Mitel 6000 Handbook
6000 Managed Application Server
(MAS)
Technician's Handbook - Release 5.6
by Mitel Networks Corporation
6000 Managed Application Server (MAS): Technician's Handbook Release 5.6
by Mitel Networks Corporation
Published October 2002
Copyright © 2002 Mitel Networks Corporation
The Mitel Networks logo is a trademark of Mitel Networks Corporation in the United States and other countries. Linux is a registered trademark
of Linus Torvalds. The terms "ssh" and "Secure Shell" are trademarks of SSH Communications Security Corp. Trend Micro is a registered trademark of Trend Micro Incorporated. All other trademarks are the property of their respective holders.
Table of Contents
1.Introduction...............................................................................................................................
1.1.About This Handbook .......................................................................................................1
1.1.1. Who This Handbook is Written For ........................................................................... 1
1.1.2. Where You Can Find More Information .....................................................................1
1.1.3. About Our Test Company: The Pagan Vegan .............................................................. 1
1.2.Aboutthe 6000 MAS ........................................................................................................ 1
1.2.1.The AMC .............................................................................................................2
1.3. Software Licensing Terms and Conditions ............................................................................3
1.4.What's New .....................................................................................................................3
1.4.1.Features ...............................................................................................................3
2.Software Blades .........................................................................................................................
2.1.Managing Blades .............................................................................................................4
3.Hardware Installation ..................................................................................................................
3.1. Hardware Requirements of the 6000 MAS Host Computer ....................................................... 7
3.1.1. Hardware Requirements for a Category 1 Server .......................................................... 7
3.1.2. Hardware Requirements for a Category 2 Server .......................................................... 8
3.1.3. Hardware Requirements for a Category 3 Server .......................................................... 9
3.1.4. Hardware Requirements for a Category 4 Server .......................................................... 9
3.2.Hardware Compatibility ....................................................................................................10
4.Purchasing and Registration ..........................................................................................................
4.1.Ordering Products ............................................................................................................11
4.2.Registering a Server ..........................................................................................................11
4.3.Registeringa Teleworker Server ......................................................................................... 12
4.4.EnablingAdditional ServiceLink Services ............................................................................ 13
4.5. Moving a Server or Deactivating Services ............................................................................. 14
5.SoftwareInstallation and Configuration ..........................................................................................
5.1.LicensingTerms and Conditions .........................................................................................15
5.2.RAID1Support (Disk Mirroring) ........................................................................................ 15
5.2.1.Software Mirroring ................................................................................................15
5.2.2.Hardware Mirroring ...............................................................................................16
5.3. Upgrading From A Previous Version ................................................................................... 16
5.4.Installing the Software ......................................................................................................17
5.5.Configuring your Server ....................................................................................................18
5.6.SettingYour Administrator Password ...................................................................................18
5.7. Configuring Your System Name and Domain Name ............................................................... 19
5.8.ConfiguringYour Local Network ........................................................................................19
5.8.1. Selecting Your Local Ethernet Adapter ......................................................................19
5.8.2.ConfiguringLocal Network Parameters .....................................................................19
5.9.Operation Mode ...............................................................................................................20
5.9.1. Option 1: Server and Gateway Mode ......................................................................... 20
5.9.2. Option 2: Private Server and Gateway ........................................................................ 20
5.9.3.Option3: Server-Only Mode .................................................................................... 20
5.10. Configuring Server and Gateway Mode ..............................................................................21
5.10.1. Server and Gateway Mode - Dedicated ..................................................................... 21
5.10.2. Server and Gateway Mode - Dialup Access ............................................................... 24
5.11.ConfiguringYour DHCP Server ........................................................................................26
5.11.1. Configuring the DHCP Address Range ..................................................................... 26
5.11.2. Important Issues About the DHCP Address Range ......................................................27
5.12.Further Miscellaneous Parameters ......................................................................................27
5.13.Usingthe Server Console .................................................................................................28
5.14.Usingthe Text-based Browser ...........................................................................................29
5.15. Accessing the Linux Root Prompt ...................................................................................... 30
5.16. On-going Administration Using the Server Manager ............................................................. 30
iv
6000 Managed Application Server (MAS)
6.Server Administration ..................................................................................................................
6.1.Passwords .......................................................................................................................32
6.2.Remote Access ................................................................................................................32
6.2.1.RemoteAccess Using ssh ........................................................................................ 33
6.2.2.RemoteAccess Using SSL ......................................................................................34
6.2.3.PPTP (Client-to-Server VPNs) .................................................................................34
6.3.Local networks ................................................................................................................35
6.4. Setting the Date and Time .................................................................................................. 36
6.5.Directory ........................................................................................................................37
6.6.Printers ..........................................................................................................................37
6.7.Hostnames and addresses ...................................................................................................38
6.7.1.Creating New Hostnames ........................................................................................40
6.7.2. Reserving IP Addresses Through DHCP ....................................................................40
6.8.Virtual Domains...............................................................................................................41
6.9.E-mail ............................................................................................................................41
6.9.1.ConfiguringYour E-mail Application ........................................................................44
6.10.Backup or Restore ..........................................................................................................47
6.10.1.Backup To Desktop .............................................................................................. 48
6.10.2.Restore From Desktop .......................................................................................... 48
6.10.3.VerifyDesktop Backup File ...................................................................................48
6.10.4.Configure Tape Backup .........................................................................................49
6.10.5.Restore From Tape ...............................................................................................49
6.11.Reinstallation Disk..........................................................................................................49
6.12.Reboot or Shutdown ........................................................................................................ 50
6.13.Additional Server Administration ......................................................................................50
7. Configuring the Computers on Your Network ..................................................................................
7.1. What Order to do Things ...................................................................................................51
7.2. Configuring Your Desktop Operating System ........................................................................51
7.2.1.Automatic DHCP Service ........................................................................................52
7.2.2. Manual Entry For Computers Not Using DHCP Service ................................................ 53
7.2.3.MSWindows Workgroup Configuration .................................................................... 54
7.3.IMAPversus POP3 e-mail ................................................................................................. 54
7.4.ConfiguringYour E-mail Application ..................................................................................55
7.4.1.Configuring Outlook Express ...................................................................................55
7.4.2.Configuring Netscape .............................................................................................57
7.5.ConfiguringYour Web Browser .......................................................................................... 58
7.6. Choosing Your Web Browser Language ............................................................................... 58
7.7.ConfiguringYour Company Directory .................................................................................59
7.7.1.Configuring Outlook Express ...................................................................................60
7.7.2.Configuring Netscape .............................................................................................62
7.8.Workgroup .....................................................................................................................63
7.8.1. 6000 MAS as Domain Controller ..............................................................................64
8.Using the AMC ..........................................................................................................................
