TANDBERG D14049.01 User Manual
VIDEO
COMMUNICATION
SERVER
ADMINISTRATOR
GUIDE
Introduction
D 14049.01
D 14049.01
07.2007
Getting
Star ted
System
Overview
System
Configuration
Software version X1.0
D14049.01
July 2007
H.323 & SIP
Configuration
Registration
Control
1
Zones and
Neighbors
Call
Processing
Firewall
Traversal
Bandwidth
Control
Maintenance
Appendices
TANDBERG VIDEO COMMUNICATION SERVER
ADMINISTRATOR GUIDE
VIDEO
COMMUNICATION
SERVER
What’s in this
ADMINISTRATOR
GUIDE?
Disclaimer, Copyrights and License Agreements 8
Safety Instructions and Approvals 9
Environmental Issues 10
Introduction 12
About the TANDBERG Video Communication Server ................12
Main Product Features .......................................................... 12
Standard Features ..............................................................12
Optional Features ...............................................................12
About this Administrator Guide .............................................. 12
Getting Started 13
What’s in the Box? ................................................................13
Connecting the Cables .......................................................... 13
Installation Site Preparations .................................................13
General Installation Precautions ............................................13
Powering on the VCS ............................................................. 14
Initial Configuration via Serial Cable ....................................... 14
System Administrator Access................................................. 15
About Administrator Access .................................................15
Configuring Administrator Access ........................................15
Security Considerations ......................................................15
Administrator Account Password ..........................................15
Default Administrator Password ...................................... 15
Changing the Administrator Password .............................15
Resetting the Administrator Password .............................15
Session Timeout .................................................................15
Root Account ..................................................................... 15
Using the Web Interface ...................................................... 16
Suppor ted Browsers ....................................................... 16
Using the Command Line Inter face (CLI) .............................. 17
Viewing System Overview 18
Viewing the Over view Page .....................................................18
Understanding the Overview Page .......................................... 18
System Configuration 19
System Administration Configuration ...................................... 19
Configuring System Settings ................................................19
About the System Name .....................................................19
About Admin Access settings .............................................19
Ethernet Configuration ...........................................................20
Configuring Ethernet Settings ..............................................20
About Ethernet Speed .........................................................20
IP Configuration ....................................................................21
Configuring IP Settings ........................................................21
About IPv4 to IP v6 Gatewaying ............................................21
DNS Conf iguration .................................................................22
Configuring DNS Settings ....................................................22
About DNS Ser vers .............................................................22
About the DNS Domain Name ..............................................22
NTP Configuration .................................................................23
Configuring NTP Settings .....................................................23
About the NTP Server ..........................................................23
Setting the Time Zone .........................................................23
SNMP Configuration ..............................................................24
Configuring SNMP Settings..................................................24
About SNMP Settings ..........................................................24
External Manager Configuration .............................................25
Configuring External Manager Settings ................................25
About the External Manager ................................................25
Backing up Configuration Settings .........................................26
Introduction
Introduction
D 14049.01
D 14049.01
07.2007
Getting
Star ted
System
Overview
System
Configuration
H.323 & SIP
Configuration
Registration
Control
2
Zones and
Neighbors
Call
Processing
Firewall
Traversal
Bandwidth
Control
Maintenance
Appendices
Table of Contents
TANDBERG VIDEO COMMUNICATION SERVER
ADMINISTRATOR GUIDE
Logging 27
Logging Overview .................................................................. 27
About Logging ..................................................................... 27
About Remote Log ging ........................................................ 27
Enabling Remote Logging .................................................... 27
About Event Log Levels ....................................................... 27
Setting the Event Log Level ................................................. 27
Event Log .............................................................................. 28
Viewing the Event Log ......................................................... 28
Event Log Format ................................................................ 28
Message Details Field ......................................................... 28
Events Log ged at Level 1 ....................................................... 29
Events Log ged at Level 2 ....................................................... 30
Events Log ged at Level 3 ....................................................... 30
Event Data Fields .................................................................. 31
Working with H.323 33
H.323 Overview..................................................................... 33
