Avaya IP Office SIP Phones User Manual

IP Office SIP Phones with ASBCE
Release 11.1 FP1
Issue 3
February 2021

Contents

Chapter 1: Purpose................................................................................................................... 4
Example schematic.................................................................................................................  4
Chapter 2: IP Office Configuration.......................................................................................... 6
SIP VoIP Setup.......................................................................................................................  6
Password complexity rules....................................................................................................... 8
Creating users........................................................................................................................  9
Creating SIP Extensions........................................................................................................  10
Setting the one-X Portal for IP Office XMPP Domain................................................................  11
Chapter 3: Certification overview.......................................................................................... 12
Downloading the IP Office root certificate................................................................................  12
Generating an IP Office identity certificate...............................................................................  13
one-X Portal for IP Office identity certificate............................................................................. 13
Generating an identity certificate for the portal server.........................................................  14
Installing a one-X Portal for IP Office identity certificate......................................................  15
Generating an identity certificate for the ASBCE......................................................................  16
Extracting the ASBCE private key and identity certificate..........................................................  17
Adding the IP Office Root CA to the ASBCE............................................................................ 18
Adding the ASBCE identity certificate...................................................................................... 19
Chapter 4: ASBCE Configuration overview.......................................................................... 20
Firewall configuration............................................................................................................. 21
Firewall Address Translation..................................................................................................  21
Changing the default listen port range..................................................................................... 22
Enabling the internal/external interfaces..................................................................................  22
Creating a TLS profile............................................................................................................ 23
Creating the media interfaces................................................................................................. 24
Creating a server profile......................................................................................................... 25
Creating server routing..........................................................................................................  26
Creating a Topology Hiding....................................................................................................  27
Configuring User Agent Profiles.............................................................................................. 27
Creating a subscriber flow...................................................................................................... 28
Creating a Server Flow..........................................................................................................  29
Create application relays........................................................................................................ 30
Adding an application relay for one-X Mobile Preferred....................................................... 30
Adding an reverse proxy for Avaya Workplace Client.......................................................... 31
Chapter 5: Configuring DNS server......................................................................................  33
Chapter 6: Client behavior.....................................................................................................  34
February 2021 IP Office SIP Phones with ASBCE 2
Comments on this document? infodev@avaya.com
Contents
Ports and DNS Queries.........................................................................................................  34
Avaya Communicator for Windows.........................................................................................  35
Avaya Communicator for iPad................................................................................................  37
one-X Mobile Preferred for Android......................................................................................... 38
one-X Mobile Preferred for iOS............................................................................................... 39
Avaya Workplace..................................................................................................................  41
Checking settings for Avaya Workplace............................................................................. 42
Chapter 7: Configuration for WebRTC overview.................................................................  44
Creating application relays.....................................................................................................  45
Configuring a STUN/TURN Service........................................................................................  45
Configuring the WebRTC Gateway.........................................................................................  46
Chapter 8: Remote SIP Deskphones overview....................................................................  48
Provisioning the Deskphones.................................................................................................  49
Remote Worker NoUser Source Numbers...............................................................................  49
Configuring application rules..................................................................................................  50
Configuring media rules.........................................................................................................  51
Configuring signalling rules....................................................................................................  52
Configuring endpoint policy groups.........................................................................................  52
Chapter 9: ASBCE and IP Office resilience overview.......................................................... 53
Resiliency Schematic............................................................................................................. 54
Generating an Identity Certificate for the Secondary Server......................................................  55
Installing the Secondary Server's Identity Certificate................................................................  56
Configuring the one-X Portal for IP Office................................................................................  57
Configuring the ASBCE.........................................................................................................  57
Configuring the DNS.............................................................................................................. 57
Checking Operation............................................................................................................... 58
DNS Routing................................................................................................................... 58
Portal Responses............................................................................................................ 59
Viewing an SBC Trace..................................................................................................... 60
Chapter 10: Related resources.............................................................................................. 63
Finding documents on the Avaya Support website...................................................................  63
Viewing Avaya Mentor videos................................................................................................. 63
Support................................................................................................................................  64
Using the Avaya InSite Knowledge Base........................................................................... 64
Additional IP Office resources........................................................................................... 65
Document History.................................................................................................................. 66
February 2021 IP Office SIP Phones with ASBCE 3
Comments on this document? infodev@avaya.com