8.1.User Administration..........................................................................................................67
8.2.ActivatingAdditional ServiceLink Services .......................................................................... 68
8.3.Monitoring Server Status ...................................................................................................69
8.3.1.Performinga Manual Synchronization ....................................................................... 70
8.3.2.Changingthe Sync Frequency ..................................................................................70
8.4.Virus Protection ...............................................................................................................70
8.4.1.E-mail Virus Detection ...........................................................................................70
8.4.2.File Virus Protection ..............................................................................................71
8.5.Guaranteed E-mail Delivery ...............................................................................................71
8.6.Configuring Alerts ............................................................................................................72
8.7.DNS Services ..................................................................................................................73
8.8.IPSEC VPNs ...................................................................................................................74
8.8.1.Creatingan IPSEC VPN .........................................................................................75
8.8.2.IPSEC VPN Status .................................................................................................76
8.8.3.Editingan IPSEC VPN ........................................................................................... 77
v
6000 Managed Application Server (MAS)
8.8.4.Deletingan IPSEC VPN .........................................................................................78
8.9.Maintaining Server Information .......................................................................................... 78
8.9.1.Server Information .................................................................................................79
8.9.2.Server Log ...........................................................................................................80
8.9.3.Company Details ...................................................................................................81
8.9.4.Services ...............................................................................................................81
8.10.Usingthe Reporting Forms ...............................................................................................82
8.10.1.One-Click Reports ................................................................................................82
8.10.2.Custom Report Wizard .......................................................................................... 84
8.10.3.E-mailing a Report ...............................................................................................84
8.10.4.Saving a Report ...................................................................................................84
8.10.5.Deleting a Report .................................................................................................85
9.Domain Name Services ................................................................................................................
9.1. The Role of the AMC in Providing Domain Name Services ...................................................... 86
9.2.Service Domains ..............................................................................................................87
9.3.Publishing Domain Names .................................................................................................88
9.4. Redelegating Domain Names to the AMC ............................................................................. 89
9.5.Registering New Domains .................................................................................................89
9.6.Unpublishing Domain Names .............................................................................................89
10.Webmail .................................................................................................................................
10.1. Enabling Webmail On Your System ...................................................................................91
10.2.Starting Webmail ............................................................................................................91
11.Troubleshooting ........................................................................................................................
11.1.MailLog File Analysis ....................................................................................................92
11.2.View Log Files ..............................................................................................................92
11.3.Review Configuration .....................................................................................................92
11.4.Technical Support ...........................................................................................................93
A. Integrating the 6000 MAS with the Mitel Networks 3100 ICP ............................................................
A.1. Integration of 3100 ICP and 6000 MAS using the DHCP server on the 6000 MAS ....................... 94
A.1.1. Connecting the 6000 MAS to the 3100 ICP LAN ethernet switch ................................... 94
A.1.2. Connecting the 6000 MAS to the 3100 ICP WAN ethernet port ..................................... 96
A.2. Integration of 3100 ICP and 6000 MAS using the DHCP server on the 3100 ICP ......................... 98
vi
List of Tables
3.1. Definition of a Category 1 Server ................................................................................................ 7
3.2. Hardware Requirements for a Category 1 Server ............................................................................ 8
3.3. Definition of a Category 2 Server ................................................................................................ 8
3.4. Hardware Requirements for a Category 2 Server ............................................................................ 8
3.5. Definition of a Category 3 Server ................................................................................................ 9
3.6. Hardware Requirements of a Category 3 Server ............................................................................. 9
3.7. Definition of a Category 4 Server ................................................................................................ 9
3.8. Hardware Requirements of a Category 4 Server ............................................................................. 9
8.1.Status colors ............................................................................................................................69
vii
Chapter 1. Introduction
1.1. About This Handbook
This handbook walks you step-by-step through the straightforward process of installing and configuring the 6000
MAS.
1.1.1. Who This Handbook is Written For
This handbook is for distributors and resellers of the Mitel Networks 6000 MAS.
1.1.2. Where You Can Find More Information
To access documentation from the Internet, follow these steps:
1. Go to http://www.mitel.com/.
2. From the Online Services selection menu, select "Mitel OnLine".
3. Log in using your Username and Password.
4. Click "Technical" and then click "Product Documentation" to access edocs.
Note
You must be a registered user to access documentation through Mitel OnLine.
1.1.3. About Our Test Company: The Pagan Vegan
In this handbook, we use examples of a catering and event-planning company, The Pagan Vegan or TPV, that configures, administers and makes use of the 6000 MAS. As far as we know, no company of this name exists.
1.2. About the 6000 MAS
The 6000 MAS is a managed Internet security and productivity solution for single-site and branch-based enterprises.
It combines award-winning software, Mitel Networks SME Server with ServiceLink, with a suite of managed services delivered from the Mitel Networks Applications Management Center (AMC). The 6000 MAS manages the
end-user's connection to the Internet by routing Internet data packets to and from the network (which allows all the
computers on the network to share a single Internet connection) and by providing security for the network, minimizing the risk of intrusions.
When one of the computers on the local network contacts the Internet, or is contacted by an outside machine on the
Internet, the 6000 MAS not only routes that connection, but seamlessly interposes itself into the communication.
This prevents a direct connection from being established between an external computer on the Internet and a computer on the local network, thereby significantly reducing the risk of intrusion onto the network.
The server also provides services - including e-mail, web access and a powerful file sharing and collaboration feature called "i-bays" - that allows users to communicate better internally and with the rest of the world using the Internet.
Throughout this handbook, SME Server refers to the server software component installed at the end-user's site. 6000
MAS refers to the total solution - the server software as well as applications and subscription services delivered from
the AMC.
1
Chapter 1. Introduction
The word gateway is used to mean the computer that acts as the interface between the local, internal network and the
external world - typically the 6000 MAS itself.
If desired, the 6000 MAS can also be run in "server-only" mode. In "server-only" mode, the 6000 MAS provides the
network with services, but not the routing and security functions associated with the role of "gateway". Server-only
mode is typically used for networks already behind a separate firewall. In that configuration, the firewall fulfills the
role of gateway, providing routing and network security.