About H.323 on the VCS ..................................................... 33
Using the VCS as an H.323 Gatekeeper ............................... 33
Configuring H.323 Ports ...................................................... 33
H.323 Endpoint Registration .................................................. 33
Overview ............................................................................ 33
Registration Conflict Mode .................................................. 33
Auto Discover ..................................................................... 33
Time to Live ........................................................................ 33
Call Time to Live ................................................................. 33
Configuring H.323 ................................................................. 34
Working with SIP 35
SIP Overview ......................................................................... 35
About SIP on the VCS .......................................................... 35
Using the VCS as a SIP Registrar ......................................... 35
Proxying Registration Requests ....................................... 35
SIP Registration Expiry ........................................................ 35
Using the VCS as a SIP Prox y Ser ver .................................... 35
SIP protocols and ports ....................................................... 35
Configuring SIP - Registrations, Protocols and Ports ................ 36
Configuring SIP - Domains...................................................... 37
Interworking 38
Overview ............................................................................... 38
About Interworking .............................................................. 38
Configuring Interworking ........................................................ 38
Registration Control 39
Registration Overview ............................................................ 39
Endpoint Registration .......................................................... 39
Registrations on a VCS Border Controller ............................. 39
MCU, Gateway and Content Server Registration ................... 39
Finding a VCS with which to Register .................................... 40
SIP ................................................................................ 40
H.323 ............................................................................ 40
Authentication ....................................................................... 41
About Authentication ........................................................... 41
Configuring Authentication .................................................. 41
Authentication using an LDAP Ser ver .................................. 42
Configuring the LDAP Server Directory ............................. 42
Securing the LDAP Connection with TLS ......................... 42
Alias Origin Setting ......................................................... 42
Configuring LDA P Server settings .................................... 43
Authentication using a Local Database ............................... 44
Configuring the Local Database ...................................... 44
Registering Aliases ................................................................ 45
About Alias Registration ...................................................... 45
H.323 Alias Registration ................................................. 45
SIP Alias Registration ..................................................... 45
Attempts to Register using an E xisting Alias ......................... 45
H.323 ............................................................................ 45
SIP ................................................................................ 45
Allow and Deny Lists ............................................................. 46
About Allow and Deny Lists ................................................. 46
Patterns and Pat tern Types ............................................. 46
Activating use of Allow or Deny Lists .................................... 46
Managing Entries in the Allow List ....................................... 47
Managing Entries in the Deny List ........................................ 48
Managing Zones, Neighbors and Alternates 49
Overview ............................................................................... 49
About your Video Communications Network.......................... 49
Example ............................................................................. 49
Local Zone and Subzones ...................................................... 50
About the Local Zone and its Subzones ............................... 50
Configuring the Local Zone and its Subzones ....................... 50
Zones ................................................................................... 51
About Zones ....................................................................... 51
ENUM Zone ........................................................................ 51
DNS Zone ........................................................................... 51
Traversal Client Zone........................................................... 51
Neighbor Zone .................................................................... 51
Traversal Server Zone ......................................................... 51
Default Zone ....................................................................... 51
Adding Zones ........................................................................ 52
Configuring Zones ................................................................. 52
Configuring Zones - All Types ................................................. 53
Configuring Neighbor Zones ................................................... 54
Configuring Traversal Client Zones ......................................... 55
Configuring Traversal Ser ver Zones ........................................ 56
Configuring ENUM Zones ....................................................... 57
Configuring DNS Zones .......................................................... 57
About Alternates ................................................................... 58
Configuring Alternates ........................................................... 58