Chapter 1: Purpose

This document is for IP Office release R11.1 FP1 and Avaya Session Border Controller for Enterprise (ASBCE) Release 7.2. It looks at examples of supporting Avaya SIP clients and remote SIP desk phones when also using an ASBCE server.
Supported SIP Clients Supported Remote SIP
Deskphones
• Avaya Workplace clients
• Avaya Communicator for
Windows
• Avaya Communicator for iPad
• Avaya one-X Mobile Preferred
for Android
• Avaya one-X Mobile Preferred
for iOS
• 1120, 1140, 1220, 1230
• E129
• H175
• J100 Series
• Vantage K100 Series
• These are just examples used to illustrate how the different components interact and exchange information. Actual installations will have different requirements specific to the individual customer sites. Refer to the Avaya Session Border Controller for Enterprise manuals for details.
• This document should be used in conjunction with the documentation.
• For IP Office Release 11.1 FP1 and higher, an IP Office server running WebLM can act as the server for ASBCE licenses.
Related links
Example schematic on page 4
Other
• WebRTC
IP Office SIP Phone Installation Notes

Example schematic

The deployment example used in the first parts of this document is as follows:
February 2021 IP Office SIP Phones with ASBCE 4
Comments on this document? infodev@avaya.com
Example schematic
The IP Office is the SIP registrar for telephony services. The one-X Portal for IP Office service connects to the IP Office and in this scenario acts as the XMPP presence provider for the users.
The ASBCE sits on the edge of the customer's network with both internal and external IP interfaces. Using these, it acts as the gateway for SIP traffic into and out of the network.
When used internally, SIP clients register to the IP Office directly. When used externally, the SIP clients connect to the ASBCE. This is achieved using Split DNS. That automatically resolves the FQDNs to the internal IP address of the IP Office or the public IP address of the ASBCE depending on where the clients is currently located.
It assumes that the IP Office is an IP Office Server Edition or IP Office Select primary server. This means it hosts the IP Office and Avaya one-X® Portal for IP Office services on the same physical or virtual server. Therefore in this case they share the same IP address. They could also use the same single FQDN for the IP Office SIP domain and Avaya one-X® Portal for IP Office XMPP domain, however for this example we have used separate addresses for the domains to better illustrate their usage.
Related links
Purpose on page 4
February 2021 IP Office SIP Phones with ASBCE 5
Comments on this document? infodev@avaya.com

Chapter 2: IP Office Configuration

This section provides a general summary of the IP Office settings relevant to SIP softphone operation.
Related links
Licenses and Subscriptions on page 6 SIP VoIP Setup on page 6 Password complexity rules on page 8 Creating users on page 9 Creating SIP Extensions on page 10 Creating Presence Groups (XMPP) on page 10 Setting the one-X Portal for IP Office XMPP Domain on page 11

Licenses and Subscriptions

The IP Office does not require any additional licenses to support operation with an (ASBCE). The phones and applications connected to the IP Office via the ASBCE require the same licenses or subscriptions as for local operation.
• For IP Office Release 11.1 FP1 and higher, an IP Office server running WebLM can act as the server for ASBCE licenses.
Related links
IP Office Configuration on page 6

SIP VoIP Setup

Procedure
1. Using IP Office Manager, load the IP Office configuration.
2. Click System.
February 2021 IP Office SIP Phones with ASBCE 6
Comments on this document? infodev@avaya.com
SIP VoIP Setup
3. Select the LAN1 tab.
Field Description
SIP Registrar Enable Selecting this option allows SIP devices to register with the IP Office.
SIP Remote Extn Enable
SIP Domain Name Set this to the domain that SIP clients need to use for registration.
SIP Registrar FQDN Set this to the fully qualified domain name for SIP connections to the IP
Layer 4 Protocol Check the required Layer 4 protocols and set relevant ports. In this
Deselect this option. The ASBCE handles the remote extension connections, so the IP Office does not need to handle their NAT requirements.
Office server.
example TLS has been enabled in addition to the default UDP and TCP.
4. Select the VoIP sub-tab.
Enable Allow Direct Media With NAT Location checkbox.
• You must ensure that the Crypto Suites selection and order configured on the IP Office and the ASBCE match. See Configuring media rules on page 51.
• Selecting this option allows direct media to be attempted between devices that reside on the same side of any NAT that may be occurring.
February 2021 IP Office SIP Phones with ASBCE 7
Comments on this document? infodev@avaya.com
IP Office Configuration
• Direct media may still not be possible if there are codec or other VoIP setting mismatches.
5. Go to VoIP Security tab and set the Media Security to Preferred.
6. Click OK.
7. Save the configuration.
Related links
IP Office Configuration on page 6