Once installed, the 6000 MAS can be configured and managed remotely. Routine administration is handled from the
administrator's desktop using a web-based interface, so only on rare occasions will a technician or administrator require direct access to the server computer. Once installation is complete, most customers put the server in an outof-the-way place such as a utility closet. If you wish, you can disconnect the keyboard and monitor. (Note that some
computers may not operate correctly without an attached keyboard.)
1.2.1. The AMC
With the 6000 MAS, Mitel Networks Corporation has developed a suite of integrated network services - ServiceLink
- that extend and enhance the functionality of the server. ServiceLink maximizes the security, performance and reliability of the server through real-time interaction with the Applications Management Center (AMC). Note that until
the 6000 MAS is registered for ServiceLink, the links to ServiceLink pages in the Server Manager will take you to
panels that are not active.
2
Chapter 1. Introduction
Note
If your server is behind an additional firewall, that firewall will need to be configured to allow outbound
SSH packets on TCP port 22 in order for the server to communicate with the AMC.
1.3. Software Licensing Terms and Conditions
The 6000 MAS is licensed for an individual server under the terms of the End User License Agreement found on the
CD. Acceptance of this agreement and identification of the end-user accepting is required during the software installation.
If you have acquired the 6000 MAS by means other than purchasing a Mitel Networks commercial offering through
an authorized reseller, it is unsupported. For further information and help in contacting an authorized reseller in your
area, visit http://www.mitel.com/.
1.4. What's New
1.4.1. Features
The 6000 MAS release 5.6 provides many small enhancements, and in particular the following new features:
• Upgrade to Linux 2.4 kernel - The base 6000 MAS software (SME Server with ServiceLink) software has been
upgraded to the Linux 2.4 kernel. This upgrade enhances the reliability of the server and provides support for a
broader range of server hardware.
• Enhanced firewalling - With the upgrade to the Linux 2.4 kernel, the previous ipchains-based firewall rules have
been converted to iptables. This results in an even tighter firewall, using stateful packet inspection.
• Changes to ordering process - The 6000 MAS is a subscription-based product that is managed via the AMC.
With this release, changes have been made to the subscription ordering and activation process in order to simplify delivery of the product.
3
Chapter 2. Software Blades
Clicking on "Blades" in the Server Manager's navigation menu will display a list of available software blades which
can be installed on your system. These blades may include 6000 MAS updates for your specific 6000 MAS release,
or new applications that extend the functionality to your 6000 MAS release.
This list of blades is downloaded from the AMC if more than 30 minutes have elapsed since the last blades request.
Otherwise the current cached list of blades is displayed (click "Update List" to immediately retrieve an updated list
from the AMC.
To download and install a blade, click "Install". Most blades create new menu items in the Server Manager navigation menu to allow you to configure the blade. Others provide their own configuration interface or do not require additional configuration. For details, consult the documentation provided with the blade.
2.1. Managing Blades
Blades are developed and made available by Mitel Networks Corporation, Mitel Networks Authorized Resellers or
by third-party developers.
Note
Each time a server is registered with the AMC, contact information must be entered so that Mitel Networks
can send notifications of software updates. However, it is good practice to periodically check the "Blades"
panel of the Server Manager for new update blades.
If you give your clients access (via the system password) to the Server Manager, you may not want them installing
blades onto the server without your knowledge, as you are probably the one providing support to them. To avoid this
problem, you can manage the list of available blades from the AMC and deny specific blades to some or all of your
servers.
If you click on "Blades list management" in the navigation menu, you will see a screen similar to the image below
listing all currently available blades.
If you click "Deny Servers" in the end column, you will be presented with a screen such as the one below that will
allow you to deny access to this blade for all of your servers or for specific servers.
4
Chapter 2. Software Blades
This mechanism allows you to limit which blades your clients can see and therefore install.
Note
This assumes that your clients have access to the Server Manager. If you do not give your clients the system password, they cannot access the Server Manager and therefore cannot install any blades. However,
you would then have to perform all server administration tasks for the client.
Note
There are other restrictions that control visibility of blades, including the terms of the 6000 MAS subscription and the hardware platform.
The following is a list of blades currently available for downloading.
• Web Access Control
The Web Access Control Service allows you to filter the web sites available to users by blocking selected cate-
gories of sites. Potentially objectionable sites are grouped into categories, such as pornography, gambling, or
hacking sites. This "blacklist" of blocked web sites is updated regularly by the AMC. The service can block entire domains or specific URLs. Certain IP addresses (for example, the system administrator's workstation) can be
excluded from the filtering rules.
• Groupware Blade
This browser-based application allows calendar sharing and collaboration, including the ability to schedule
meetings between users, and maintain and share contact lists and to-do lists. This application does not integrate
with Microsoft Exchange Server but will provide similar functionality for an office that cannot afford the cost
and complexity of Exchange.
• Instant Messaging Blade
The Instant Messaging (IM) Blade allows instantaneous electronic conversations through the 6000 MAS instead
of using publicly available services such as MSN, AIM and Yahoo. Conference rooms (group chat) and a user
directory are also provided. The IM service can work across a ServiceLink IPSEC VPN, allowing your organization to have its own secure IM infrastructure. As well, the solution allows IM users on the server to communicate
with IM users on other services such as MSN and Yahoo.
5
Chapter 2. Software Blades
• IP Phone Support Blade
This blade configures the 6000 MAS to support Mitel Networks IP phones, thus simplifying installation.
• Fax Server Blade
This feature allows the 6000 MAS to send faxes, with the use of an external fax modem.
• System Information Blade
This feature allows system administrators to view information about the server such as disk usage, CPU usage,
etc.
• Free/Busy Scheduling Blade
The Free/Busy Scheduling blade integrates with Outlook 2000 (also known as Outlook 9.0) and Outlook 98. It
allows Outlook users to publish their busy times and to view other users' busy times.
6
Chapter 3. Hardware Installation
3.1. Hardware Requirements of the 6000 MAS Host Computer
Warning
The 6000 MAS software relies upon the host computer meeting the hardware standards noted in this section. Although these guidelines are intended to help in system configuration, compatibility cannot be assured. Mitel Networks Corporation reserves the right to limit support for hardware configurations that we
determine to be incompatible with the 6000 MAS software. Also, be aware that future voice-enabled applications from Mitel Networks may be certified and supported only on specific hardware platforms that can
provide the requisite speed and performance.
