X3.0 Build: <Number/Uncontrolled>...
- Page 256 Grey Headline (continued) Command Reference - xStatus TANDBERG VIDEO COMMUNICATIONS SERVER ADMINISTRATOR GUIDE Ethernet [1..2]: MacAddress: <S: 17> Speed: <10half/10full/100half/100full/1000full/down> IPv4: Address: <IPv4Addr> SubnetMask: <IPv4Addr> IPv6: Address: <IPv6Addr> Options: Option [1-64]: Key: <S: 1, 90> Description: <S: 1, 128> Protocol: <IPv4/IPv6/Both>...
- Page 257 Cause: {Visible if status is Failed} <Failed to connect to LDAP server / The LDAP server does not support TLS. / Failed to establish a TLS connection to the LDAP server. Please check that the LDAP server certificate is signed by a CA, and that CA is included on the CA certificate installed on the VCS. / Failed to authenticate with LDAP server / A valid CA certificate for the LDAP database has not been uploaded;...
- Page 258 Grey Headline (continued) Command Reference - xStatus TANDBERG VIDEO COMMUNICATIONS SERVER ADMINISTRATOR GUIDE ResourceUsage: Calls: Traversal: Current: <0..150> Max: <0..150> Total: <0..4294967295> NonTraversal: Current: <0..750> Max: <0..750> Total: <0..4294967295> Registrations: Current: <0..3750> Max: <0..3750> Total: <0..4294967295> Calls: Call <1..900>: SerialNumber: <S: 1,255>...
- Page 259 Grey Headline (continued) Command Reference - xStatus TANDBERG VIDEO COMMUNICATIONS SERVER ADMINISTRATOR GUIDE SIP: {visible if Protocol = SIP} Address: <IPv4Addr/[IPv6Addr]>:<1..65534> Transport: <UDP/TCP/TLS/undefined> Aliases: Alias [1..50]: Type: <URL> Value: <S: 1,60> EncryptionType: <None/DES/AES-128> CheckCode: <S: 1,60> {visible if Leg = H323 and call is interworked} Targets: Target [1..1]:...
- Page 260 Grey Headline (continued) Command Reference - xStatus TANDBERG VIDEO COMMUNICATIONS SERVER ADMINISTRATOR GUIDE Registrations: Registration [1..3750]: Protocol: <H323/SIP> Node: <S: 1,50 Node name> SerialNumber: <S: 1,255> CreationTime: <Date Time> Duration: <Time in seconds, precision in seconds> SecondsSinceLastRefresh: <1..65534> {Visible if Protocol is SIP} SecondsToExpiry <1..65534>...
- Page 261 Grey Headline (continued) Command Reference - xStatus TANDBERG VIDEO COMMUNICATIONS SERVER ADMINISTRATOR GUIDE Zones: DefaultZone: Name: “DefaultZone” Bandwidth: LocalUsage: <0..100000000> ClusterUsage: <0..100000000> Calls: {Section visible only if there are calls } Call [0..900]: {0..900 entries} CallId: <S: 1,255> LocalZone: DefaultSubZone: Name: “DefaultSubZone”...
- Page 262 Grey Headline (continued) Command Reference - xStatus TANDBERG VIDEO COMMUNICATIONS SERVER ADMINISTRATOR GUIDE SubZone: [0..100] Name: <S: 1,50 Node name> Bandwidth: LocalUsage: <0..100000000> ClusterUsage: <0..100000000> Registrations: {0..3750 entries} {Section visible only if there are registrations } Registration: <1..3750> SerialNumber: <S: 1,255>...
- Page 263 Grey Headline (continued) Command Reference - xStatus TANDBERG VIDEO COMMUNICATIONS SERVER ADMINISTRATOR GUIDE SIP: {Visible if SIP Mode=On for Zone} Status: <Unknown/Active/Failed> Cause: {Visible if Status is Failed} <No response from gatekeeper/DNS resolution failed/Invalid IP address> Address: <IPv4Addr/IPv6Addr> {One Address line per address from DNS lookup} Port: <1..65534>...
- Page 264 Grey Headline (continued) Command Reference - xStatus TANDBERG VIDEO COMMUNICATIONS SERVER ADMINISTRATOR GUIDE Peer [1..6]: H323: {Visible if H323 Mode=On for Zone} Status: Active Address: <IPv4Addr/IPv6Addr> {One Address line per address from DNS lookup} Port: <1..65534> LastStatusChange: <Time not set/Date Time>...
- Page 265 Grey Headline (continued) Command Reference - xStatus TANDBERG VIDEO COMMUNICATIONS SERVER ADMINISTRATOR GUIDE Calls: Call [0..900]: {0..900 entries} CallID: <S: 1,255> Alternates: Peer [1..6]: {Hidden for Peer [n] when Peer [n] is self} Status: <Active/Failed/Unknown> Cause: {Visible if status is Failed} <No response from gatekeeper/DNS resolution failed/Invalid IP address>...