Password complexity rules

About this task
The default IP Office user password complexity requirements are that passwords must be at least 9 characters which must be a mix of alphanumeric characters and no consecutive characters. There are some SIP softphone clients that only all the entry of numeric passwords. If that is the case, you must decide if you want to continue supporting those clients, since the process to enable number only user passwords significantly reduces the security of the IP Office system.
Warning:
This process should only be used if absolutely necessary. It reduces the password security for all user access to the IP Office system and does so in a scenario where external access is also being configured.
Procedure
1. Using IP Office Manager, select File > Advanced Settings File > Security.
2. Select the primary server and click OK. Login with an administrator account.
3. Select General.
4. Set the Minimum Password Complexity to Low. This allows the use of passwords
containing only digits.
5. Click OK.
6.
Click
Related links
IP Office Configuration on page 6
save icon.
February 2021 IP Office SIP Phones with ASBCE 8
Comments on this document? infodev@avaya.com

Creating users

About this task
Use the process below to create a new user or to amend the settings of any existing users.
Procedure
1. Using IP Office Manager, load the IP Office configuration. Select the primary server configuration.
2. Select User.
3.
Click on the icon and select User.
4. Select the User tab and set the following:
Field Description
Name This is the short name for the user. It is the user's user name for client
login. It only displayed in applications if the Full Name (below) is not set.
Password This field is used to login to IP Office user applications. It may be
necessary to digits only as not all clients support the entry of alphanumeric passwords. If so, the IP Office security settings have to also be adjusted to permit this, see Password complexity rules on page 8.
Extension This is the user's extension number.
Full Name This is the full name of the user. This is name displayed within
applications and on phone calls.
Profile Select the profile that supports the applications and features the user
wants to use. Refer to the appropriate IP Office installation manual for the application.
Creating users
5. Select the Voicemail tab.
Enter and confirm a Voicemail Code. This is the pin code used for voicemail mailbox access.
6. Click OK.
7. Depending on the selected profile, IP Office Manager may insist that other user configuration fields are set. Follow the instructions given by IP Office Manager.
8. If the extension number doesn't match any existing extension, IP Office Manager prompts you whether it should create an extension. Select SIP Extension and click OK.
9. Save the configuration.
Related links
IP Office Configuration on page 6
February 2021 IP Office SIP Phones with ASBCE 9
Comments on this document? infodev@avaya.com
IP Office Configuration

Creating SIP Extensions

About this task
Each SIP softphone requires a user and an extension entry in the IP Office configuration. If users have been created without a SIP extension, use the following process to add the necessary extensions.
Procedure
1. Using IP Office Manager, load the IP Office configuration.
2. Select Extension.
3.
Click on the
4. In Base Extension, enter the extension number. This associates the extension entry with the user who has the same extension number.
5. Click OK.
6. Save the configuration.
Related links
IP Office Configuration on page 6
icon and select SIP Extension.

Creating Presence Groups (XMPP)

About this task
The Avaya one-X® Portal for IP Office acts as an XMPP server to provide presence indication to selected users. Within the IP Office configuration, XMPP groups are used to control which users can see each other's presence.
Procedure
1. Using IP Office Manager, load the IP Office configuration.
2. Select Group
3.
Click the icon and select Hunt Group.
4. Select the Group tab and set the following:
a. Enter the name of the group in Name.
b. Select XMPP Group in Profile.
c. Under the User List click Edit.
d. Select and append all the users who you want to be able to share their presence with
each other.
e. Click OK.
February 2021 IP Office SIP Phones with ASBCE 10
Comments on this document? infodev@avaya.com

Setting the one-X Portal for IP Office XMPP Domain

5. Click OK.
6. Save the configuration.
Related links
IP Office Configuration on page 6
Setting the one-X Portal for IP Office XMPP Domain
About this task
The Avaya one-X® Portal for IP Office needs to be configured with its fully qualified domain names. It supports several different domain names, for use by the different functions that it provides (portal host, XMPP domain and web collaboration domain). Whilst these can differ if required, for this example we are using the same FQDN for each function.
Procedure
1. Login to the one-X Portal for IP Office administrator menus, either:
• Within IP Office Web Manager, select Applications > one-X Portal.
• Browse to https://<portal IP address>:9443/onexportal-admin.html and login as the an administrator.
2. Select Configuration > IM/Presence.
a. Set the XMPP Domain Name. In this example we are using onex.example.com.
b. Click Save.
3. Select Configuration > Host Domain Name.
a. Set the Host Domain Name. In this example we are again using onex.example.com.
b. Set the Web Collaboration Domain Name. In this example we are again using
onex.example.com.
c. Click Save.
4.
Click on the icon at the top of the menus to restart the portal service.
Related links
IP Office Configuration on page 6
February 2021 IP Office SIP Phones with ASBCE 11
Comments on this document? infodev@avaya.com