Before you consider the requirements defined below, please be aware of the following notes:
• The 6000 MAS ships with remote access services disabled by default. Enabling webmail will increase the resource requirements of the server, in particular the memory requirement. Other remote access services, such as
ssh and PPTP, are also processor-intensive. You should consider a fast processor speed if you intend to make
significant use of these services.
• The server should work with any Pentium, Celeron, AMD or Cyrix processor.
• The amount of available RAM is one of the most important considerations for server performance as it reduces
the load on the disks. If a tradeoff is required, extra RAM will usually be more beneficial than a faster CPU.
• For a dedicated connection in server and gateway mode, the server requires two ethernet adapters (also called
network adapters or network interface cards). For a dialup connection or server-only mode, one ethernet adapter
is needed.
• SCSI (Small Computer Systems Interface) is a system for adding peripherals to a computer which enhances performance, reliability and scalability. If you are using a SCSI system, you will need a specific adapter/driver
(installed similarly to an ethernet adapter) and will need to purchase SCSI-enabled peripherals. These tend to be
more expensive than their non-SCSI counterparts but the tradeoff is often worth it if the system will be under
heavy loads.
• The software supports most external modems; however, internal modems are generally not supported.
Note
The hardware recommendations below apply to servers with up to 500 users. The 6000 MAS can support
more than 500 users, but in such cases we suggest that you specify a custom system using our Category 4
requirements as the minimum starting point.
3.1.1. Hardware Requirements for a Category 1 Server
Following are the minimum hardware requirements for a basic file/print server and network gateway. Note that such
a system will not provide satisfactory performance for features such as webmail, remote access via PPTP and for
ServiceLink offerings such as automatic virus protection and IPSEC VPNs.
Table 3.1. Definition of a Category 1 Server
# of Users Up to 10
Usage Light (minimal use of remote access, file sharing and other disk-intensive activity. No
7
Chapter 3. Hardware Installation
use of webmail, virus scanning or VPNs.)
Table 3.2. Hardware Requirements for a Category 1 Server
Architecture PCI-based Pentium-class processor
Processor speed 90 MHz (or better)
Minimum RAM 64 MB
Hard drive IDE or SCSI - at least 1 GB
SCSI adapter Refer to SCSI Adapter section below (only necessary for SCSI systems).
Ethernet adapters Refer to Ethernet adapter section below.
Modem (for dialup only) Only modems that are Linux-compatible may be used. WinModems are not supported.
CD-ROM drive ATAPI or SCSI
Floppy drive any
Monitor any
Graphics card any
Mouse none required
Sound card none required
3.1.2. Hardware Requirements for a Category 2 Server
Table 3.3. Definition of a Category 2 Server
# of Users Up to 40
Usage Light (moderate use of remote access, file sharing and other disk-intensive activity)
Table 3.4. Hardware Requirements for a Category 2 Server
Architecture PCI-based Pentium-class processor
Processor speed 400 MHz (or better)
Minimum RAM 128 MB
Hard drive IDE or SCSI - at least 6 GB
SCSI adapter Refer to SCSI Adapter section below (only necessary for SCSI systems).
Ethernet adapters Refer to Ethernet adapter section below.
Modem (for dialup only) Only modems that are Linux-compatible may be used. WinModems are not supported.
CD-ROM drive ATAPI or SCSI
Floppy drive any
Monitor any
Graphics card any
Mouse none required
Sound card none required
8
Chapter 3. Hardware Installation
3.1.3. Hardware Requirements for a Category 3 Server
Table 3.5. Definition of a Category 3 Server
# of Users Up to 40
Usage Heavy (heavy use of remote access, file sharing and other disk-intensive activity)
Table 3.6. Hardware Requirements of a Category 3 Server
Architecture PCI-based Pentium-class processor
Processor speed 600 MHz (or better)
Minimum RAM 256 MB
Hard drive IDE or SCSI (SCSI highly recommended) - at least 10 GB
SCSI adapter Refer to SCSI Adapter section below (only necessary for SCSI systems).
Ethernet adapters Refer to Ethernet adapter section below.
Modem (for dialup only) Only modems that are Linux-compatible may be used. WinModems are not supported.
CD-ROM drive ATAPI or SCSI
Floppy drive any
Graphics card any
Mouse none required
Sound card none required
3.1.4. Hardware Requirements for a Category 4 Server
Table 3.7. Definition of a Category 4 Server
# of Users Up to 500
Usage Heavy
Table 3.8. Hardware Requirements of a Category 4 Server
Architecture PCI-based Pentium-class processor
Processor speed 700 MHz (or better)
Minimum RAM 256 MB
Hard drive SCSI - at least 20 GB (2 large SCSI drives using RAID1 strongly recommended)
SCSI adapter Refer to SCSI Adapter section below (only necessary for SCSI systems).
Ethernet adapters Refer to Ethernet adapter section below.
Modem (for dialup only) Only modems that are Linux-compatible may be used. WinModems are not supported.
CD-ROM drive ATAPI or SCSI
Floppy drive any
Monitor any
Graphics card any
9
Chapter 3. Hardware Installation
Mouse none required
Sound card none required
3.2. Hardware Compatibility
Version 5.6 of the 6000 MAS software (SME Server with ServiceLink) is based on RedHat 7.3 and uses the 2.4 series Linux kernel. This combination supports a wide variety of hardware, but it is important that any hardware chosen for the server has been tested for compatibility before deployment. For convenience, Mitel Networks supplies a
bundled hardware-software solution that provides guaranteed compatibility.
We expect that all hardware which is marked as "Certified" or "Compatible" on the RedHat Hardware Compatibility
List http://hardware.redhat.com/hcl/ [http://hardware.redhat.com/hcl/] for Redhat 7.3 will function correctly with the
6000 MAS.
We do not recommend the user of server hardware which is not listed as "Certified" or "Compatible". Please contact
your support channel for further details of hardware compatibility.
10
Chapter 4. Purchasing and Registration
4.1. Ordering Products
Important
This section only applies to you if you order your 6000 MAS products directly from Mitel Networks. If you
order from a distributor or from some other source, follow your distributor's traditional ordering process,
skip this section and proceed to Registering a Server.