Setting up a Dial Plan ............................................................ 59
About Dial Plans ................................................................. 59
Flat Dial Plan ................................................................. 59
Structured Dial Plan ....................................................... 59
Hierarchical Dial Plan ..................................................... 59
Introduction
Introduction
D 14049.01
07.2007
Getting
Star ted
System
Overview
System
Configuration
H.323 & SIP
Configuration
Registration
Control
3
Zones and
Neighbors
Call
Processing
Firewall
Traversal
Bandwidth
Control
Maintenance
Appendices
Table of Contents
TANDBERG VIDEO COMMUNICATION SERVER
ADMINISTRATOR GUIDE
Call Processing 60
Locating a Destination Endpoint............................................. 60
Overview ............................................................................ 60
Process .............................................................................. 60
Dialing by Address Types ....................................................... 61
About the Different Address Types ....................................... 61
Dialing by IP Address .......................................................... 61
Dialing by H.323 ID or E.164 alias ...................................... 61
Dialing by H.323 or SIP URI ................................................. 61
Dialing by ENUM ................................................................. 61
Hop Counts ........................................................................... 62
About Hop Counts ............................................................... 62
Configuring Hop Counts ....................................................... 62
Administrator Policy 63
Overview ............................................................................... 63
About Administrator Policy .................................................. 63
Administrator Policy and Authentication ............................... 63
Enabling the use of Administrator Policy ................................. 64
Configuring Administrator Policy via the Web Interface ............ 65
Configuring Administrator Policy via a CPL script ..................... 66
Uploading a CPL Script ........................................................ 66
About CPL XSD files ............................................................ 66
Downloading policy files ........................................................ 66
User Policy 67
About User Policy .................................................................. 67
What is User Policy? ........................................................... 67
How are Devices Specified? ................................................ 67
Process Overview ................................................................ 67
Who Must do What Before FindMe™ Can Be Used? .............. 67
Recommendations When Deploying FindMe ......................... 67
User Policy Manager ........................................................... 67
Enabling User Policy on the VCS ............................................. 68
Configuring User Policy Manager .......................................... 68
Managing FindMe User Accounts ........................................... 69
About User Accounts ........................................................... 69
Creating a New User Account ............................................... 69
Changing a User Password .................................................. 70
Viewing Existing User Account Settings ................................ 70
Managing FindMe User Accounts ........................................... 71
Deleting a User Account ...................................................... 71
Using TANDBERG’s FindMe™ 72
About your FindMe User Account ............................................ 72
About F indMe™................................................................... 72
FindMe User Accounts .................................................... 72
Individual versus Group FindMe ..................................... 72
Accessing the FindMe Configuration Page ............................ 72
Configuring your FindMe User Account.................................... 73
Alias Searching and Transforming 74
Overview of Searches and Transforms .....................................74
About Searches ...................................................................74
About Transforms ................................................................74
Transforming an Alias Before Searching Locally .......................74
About Local Alias Transforms ...............................................74
Local Alias Transform Process .........................................74
If the Transformed Alias is Not Found Locally ....................74
Configuring Local Alias Transforms ...................................... 75
Zone Searching and Transforming ......................................... 76
About Zone Searching ......................................................... 76
Mode ............................................................................. 76
Priority ........................................................................... 76
About Zone Transforms ....................................................... 76
Using Zone Searches and Transforms Together .................... 76
Zone Search and Transform Process .................................... 76
Configuring Zone Searches and Transforms ......................... 77
Default Settings ............................................................. 77
Examples .............................................................................. 78
Combining Match Types and Priorities .................................. 78
Never Query a Zone ............................................................ 78
Always Query a Zone, Never Apply Transforms ...................... 78
Filter Queries to a Zone Without Transforming ...................... 79
Changing the Prefix or Suffix Before Querying ....................... 79
Query a Zone for Both Original and Transformed Alias ........... 80
Query a Zone for Two or More Transformed Aliases ............... 80
URI Dialing 81
URI Dialing Over view .............................................................. 81
About URI Dialing ................................................................ 81