Chapter 3: Certification overview

The examples in this document assumes that the IP Office system's own self-signed certificate is being used. In that case, the ASBCE needs to have a copy of both the IP Office certificate and also an identity certificate issued for it by the IP Office.
If the Avaya one-X® Portal for IP Office is running on a separate IP Office Application Server, that too requires an identity certificate issued by the IP Office.
Related links
Downloading the IP Office root certificate on page 12 Generating an IP Office identity certificate on page 13 one-X Portal for IP Office identity certificate on page 13 Generating an identity certificate for the ASBCE on page 16 Extracting the ASBCE private key and identity certificate on page 17 Adding the IP Office Root CA to the ASBCE on page 18 Adding the ASBCE identity certificate on page 19

Downloading the IP Office root certificate

About this task
A copy of the IP Office root certificate is needed. It will be loaded onto the ASBCE.
Procedure
1. Login to the IP Office Web Control menus by either:
From within IP Office Web Manager, select the primary server. Click on and select Platform View.
• Browse to https://<IP Office IP address>:7071 and login as the Administrator.
2. Select the Settings tab and scroll down to Certificates.
3. Under CA Certificate, click on Download (PEM-encoded) and save the file to your PC.
4. Rename the file as IPO_RootCA.crt.
Related links
Certification overview on page 12
February 2021 IP Office SIP Phones with ASBCE 12
Comments on this document? infodev@avaya.com

Generating an IP Office identity certificate

Generating an IP Office identity certificate
About this task
Login to the IP Office Web Control menus by either:
Procedure
1. Login to the IP Office Web Control menus by either:
From within IP Office Web Manager, select the primary server. Click on and select Platform View.
• Browse to https://<IP Office IP address>:7071 and login as the Administrator.
2. Select the Settings tab and scroll down to Certificates.
3. Enter the following data:
a. Subject Name: Enter the FQDN of the IP Office SIP domain.
b. Subject Alternative Name(s): Enter comma separate DNS:<FQDN> and IP:<IP
address> entries.
These should include entries for the FQDNs of the Avaya one-X® Portal for IP Office, XMPP Domain, IP Office SIP FQDNs and IP Office LAN IP addresses LAN1 and/or LAN2) on which extensions are connecting.
4. Click Regenerate and Apply.
5. In the pop-up window click Yes.
Related links
Certification overview on page 12

one-X Portal for IP Office identity certificate

These processes are only required if the Avaya one-X® Portal for IP Office is run on a separate IP Office Application Server. If that is the case, the portal requires its own identity certificate.
• Generating an Identity Certificate for the Portal Server
• Installing a Avaya one-X® Portal for IP Office Identity Certificate
Related links
Certification overview on page 12 Generating an identity certificate for the portal server on page 14 Installing a one-X Portal for IP Office identity certificate on page 15
February 2021 IP Office SIP Phones with ASBCE 13
Comments on this document? infodev@avaya.com
Certification overview

Generating an identity certificate for the portal server

About this task
This stage is only required if the Avaya one-X® Portal for IP Office is run on a separate IP Office Application Server. If that is the case, the portal requires its own identity certificate.
Procedure
1. Login to the IP Office Web Control menus by either:
From within IP Office Web Manager, select the primary server. Click on Platform View.
• Browse to https://<IP Office IP address>:7071 and login as the Administrator.
2. Go to Settings tab and scroll down to Certificates.
3. Check Create certificate for a different machine.
4. Enter the following data:
and select
a. In Machine IP enter the IP address of the portal server.
b. In Password enter a password to encrypt the certificate and key.
Note:
Note that if any special characters are used in the password, to enter that password at the command line requires the character to be prefixed with a \. For example, a @ in the password would be typed as \@ at the command line.
c. In Subject Name enter the FQDN of the portal server.
d. In Subject Alternative Name(s) enter comma separate DNS:<FQDN> and IP:<IP
address> values for the portal's domain names and IP addresses.
5. Click Regenerate.
6. Click on the link in the popup window and save the file. Rename the downloaded file to ONEX_ID.p12.
Next steps
You can now add the identity certificate to the Avaya one-X® Portal for IP Office server.
February 2021 IP Office SIP Phones with ASBCE 14
Comments on this document? infodev@avaya.com
one-X Portal for IP Office identity certificate
Related links
one-X Portal for IP Office identity certificate on page 13