To order services, follow these steps:
1. Connect to the AMC at https://mitel-amc.com/partners/.
2. Under Order Management, select "Order products".
3. Enter a Purchase Order Reference number. This reference number will be quoted on the invoice you receive
from Mitel Networks.
4. For each product that you wish to order, select the quantity from the drop-down list. You can select up to 10 of
each product.
5. Click "Next".
6. An order confirmation screen will appear. Verify your order and then click "Confirm".
This process electronically submits a purchase order to Mitel Networks for the requested products. For each
item that you ordered, an activation key will be created and credited to your AMC account. You will be billed
by Mitel Networks for the products you have ordered.
4.2. Registering a Server
Note
Use this procedure only if you are registering a new server. If you want to add services to an existing
server, go to Enabling Additional ServiceLink Services.
Note
If you are registering a new server to be part of a Teleworker VPN, skip this section and go to Registering a
Teleworker Server.
To register a server, follow these steps:
1. If you're not already logged in, connect to the AMC at https://mitel-amc.com/partners/.
2. Select "Register a server" from the AMC menu on the left side.
3. A form appears where you can identify the server to which you want to allocate services. Fill in the form with
the server's details. Ensure that the server description is unique as that field will subsequently be used to identify the server.
Tip
11
Chapter 4. Purchasing and Registration
If you have previously registered a server for a client and now wish to register one or more additional
servers, you can choose the company name from the drop-down list, and press the Auto-Fill button to have
the company's information appear in the form. Note that you will still need to supply text for the Descrip"tion" field. If this is a new company, enter the company information.
4. Click "Submit".
5. You will see a screen asking you to confirm the activation of the server with these services. Click "Next" to
confirm, or click the "Back" button on your browser to return to the previous form to correct information.
6. You will be presented with a list of all product activation keys that are available to you as a result of your or-
ders. Choose an activation key by clicking "select" beside the product. You also have the option of manually
entering your product license key in the available field and then clicking "Next". Note that you can only select
BASE ServiceLink products during this registration step. If you have purchased any UPGRADE products, you
can add them to this server later.
7. A confirmation screen appears listing the products you selected. If desired, enter information into the Reference
field (i.e. a PO number). Click "Next".
8. You will now see a screen indicating that Step 1 of your server registration is complete. This page will also in-
dicate the Service Account ID, a number that uniquely identifies this server. We suggest you print out this page
for your records.
9. Log out of the AMC and log in to the Server Manager on the server you are registering.
10. Click "Status" (under ServiceLink in the Server Manager's navigation menu) and enter the Service Account ID.
11. Click "Activate".
The server will now connect to the AMC and synchronize with it. You will see a screen telling you that registration
was successful. The server registration process is now complete. (Note that the initial synchronization can take several minutes to complete.)
At any time in the future, you or your customer can view the status of ServiceLink services by clicking on "Status"
in the Server Manager's navigation menu.
Returning to the AMC, you can now see a list of registered servers by clicking on "Servers" in the AMC navigation
menu. Your newly-registered server should appear in this list.
For more information on the status of your server, read the section on Monitoring Server Status.
4.3. Registering a Teleworker Server
To register a server as part of a Teleworker VPN, follow these steps:
1. If you're not already logged in, connect to the AMC at https://mitel-amc.com/partners/.
2. Select "Register a server" from the AMC menu on the left side.
3. A form appears where you can identify the server to be added to the Teleworker VPN. Click on "Teleworker
Client" and then fill in the form with the server's details. Ensure that the server description is unique, as that
field will subsequently be used to identify the server.
Note
12
Chapter 4. Purchasing and Registration
In order for the "Teleworker Client" button to be visible, you must already have a Teleworker VPN master
server configured. This master server must be subscribed to a ServiceLink package that includes IPSEC
VPN support, and must have less than the maximum number of teleworker nodes already added to the
VPN.
4. Click "Submit".
5. You will see a screen asking you to confirm the activation of the server with these services. Click "Next" to
confirm, or click the "Back" button on your browser to return to the previous form to correct information.
6. You will be presented with a screen where you can choose to add this server to an existing Teleworker VPN, or
to create a new VPN with another specified Teleworker server. Choose the appropriate option and then click
"Next".
7. A confirmation screen appears listing the products that will be applied to this server. If desired, enter informa-
tion into the Reference field (i.e. a PO number). Click "Next".
8. You will now see a screen indicating that your server registration is complete. This page will also indicate the
Service Account ID, a number that uniquely identifies this server. We suggest you print out this page for your
records.
9. Log out of the AMC and log in to the Server Manager on the server you are registering.
10. Click "Status" (under ServiceLink in the Server Manager's navigation menu) and enter the Service Account ID.
11. Click "Activate".
The server will now connect to the AMC and synchronize with it. You will see a screen telling you that registration
was successful. The server registration process is now complete. (Note that the initial synchronization can take several minutes to complete.)
At any time in the future, you or your customer can view the status of ServiceLink services by clicking on "Status"
in the Server Manager's navigation menu.
Returning to the AMC, you can now see a list of registered servers by clicking on "Servers" in the AMC navigation
menu. Your newly-registered server should appear in this list.
For more information on the status of your server, read the section on Monitoring Server Status.
4.4. Enabling Additional ServiceLink Services
During the initial registration of a server, you enabled services on that server through the registration process (see
Registering a Server). However, at some future point you may wish to enable additional services for this server. Alternatively, you may have a server where the services have expired and the customer now wishes to re-subscribe. In
either case you will follow the procedure outlined below.
To enable network services, follow these steps:
1. Use the "Order products" function to order whichever additional products you want.
2. Click on "Servers" in the AMC.
3. In the Services column, click on the link for the server you want to modify. (It will show not enabled if there
are no services, or will indicate how many services are available.)
4. In the details screen, follow the link to add new services. You will see a screen where you can allocate keys to
13
Chapter 4. Purchasing and Registration
that server.
5. Choose a key by clicking "Select" beside the option. If you choose, you may manually enter your product li-
cense key in the available field and then click "Next".
6. A confirmation screen appears listing the products you selected. If you want, enter information into the Refer-
ence field (i.e. a PO number). Click "Next".
7. Following your confirmation, you will then be presented with the list of services that were enabled and the ex-
piration dates for those services.
8. If you return to the Servers screen, you will now see that the services column has been updated to reflect the
number of services each server has enabled.