URI Resolution Process via DNS .......................................... 81
Enabling URI Dialing via the VCS .......................................... 81
Outgoing Calls ............................................................... 81
Incoming Calls ............................................................... 81
Firewall Traversal Calls ................................................... 81
URI Dialing for Out going Calls ................................................ 82
Process .............................................................................. 82
Configuring Matches for DNS Zones .................................... 82
Adding and Configuring DNS Zones ...................................... 83
Configuring DNS Servers ..................................................... 84
URI Dialing for Incoming Calls ................................................ 85
Types of DNS Records Required .......................................... 85
Process .............................................................................. 85
SRV Record Format ............................................................ 85
Configuring H.323 SRV Records .......................................... 85
Location SRV Records .................................................... 85
Call SRV Records ........................................................... 85
Configuring SIP SRV Records ............................................... 85
Example DNS Record Conf iguration ..................................... 86
URI Dialing and Firewall Traversal ........................................... 86
Recommended Configuration ............................................... 86
Introduction
Introduction
D 14049.01
07.2007
Getting
Star ted
System
Overview
System
Configuration
H.323 & SIP
Configuration
Registration
Control
4
Zones and
Neighbors
Call
Processing
Firewall
Traversal
Bandwidth
Control
Maintenance
Appendices
Table of Contents
TANDBERG VIDEO COMMUNICATION SERVER
ADMINISTRATOR GUIDE
ENUM Dialing 87
ENUM Dialing Over view .......................................................... 87
About ENUM Dialing ............................................................ 87
ENUM Process .................................................................... 87
Enabling ENUM Dialing ........................................................ 87
Outgoing Calls ............................................................... 87
Incoming Calls ............................................................... 87
ENUM Dialing for Outgoing Calls ............................................ 88
Prerequisites ...................................................................... 88
Process .............................................................................. 88
Example ............................................................................. 88
Configuring Matches for ENUM Zones .................................. 89
Example ........................................................................ 89
Configuring Transforms for ENUM Zones .............................. 89
Example ........................................................................ 89
Configuring ENUM Zones ..................................................... 90
Configuring DNS Servers ..................................................... 91
ENUM Dialing for Incoming Calls ............................................ 92
Prerequisites ...................................................................... 92
About DNS Domains for ENUM ............................................ 92
Configuring DNS NAPTR Records ........................................ 92
Example ........................................................................ 92
Calls to and from Unregistered Endpoints 93
About Unregistered Endpoints ................................................ 93
Calls to an Unregistered Endpoint .......................................... 93
Overview ............................................................................ 93
Configuration ...................................................................... 93
Calls from an Unregistered Endpoint ...................................... 93
Recommended Configuration for Firewall Traversal .............. 93
Fallback Alias 94
Fallback Alias ........................................................................ 94
Overview ............................................................................ 94
Configuration ...................................................................... 94
Example Use of a Fallback Alias .......................................... 94
Disconnecting calls 95
Overview ............................................................................... 95
About the Call Control API ................................................... 95
Identifying a Particular Call .................................................... 95
Call ID Number ................................................................... 95
Call Serial Number .............................................................. 95
Obtaining the Call ID/Serial Number .................................... 95
Disconnecting a Call via the Web Inter face ............................. 96
Disconnecting a Call via the CLI ............................................. 96
Issues when Disconnecting SIP Calls ..................................... 96
Firewall Traversal 97
Firewall Traversal Overview .................................................... 97
About F irewall Traversal ...................................................... 97
VCS and Firewall Traversal ..................................................... 97
VCS as a Firewall Traversal Client ........................................ 97
VCS as a Firewall Traversal Server ....................................... 97
Firewall Traversal Protocols and Ports .................................... 98
Overview ............................................................................ 98
Process .............................................................................. 98
Ports for Initial Connections from Traversal Clients ............... 98
H.323 Firewall Traversal Protocols ....................................... 98
Assent Ports ....................................................................... 98
H.460.18/19 Ports ............................................................. 98