Installing a one-X Portal for IP Office identity certificate

About this task
Having created an identity certificate for the IP Office Application Server , it needs to be installed on the server.
Procedure
1. Browse to https://<IP Office IP address>:7070 and login as the Administrator.
2. Select Security Manager > Certificates.
3.
Click on the icon.
4. Click Set.
5. Browse to the location of the identity file created for the portal server.
6. Enter the certificate password.
7. Click Upload.
Related links
one-X Portal for IP Office identity certificate on page 13
February 2021 IP Office SIP Phones with ASBCE 15
Comments on this document? infodev@avaya.com
Certification overview

Generating an identity certificate for the ASBCE

About this task
In addition to the IP Office root certificate, we also need to provide the ASBCE with an identity certificate. This certificate needs to include FQDN and IP address information for all the IP Office servers and services for which the ASBCE will be handling traffic.
Procedure
1. Login to the IP Office Web Control menus by either:
From within IP Office Web Manager, select the primary server. Click on Platform View.
• Browse to https://<IP Office IP address>:7071 and login as the Administrator.
2. Go to Settings tab and scroll down to Certificates.
3. Check Create certificate for a different machine.
4. Enter the following data:
and select
a. In Machine IP enter the external IP address of the ASBCE.
b. In Password enter a password to encrypt the certificate and key.
Note:
Note that if any special characters are used in the password, to enter that password at the command line requires the character to be prefixed with a \. For example, a @ in the password would be typed as \@ at the command line.
c. In Subject Name enter the FQDN of the ASBCE.
d. In Subject Alternative Name(s) enter comma separate values for the DNS:<FQDN>
and IP:<IP address>.
Note:
If you were using different FQDNs for Avaya one-X® Portal, IP Office, XMPP and SIP domains, enter all FQDNs as a comma separated list of DNS entries in the Subject Alternate Name.
5. Click Regenerate.
6. Click on the link in the popup window and save the file.
7. Rename the downloaded file to SBCE_ID.p12.
Related links
Certification overview on page 12
February 2021 IP Office SIP Phones with ASBCE 16
Comments on this document? infodev@avaya.com

Extracting the ASBCE private key and identity certificate

Extracting the ASBCE private key and identity certificate
About this task
The IP Office identity certificate created for the ASBCE is a single file. For the ASBCE configuration it needs to be split into two files.
Procedure
1. Using WinSCP, connect to the ASBCE management IP address using port 222 and the ipcs login.
2. Copy the IP Office identity certificate created for the ASBCE (SBCE_ID.p12) to the ASBCE /tmp directory.
3. SSH to the ASBCE management IP using port 222 and ipcs login.
4. Enter the command sudo su and type the root password.
5. Enter the following commands. When prompted for a password or PEM pass phrase, enter the password specified when generating an identity certificate for the ASBCE.
Note:
If any special characters are used in the password, to enter that password at the command line requires the character to be prefixed with a \. For example, a @ in the password would be typed as \@ at the command line.
a. cd /tmp
b. openssl pkcs12 -in SBCE_ID.p12 -out SBCE_ID.crt
c. openssl pkcs12 -nocerts -in SBCE_ID.p12 -out SBCE_ID.key
The whole sequence should look similar to the following:
[root@sbce ipcs]# cd /tmp
[root@sbce tmp]# openssl pkcs12 -in SBCE_ID.p12 -out SBCE_ID.crt
Enter Import Password: ********
MAC verified OK
Enter PEM pass phrase: ********
Verifying - Enter PEM pass phrase: ********
[root@sbce tmp]# openssl pkcs12 -nocerts -in SBCE_ID.p12 -out SBCE_ID.key
Enter Import Password: ********
MAC verified OK
Enter PEM pass phrase: ********
Verifying - Enter PEM pass phrase: ********
February 2021 IP Office SIP Phones with ASBCE 17
Comments on this document? infodev@avaya.com
Certification overview
6. Copy the new SBCE_ID.crt and SBCE_ID.key files from ASBCE to your PC
7. The SBCE_ID.crt file contains the ID certificate we generated for ASBCE , the IP Office root CA certificate, and the private key.
To be able to properly import this file to the ASBCE, the CA certificate and the private key must be removed from this file.
a. Open SBCE_ID.crt in WordPad on your PC.
b. Remove all lines except those which are between the first BEGIN CERTIFICATE and
END CERTIFICATE lines. The resulting file should look similar to the following:
Related links
Certification overview on page 12