Services will not actually be available on the server until the next synchronization. This should happen within the
hour, or you can perform a manual sync by clicking on "Status" in the Server Manager, then clicking the "Sync" button. After synchronizing, the status panel will show the subscribed services.
4.5. Moving a Server or Deactivating Services
If you have installed your 6000 MAS on new server hardware, or alternatively just want to deactivate services to a
particular server, follow this two-step process.
1. On the server, in the Server Manager, click on "Status" and then follow the link for deactivating services.
2. In the AMC, click on the server's ID to go into the detailed information for that Server. At the bottom of the
page, click on "Reset Signature" for that server.
Note
You must do both steps, in the Server Manager and on the AMC, for this to work. Either step in isolation
will not suffice.
If you are moving the server, you can now reinstall the software on the new system and follow the activation steps
described in steps 8-10 in Registering a Server, using the same Service Account ID you created for the server.
You do not need to re-enable or purchase new services when you change the underlying hardware for the server.
The services associated with the server continue to be enabled, even if they are not being used. When the new server
syncs to the AMC using the same Service Account ID as before, it will gain access to the same services that were
enabled previously and will continue to use those services until they expire.
Note
Be aware that there is no change in the expiration date of services if you temporarily de-activate a server.
The services will expire on that date, regardless of how often they have actually been used.
14
Chapter 5. Software Installation and
Configuration
5.1. Licensing Terms and Conditions
In installing the 6000 MAS software, you are agreeing to the licensing terms and conditions associated with it. You
can read these terms and conditions in the introduction to this handbook under the title Software Licensing Terms
and Conditions.
Warning
The computer on which you install this software will be totally dedicated to being your 6000 MAS. The
hard drive of this computer will be erased and re-written with the Linux operating system - dramatically enhancing the reliability of your server over other operating systems. However, this means that while this
computer is acting as your server, you cannot use it for any other purpose.
Note
If you have previously installed and configured a server and are reinstalling the software, please be aware
that you must use the Upgrade option in order to preserve your existing configuration and data. Performing
a new installation (rather than an upgrade) will erase all previously existing user accounts, user directories,
i-bay contents and web site and configuration parameters. If you have not already done so, you may wish to
back up the contents of your server onto one of your desktop computers or to a tape drive. You can do so
easily by selecting "Backup or restore" from the Server Manager, as explained in the chapter describing ongoing administration of your server.
5.2. RAID1 Support (Disk Mirroring)
the 6000 MAS supports disk mirroring, also called RAID Level 1. Disk mirroring ensures that all data is written to
two separate hard disks installed in your server. Should the primary disk fail, the mirror disk will continue as if nothing had happened. All of the data will be protected.
Disk mirroring can be accomplished through either software or hardware .
5.2.1. Software Mirroring
To enable software RAID1 support, you must first have two disks that are the same size or capable of having partitions of the same size. They can be either SCSI or IDE drives. They must both be installed in your system prior to
installing the 6000 MAS software. Software RAID support can only be configured at the time you install the software. If you choose not to configure RAID support on your server, and later wish to do so, you will need to reinstall
the 6000 MAS software.
Once you have two disk drives, activating RAID support requires only a slight change in the software installation
process.
Note
The 6000 MAS does not support RAID Level 0 (disk striping), as that does not provide any protection of
your data whatsoever. It does not support RAID Level 5 (disk striping with parity) because of the poor performance and reliability of software implementations of RAID5. If you are seeking RAID5 support, Mitel
Networks Corporation recommends you consider one of the many hardware implementations which will
provide both protection and performance.
15
Chapter 5. Software Installation and Configuration
5.2.2. Hardware Mirroring
With hardware mirroring, you use a special RAID disk controller to mirror across multiple disks. The performance
can be significantly faster than software mirroring. Additionally it can simplify configuration because to the operating system the entire RAID disk system looks like a single disk. You should be able to use any supported SCSI
hardware RAID controller.
If you are going to use hardware mirroring, you should NOT choose Install - Dual hard disk with software RAID-1
mirroring in the installation process. Instead, you should do a regular installation of the software.
Note
Using one of the supported hardware RAID controllers, you will be able to upgrade from an earlier version
of the 6000 MAS to version 5.6 using the standard upgrade process. You should back up all your data and
test carefully after installation.
5.3. Upgrading From A Previous Version
If you have previously installed a server and now wish to upgrade to version 5.6, you can do so while preserving
your configuration data. Follow the installation instructions and choose the upgrade option by typing upgrade after
your previous installation is detected.
As a precaution, we recommend that you back up your system prior to performing this upgrade.
Warning
During the upgrade process your server name for Windows networking will be set to the system name of
your server. If you previously used a different name for Windows networking, you will need to change
your server back to using this name on the Workgroup panel of the Server Manager once the upgrade has
completed.
Warning
You cannot change your primary domain name during an upgrade. If you change your primary domain
name after it has been set up, you will have to reboot your server and all of the client machines, and users
may have to manually modify items such as web browser bookmarks that point to your server.
Warning
It is not possible to use the Upgrade option to add software mirroring (RAID1) to an existing server.
If you enabled software mirroring with a previous version of the software, you should be able to upgrade
without any problems. However, if you are upgrading a previous version of the software that was not installed with software mirroring, and now wish to use software mirroring, you should follow these steps:
1. Perform a backup through the Server Manager.
2. Perform a fresh install selecting the software mirroring option.
3. Restore the backup through the Server Manager.
Warning
If your 6000 MAS was not shutdown cleanly before attempting an update, you may be presented with an
error message such as "One or more of the file systems for your Linux system was not unmounted cleanly".
16
Chapter 5. Software Installation and Configuration
You will not be able to proceed with an upgrade, though you could proceed with a clean install. If you wish
to upgrade, thus keeping existing configuration data, you should terminate the current upgrade attempt, reboot the 6000 MAS, and cleanly shut it down. Only then should you attempt the upgrade.
5.4. Installing the Software
Note
If you are configuring your system with RAID1 support, notice that your step 4 below will be slightly different. If you skipped the previous section on RAID, it would be advisable to read it before proceeding.
Step 1: Insert the CD-ROM. If your computer is an older model that is unable to boot from CD-ROM, you will also
need to insert the boot floppy. Most modern computers do not need a boot floppy.
Step 2: Choose your preferred language from the list. This language will be used throughout the rest of the installation, and the 6000 MAS software will use this as the default language after installation.