- Page 266 Grey Headline (continued) Command Reference - xStatus TANDBERG VIDEO COMMUNICATIONS SERVER ADMINISTRATOR GUIDE Assent: CallSignaling: Status: <Active/Inactive/Failed> IPv4: {Visible if Status=Active} Address: <IPv4Addr> {1..2 entries} IPv6: {Visible if Status=Active} Address: <IPv6Addr> {1..2 entries} H46018: CallSignaling: Status: <Active/Inactive/Failed> IPv4: {Visible if Status=Active} Address: <IPv4Addr>...
- Page 267 Grey Headline (continued) Command Reference - xStatus TANDBERG VIDEO COMMUNICATIONS SERVER ADMINISTRATOR GUIDE IPv6: UDP: Status: <Active/Inactive/Failed> Address: <IPv6Addr> TCP: Status: <Active/Inactive/Failed> Address: <IPv6Addr> TLS: Status: <Active/Inactive/Failed> Address: <IPv6Addr> STUN: Servers: Discovery: Status: <Active/Inactive> Address: <IPv4Addr/IPv6Addr> Relay: Status: <Active/Inactive> Address: <IPv4Addr/IPv6Addr>...
- Page 268 Grey Headline (continued) Command Reference - xStatus TANDBERG VIDEO COMMUNICATIONS SERVER ADMINISTRATOR GUIDE Warnings: Warning [1..n]: Value: <S: 1,255> Applications: Presence: UserAgent: Status: <Inactive/Initializing/Active/Failed> Presentity: Count: <0..2500> Server: Publications: Presentities: Count: <0..10000> Max: <0..10000> Presentity [1..10000]: URI: <S: 1,255> Document: Count: <1..10>...
- Page 269 Grey Headline (continued) Command Reference - xStatus TANDBERG VIDEO COMMUNICATIONS SERVER ADMINISTRATOR GUIDE Presentities: Count: <0..10000> Max: <0..10000> Presentity [1..10000]: URI: <S: 1,255> Subscriber: Count: <1..100> Overview and System Zones and Call Bandwidth Firewall Introduction Getting Started Applications Maintenance Appendices...
-
Page 270: Bibliography
RFC 3261: SIP: Session Initiation Protocol http://www.ietf.org/rfc/rfc3261.txt RFC 3489: STUN - Simple Traversal of User Datagram Protocol (UDP) Through Network Address Translators (NATs) http://www.ietf.org/rfc/rfc3489.txt XML and Writing CPL for TANDBERG Infrastructure products Rev 1.2 http://www.tandberg.com/collateral/documentation/Application_ Programmer_Interfaces/XML%20and%20Writing%20CPL%20for%20 TANDBERG%20Infrastructure%20Products.pdf Management Information Base for Network Management of TCP/IP-based internets: MIB-II http://www.ietf.org/rfc/rfc1213.txt... -
Page 271: Glossary
A type of DNS record that maps a domain name to an IPv6 address. Administrator Policy In relation to the VCS, the set of rules configured system-wide (either via the web interface or CPL script) that determine the action(s) to be applied to calls matching a given criteria. - Page 272 Secure Socket Layer Hop count The maximum number of gatekeeper or SIP proxy devices (e.g. a VCS) that a message may be forwarded through before it is decided that its intended recipient is not reachable. A collaborative algorithm that works together with STUN services (and other NAT traversal techniques) to allow clients to achieve firewall traversal. This is the Interactive Connectivity Establishment emerging traversal standard for use by SIP endpoints (although it could be used for other protocols).
- Page 273 Local Zone A relative term used to refer to the group of endpoints and other systems registered to a particular VCS. If a VCS is part of a cluster, the Local Zone refers to the collection of all endpoints and other systems registered to all Peers in that cluster.
- Page 274 A zone on a VCS Traversal Client that has been used to configure a connection to a particular Traversal Server. Traversal Server A traversal entity on the public side of a firewall. Examples are the TANDBERG Border Controller and the TANDBERG VCS Expressway. Traversal Server Zone A zone on a VCS Traversal Server that has been used to configure a connection to a particular Traversal Client.
- Page 275 A VCS whose main function is to act as a gatekeeper, SIP proxy and firewall traversal client. This system will generally be located within the firewall. VCS Expressway A VCS with the same functionality as a VCS Control that can also act as a firewall traversal server. This will generally be located outside the firewall. Zone Zones are used on the VCS to define and configure connections to locally registered and external systems and endpoints.
-
Page 276: Contact Information
Philip Pedersens vei 20, 1366 Lysaker, Norway Telephone: +47 67 125 125 Fax: +47 67 125 234 Video: +47 67 126 126 E-mail: tandberg@tandberg.com U.S. HEADQUARTERS 1212 Avenue of the Americas 24th Floor, New York, NY 10036 Telephone: +1 212 692 6500...