Adding the IP Office Root CA to the ASBCE

Procedure
1. Login to ASBCE web interface.
2. Go to TLS Management > Certificates .
3. Click Install.
a. Type: Select CA Certificate.
b. Name: Enter a descriptive name for the root CA certificate.
c. Allow Weak Certificate/Key: Enable this option.
d. Certificate File: Click Choose File and select the IPO_RootCA.crt file.
4. Click Upload.
A warning that this is a self-signed certificate will be displayed.
5. Click Proceed.
February 2021 IP Office SIP Phones with ASBCE 18
Comments on this document? infodev@avaya.com
The certificate is displayed.
6. Click Install and then Finish.
Related links
Certification overview on page 12

Adding the ASBCE identity certificate

Procedure
1. Login to ASBCE web interface.
2. Go to TLS Management > Certificates.
3. Click Install.
a. In Type select Certificate.
b. In Name enter a descriptive name for the certificate.
c. In Certificate File click Choose File and select SBCE_ID.crt.
Adding the ASBCE identity certificate
d. In Trust Chain File leave this field empty.
e. In Key select Upload Key File.
f. In Key File click Choose File and open SBCE_ID.key.
4. Click Upload. The certificate is displayed.
5. Click Install and then Finish.
6. Using Ssh, access the ASBCE Management IP address using port 222 and the ipcs login.
a. Enter the command sudo su and enter the root password.
b. Enter the following commands, replacing ******** with the password set when
generating the ID certificate for the ASBCE:
cd /usr/local/ipcs/cert/key
enc_key SBCE_ID.key ********
Note:
If any special characters are used in the password, to enter that password at the command line requires the character to be prefixed with a \. For example, a @ in the password would be typed as \@ at the command line.
Related links
Certification overview on page 12
February 2021 IP Office SIP Phones with ASBCE 19
Comments on this document? infodev@avaya.com

Chapter 4: ASBCE Configuration overview

This section looks at the specific ASBCE configuration required for the example schematic
Related links
Firewall configuration on page 21 Firewall Address Translation on page 21 Changing the default listen port range on page 22 Enabling the internal/external interfaces on page 22 Creating a TLS profile on page 23 Creating the media interfaces on page 24 Creating the signaling interfaces on page 25 Creating a server profile on page 25 Creating server routing on page 26 Creating a Topology Hiding on page 27 Configuring User Agent Profiles on page 27 Creating a subscriber flow on page 28 Creating a Server Flow on page 29 Create application relays on page 30
February 2021 IP Office SIP Phones with ASBCE 20
Comments on this document? infodev@avaya.com

Firewall configuration

Procedure
1. Allow Layer 3 NAT only, disable all SIP aware functionality, ALG, and so on.
2. Forward the TCP signaling ports to the B1 interface of the ASBCE which are needed for the given clients.
3. Forward the RTP ports to the B1 interface of the ASBCE. The port range can be found on the external Media Interface of the ASBCE, by default it is UDP 35000-40000. See
Creating the media interfaces on page 24
TCP 5061 SIP
TCP 5222 XMPP
TCP 9443 WebRTC, REST, XMPP
TCP 7443 BOSH/XMPP
TCP 80 HTTP
TLS 443 HTTPS
UDP 3478 STUN
UDP 50000-55000 RTP relay
UDP 35000-40000 RTP media
Firewall configuration
Related links
ASBCE Configuration overview on page 20

Firewall Address Translation

This process applies NAT between the IP address and Public IP address settings.
Procedure
1. Go to Device Specific Settings > Network Management.
2. Go to the Network Configuration tab.
3. Click Edit at the external interface.
4. Enter the following data:
Field Description
Default Gateway Gateway IP address for the external interface.
Subnet Mask IP mask for the external interface.
IP Address IP address of the external interface.
Public IP External IP address of the Firewall.
5. Click Finish.
February 2021 IP Office SIP Phones with ASBCE 21
Comments on this document? infodev@avaya.com
Loading...
+ 46 hidden pages