Warning
The installation process formats and erases all attached hard drives. If you have multiple hard drives, be
sure to back them up prior to starting the installation process.
Step 2a: If you see a keyboard selection screen, choose your preferred keyboard from the list. Otherwise, skip to the
next step.
Step 3: Read the software licensing terms and indicate your acceptance of the license.
Step 3a: Enter the name, title and company of the person accepting the end-user license on behalf of the end-user's
company.
Step 4a: If an older version of the 6000 MAS software (SME Server with ServiceLink) is detected on your com-
puter, the software will assume that you are upgrading your previous system. Go to Step 5a.
Step 4b: If an older version of the 6000 MAS software (SME Server with ServiceLink) is not detected on your com-
puter, you will see a screen with two installation options. Choose whether you wish to "Install on a single hard disk
(or use hardware mirroring)" or "Install on dual hard disks using software mirroring (RAID1 support)". If an upgradable system is detected but you typed more options to get to this menu, you will also be able to choose
"Upgrade". If you choose "Upgrade", go to step 5a; otherwise, go to step 5b.
Step 5a: Read the screen offering a final warning about the upgrade. Type upgrade and hit enter or the "OK" button
to continue. The upgrade process will now automatically proceed. If you wish to perform a fresh install and overwrite your old installation, type more options, and return to step 4b. Otherwise, go on to step 6.
Step 5b: Choose a timezone from the list and press "enter".
Step 5c: Read the screen offering a final warning. Type install and hit enter or the "OK" button to continue. The
installation process will now automatically proceed to install the necessary packages.
Step 6: Indicate whether you wish to create an emergency boot diskette. This can be used in the future to boot the
system in the event that you are unable to boot from the hard disk. If you choose yes, you will be prompted to insert
a blank diskette. We recommend that you do create an emergency boot floppy and put it in a safe place where you
can easily retrieve it when necessary.
Step 7: Finishing the installation is automatic and takes only a few minutes. At the end of the process, you will be
prompted to remove the floppy diskette and CD and then to reboot your computer.
Warning
17
Chapter 5. Software Installation and Configuration
The installation (or upgrade) process rewrites the boot sector on your hard drive. This may cause machines
with BIOS boot sector virus detection to not boot unattended. This detection should be disabled in your
system's BIOS.
5.5. Configuring your Server
Once your system has restarted (and is no longer booting from the installation CD), you are ready to configure your
system.
If your ISP provided you with a summary of your configuration choices and network information, we suggest that
you keep it handy while completing the screens in the configuration section of the server console.
There are several types of configuration parameters that must be entered into your server:
• the system password
• the type of ethernet adapters (network interface cards, or NICs) that will be used by your server to communicate
with the internal network and the Internet (or external network). Typically, the server software will detect this information automatically. (Note that if you are connecting to the Internet with a dialup connection, you only need
one ethernet adapter.)
• configuration for the internal (local) network - you must provide information about your internal network so that
your server can communicate with other machines on your local network.
• operation mode - you must select whether your server will operate in server and gateway mode or server-only
mode.
• configuration for the external network/Internet - you must configure your server so that it can communicate with
your ISP either by a dedicated connection or using a dialup connection (only for server and gateway mode).
• miscellaneous information - there are several final items to configure, such as whether to allow your users to use
a proxy server, whether to provide status reporting to Mitel Networks Corporation, and whether you wish to secure the server console so that it can only be accessed using the administrator's password.
As you select a given configuration parameter, you will be presented only with the screens necessary for your given
configuration. Each screen will provide you with a simple, detailed explanation of the required information.
Note: The "Keep" option
As you move through the configuration screens, you will notice that there is a "Keep" option that will allow
you to keep the choices you may have made previously. Obviously, when you are configuring your system
for the first time, many of these choices will not have been made, but if you later go back to re-configure
the system, this option can save time.
5.6. Setting Your Administrator Password
The first thing you will be asked to do is to set the system password. This is the password you will enter to access
the web-based Server Manager. Depending on how you configure the system, you may also need to enter this password to access the server console. It is extremely important that you choose a good password and keep that password
secret.
Anyone who gains access to this password has the power to make any change to your server!
After you enter the password once, you will be asked to type it again to confirm that the password was recorded cor-
rectly. The password will also be examined to determine its suitability from a security perspective. If it is found to
18
Chapter 5. Software Installation and Configuration
be weak (for instance, a dictionary word), you will see an additional screen asking if you really want to use this
password. You will have the option to go back and change to a stronger password or to continue using the weaker
password.
Note
You can use any ASCII printable characters in the administrator password. A good password should contain mixed upper- and lower-case letters, numbers and punctuation, yet also be easy to remember. An example might be "IwmMNS!" as in "I want my Mitel Networks Server!" (Please don't use this example as
your password!).
5.7. Configuring Your System Name and Domain Name
The next step is to enter the primary domain name that will be associated with your 6000 MAS. This will be the default domain for your e-mail and web server. You can later configure other virtual domains.
Warning
Once you enter your primary domain name, you should not change it. If you change your primary domain
name after it has been set up, you will have to reboot your server and all of the client machines, and users
may have to manually modify items such as web browser bookmarks that point to your server.
Next you need to provide a system name for the server. Think carefully about this as changing it later may create additional work. (For instance, Windows client computers may be mapping drives to your server using its name. Those
clients would need to remap the drive using the new name.)
Tip
You should make the system name as unique as possible in case you someday decide to link your server to
another server using an IPSEC VPN. When you do, each server will need a unique name. Using some type
of theme, such as location names, can be an effective way to ensure unique names. The system name must
start with a letter and can be composed of letters, numbers and hyphens.
5.8. Configuring Your Local Network
5.8.1. Selecting Your Local Ethernet Adapter
You will need to select the appropriate driver for the ethernet adapter connected to your local network.
If you are using a PCI ethernet adapter that appears on the supported list, it is likely that you will be able to choose
option 1, "Use xxxx (for chipset yyyy)", where 'xxxx' and 'yyyy' are specific to your hardware. If the software fails
to detect it correctly, you can manually select the appropriate driver for your ethernet adapter from a list of drivers or
from a list of ethernet adapter models. After the appropriate driver is selected, select "Next" and proceed to the next
screen.
5.8.2. Configuring Local Network Parameters
Enter the local IP address for this server. If you have no reason to prefer one set of IP addresses over another for
your local network, your server will prompt you with default parameters that are probably appropriate in your situation. If your server is being installed into an existing network, you must choose an address that is not in use by any
other computer on this network.