SIP Por ts ............................................................................ 98
Ports for Connections out to the Public Internet ................... 99
STUN Por ts ......................................................................... 99
Firewall Configuration ............................................................ 99
Firewall Traversal and Authentication.................................... 100
Overview .......................................................................... 100
Client Type and Client Settings ............................................ 100
Server Type and Server Settings .......................................... 100
Configuring the VCS as a Traversal Client ............................. 101
Overview .......................................................................... 101
Adding a New Traversal Client Zone ................................... 101
Configuring a Traversal Client Zone .................................... 102
Configuring the VCS as a Traversal Server ............................ 103
Overview .......................................................................... 103
Adding a New Traversal Server Zone .................................. 103
Configuring a Traversal Ser ver Zone ................................... 104
Configuring Traversal for Endpoints .................................... 105
Configuring Traversal Ser ver Por ts ..................................... 106
STUN Ser vices .................................................................... 107
About STUN ...................................................................... 107
About ICE ......................................................................... 107
STUN Binding Discovery .................................................... 107
STUN Relay ....................................................................... 107
Configuring STUN Services ................................................ 108
Bandwidth Control 109
Overview ............................................................................. 109
About Bandwidth Control ................................................... 109
Example Network Deployment ........................................... 109
Subzones ............................................................................ 110
About Subzones ................................................................ 110
About the Default Subzone ................................................ 110
Specifying the IP Address Range of a Subzone ................... 110
About the Traversal Subzone ............................................. 110
Default Settings ................................................................ 110
Traversal Calls .................................................................. 110
Bandwidth Consumption of Traversal Calls ......................... 110
Creating a Subzone ............................................................. 111
Configuring a Subzone ......................................................... 112
Applying Bandwidth Limitations to Subzones ........................ 113
Types of Limitations .......................................................... 113
How Different Bandwidth Limitations are Managed ............. 113
About Pipes ........................................................................ 114
Creating Pipes ..................................................................... 114
Editing Pipes ....................................................................... 115
About Links ......................................................................... 116
Default Links ............................................................... 116
Creating Links ..................................................................... 116
Editing Links ....................................................................... 117
Introduction
Introduction
D 14049.01
07.2007
Getting
Star ted
System
Overview
System
Configuration
H.323 & SIP
Configuration
Registration
Control
5
Zones and
Neighbors
Call
Processing
Firewall
Traversal
Bandwidth
Control
Maintenance
Appendices
Table of Contents
TANDBERG VIDEO COMMUNICATION SERVER
ADMINISTRATOR GUIDE
Applying Pipes to Links ........................................................ 118
One Pipe, One Link ........................................................... 118
One Pipe, Two or More Links .............................................. 118
Two Pipes, One Link .......................................................... 118
Default Links....................................................................... 118
About Default Links ........................................................... 118
Pre- Configured Links ......................................................... 118
Automatically Created Links .............................................. 118
Default Call Bandwidth, Insuff icient Bandwidth and
Downspeeding .................................................................... 119
About the Default Call Bandwidth ...................................... 119
About Downspeeding ........................................................ 119
Configuring the Default Call Bandwidth and Downspeeding . 119
Bandwidth Control Examples ............................................... 120
Example Without a Firewall ................................................ 120
Example With a Firewall ..................................................... 121
VCS Border Controller Subzone Configuration ................ 121
Enterprise VCS Subzone Configuration .......................... 121
Maintenance 122
Upgrading Sof tware ............................................................. 122
About Upgrading the VCS Soft ware .................................... 122
Prerequisites ............................................................... 122
Backing up the Existing Configuration Before Upgrading . 122
Upgrading Using SCP/PSCP ............................................... 122
Upgrading via the Web Interface ........................................ 123
Option Keys ........................................................................ 124
About Adding Extra Options ............................................... 124
Adding Options via the CLI ................................................. 124