Tip
If you are installing servers at multiple sites within your organization, you may find it useful for later trou-
19
Chapter 5. Software Installation and Configuration
bleshooting to use different network addresses for each site. Additionally, if you ever want to establish an
IPSEC VPN between the servers, each server will need to use a different range of IP addresses.
If, however, you are operating your server in "server-only" mode and there are already servers on your network, you
will need to obtain an unused IP address for your local network.
Next, you will be prompted to enter the subnet mask for your local network. If you are adding your server to an existing network, you will need to use the subnet mask used by the local network. Otherwise, unless you have a specific need for some other setting, you can accept the default setting.
5.9. Operation Mode
After configuring your local network, proceed to the following screen to select the server's operation mode. If you
want this server to act as a gateway to the Internet, choose one of the server and gateway options. Otherwise, choose
server-only mode.
5.9.1. Option 1: Server and Gateway Mode
If you configure the server to operate in server and gateway mode, your server will require either of the following:
1. two ethernet adapters (one to communicate with the local network and the other to communicate with the exter-
nal network/Internet)
2. one ethernet adapter (for the local network) and a modem for a dialup connection
With server and gateway mode, there are a number of extra parameters that must be configured. These will be discussed in the next section.
5.9.2. Option 2: Private Server and Gateway
This mode is a variation of option 1 and provides the same functionality with the following differences:
• The web server is not visible to anyone outside of the local network.
• The mail server is not accessible outside the local network.
• Additional firewall rules are automatically configured to drop packets for various services (such as 'ping' requests).
All services are available on the internal network. The differences are entirely in how your server is seen by the external world.
5.9.3. Option 3: Server-Only Mode
Server-only mode is appropriate if you do not wish to use the gateway capabilities of your server. In this configuration, the server does not connect directly to the outside world (although it may connect indirectly through your firewall or another server).
Warning
Because the server "trusts" the local network to be secure in server-only mode, it must be behind a firewall
of some type.
20
Chapter 5. Software Installation and Configuration
Your network will resemble the image below:
If you have a connection to the Internet by way of another gateway or corporate firewall, you can configure the
server to provide services (including e-mail, web services, file and print-sharing) to your network. In this instance,
you do not need your server to function as a gateway because that role is fulfilled by your firewall. If you select Option 3, "Server-only mode - protected network", your server will provide your local network with web, e-mail, file
and print-sharing.
On the next configuration screen, you should enter the IP address for the Internet gateway on your local network. If
you do not have an Internet connection, leave this screen blank.
5.10. Configuring Server and Gateway Mode
If you are configuring the server to operate in server and gateway mode, you must select one of the following two
Internet connection types:
• a dedicated connection - if you access the Internet via a router, a cable modem, or ADSL
• a dialup connection - if you access the Internet via a modem or ISDN connection
The next step is to enter the specific parameters representing that connection.
5.10.1. Server and Gateway Mode - Dedicated
How you configure your server's external interface depends on whether you are using a dedicated or a dialup connection. Therefore, if you configured your server for "server and gateway mode - dedicated connection" you will be
presented with very different configuration screens than if you configured the server for "server and gateway - dialup connection" (as discussed in the next section).
5.10.1.1. Configuring Your External Ethernet Adapter
As you did previously with the local ethernet adapter, you need to configure the driver for the external ethernet
adapter. As before, the software will attempt to detect the card. If it correctly identifies the card, you can proceed using Option 1, "Keep current driver". If it does not, you can manually select the driver - either by specifying the
model of your ethernet adapter or by directly choosing a driver.
21
Chapter 5. Software Installation and Configuration
5.10.1.2. Assigning Your Ethernet Adapters to Network Connection
To communicate successfully, the server needs to know which ethernet adapter connects it to the internal network
and which adapter connects it to the external network/Internet. The server will make this designation automatically the first ethernet adapter (in position "eth0") will normally be assigned to the local, internal network and the second
ethernet adapter (in position "eth1") will normally be assigned to the external network/Internet. In the event that this
assumption is incorrect, this screen allows you to easily swap that designation.
Note
If you don't know which ethernet adapter is designated to eth0 and which is designated to eth1, leave it in
the default configuration while completing the rest of the screens. You will later have the opportunity to
"Test Internet Access" from the server console. If your test fails at that time, return to this screen, swap the
card assignment and retry the test.
Tip
If you are using two different network interface cards, you will see which driver is associated with eth0 and
which is associated with eth1. This information can help you determine which card is eth0 and which is
eth1. If you have two cards that use the identical driver you will see a screen such as the one above where
the actual driver is not listed.
5.10.1.3. Configuring Your External Interface
With a dedicated connection in server and gateway mode, you will be presented with the following screen:
22
Chapter 5. Software Installation and Configuration
Your server must know three additional things to communicate on the Internet:
• its own unique IP address so that Internet data packets can reach it.
• a subnet mask (also called a netmask) which looks like an IP address and allows other computers to infer your
network address from your IP address.
• the IP address of the external gateway for your server. This is the IP address of the router on your server's external network. It identifies the computer that your server should contact in order to exchange information with the
rest of the Internet.
Normally, you would need to know this information and enter it into the server console. However, most ISPs are capable of automatically assigning these configuration parameters to your server using a DHCP server or PPPoE.
If you have a static IP address and your ISP is configuring your server using DHCP or PPPoE, select Option 1, 2 or
3 depending upon how you will be connecting to your ISP. When you first connect to your ISP, your server will automatically be given its external interface configuration parameters.
If your ISP is providing you with a dynamic IP address, the ISP will configure this through DHCP or PPPoE and
your server will be re-configured automatically whenever your IP address changes. If you plan to use a Dynamic
DNS service, select Option 2. Otherwise, select Option 1.
If you are using ADSL and need PPP over Ethernet , choose Option 3. You will then be asked for the user name and
password you use to connect to your ISP. Note that some ISPs require you to enter their domain name as well as
your user name.
What is PPPoE?
PPPoE Point-to-Point Protocol over Ethernet is an implementation of the PPP protocol used for dialup connections
- only configured to run over an Ethernet connection. Many ISPs that provide ADSL connections use PPPoE as the
method of connecting their customers to the Internet over ADSL.
If you have a static IP address and your ISP does not offer DHCP or PPPoE, then your ISP will give you the static
23
Loading...