Adding Options via the Web Interface ................................. 125
Security .............................................................................. 126
About Security .................................................................. 126
Enabling Security .............................................................. 126
Passwords .......................................................................... 127
Changing the Administrator Password ................................ 127
System Snapshot ................................................................ 127
About the System Snapshot .............................................. 127
Creating a System Snapshot ............................................. 127
Restar ting ........................................................................... 128
About Restar ting ............................................................... 128
Shutting Down .................................................................... 128
About Shutting Down ........................................................ 128
Command Reference - xConfiguration 129
Command Reference - xCommand 149
Command Reference - xStatus 157
CPL Reference 170
Overview ..............................................................................170
CPL Examples ...................................................................... 174
Call Screening of Authenticated Users ................................174
Call Screening Based on Alias ............................................ 174
Call Screening Based on Domain ........................................175
Change of Domain Name ....................................................175
Allow Calls from Locally Registered Endpoints Only ..............176
Block Calls from Default Zone and Default Subzone ............176
Restricting Access to a Local Gateway ............................... 177
Regular Expression Reference 178
About Regular Expressions .................................................178
DNS Configuration 179
Overview ..............................................................................179
Verifying the SRV Record ....................................................179
Microsoft DNS Server ...........................................................179
BIND 8 & 9 .........................................................................179
LDAP Configuration 180
About the LDAP Databases .................................................. 180
Downloading the H.350 schemas ........................................ 180
Microsoft Active Directory ................................................... 181
Prerequisites .............................................................. 181
Installing the H.350 Schemas ...................................... 181
Adding H.350 Objects ................................................. 181
Securing with TLS ........................................................ 181
OpenLDAP........................................................................... 182
Prerequisites .............................................................. 182
Installing the H.350 Schemas ..................................... 182
Adding H.350 Objects ................................................. 182
Securing with TLS ........................................................ 182
Bibliography 183
Glossary 184
Introduction
Introduction
D 14049.01
07.2007
Getting
Star ted
System
Overview
System
Configuration
H.323 & SIP
Configuration
Registration
Control
6
Zones and
Neighbors
Call
Processing
Firewall
Traversal
Bandwidth
Control
Maintenance
Appendices
Trademarks and Copyright
All rights reserved. This document contains information that
is proprietary to TANDBERG. No part of this publication may
be reproduced, stored in a retrieval system, or transmitted,
in any form, or by any means, electronically, mechanically,
by photocopying, or otherwise, without the prior written
permission of TANDBERG. Nationally and internationally
recognized trademarks and trade names are the property of
their respective holders and are hereby acknowledged.
TANDBERG VIDEO COMMUNICATION SERVER
ADMINISTRATOR GUIDE
Introduction
Introduction
D 14049.01
07.2007
Getting
Star ted
System
Overview
COPYRIGHT © 2007, TANDBERG
Philip Pedersens vei 22
1366 Lysaker, Norway
Tel: +47 67 125 125
Fax: +47 67 125 234
e-mail: tandberg@tandberg.com
System
Configuration
H.323 & SIP
Configuration
Registration
Control
7
Zones and
Neighbors
Call
Processing
Firewall
Traversal
Bandwidth
Control
Maintenance
Appendices
Disclaimer, Copyrights and License Agreements
TANDBERG VIDEO COMMUNICATION SERVER
ADMINISTRATOR GUIDE
Disclaimer
The information in this document is furnished for informational
purposes only, is subject to change without prior notice, and
should not be construed as a commitment by TANDBERG.
TANDBERG reserves the right to amend any of the information
given in this document in order to take account of new
developments.
Every ef for t has been made to supply complete and accurate
information, however, TANDBERG assumes no responsibility or
liability for any errors or inaccuracies that may appear in this
document, nor for any infringements of patents or other rights
of third parties resulting from its use. No license is granted
under any patents or patent rights of TANDBERG.
Copyright Notice Patent Information
Tandberg software in this product is protected under the
copyright and patent laws.
Copyright © 2007 Tandberg Telecom AS. All rights reser ved.
Patents pending in the U.S.
This product includes copyrighted sof tware licensed from
others. A list of the copyright notices and the terms and
conditions of use can be found at:
http://www.tandberg.com/collateral/documentation/User_
Manuals/TANDBERG VCS EULA.pdf
and
http://www.tandberg.com/collateral/documentation/User_
Manuals/TANDBERG VCS Copyrights.pdf.
IMPORTANT: USE OF THIS PRODUCT IS SUBJECT IN ALL CASES
TO THE COPYRIGHT RIGHTS AND THE TERMS AND CONDITIONS
OF USE REFERRED TO ABOVE. USE OF THIS PRODUCT
CONSTITUTES AGREEMENT TO SUCH TERMS AND CONDITIONS.
TANDBERG technology described in this manual is protected by
one or more of the following:
U.S. Patent Nos.
5,600,646
•
5,768,263
•
5,838,664
•
5,991,277
•
6,584,077
•
6,590,603
•
7,010,119
•
7,034,860
•
U.S. Patent Application Nos.
10/332.785
•
10/432.468
•
11/008.150
•
Other patents pending.
Introduction
Introduction
D 14049.01
07.2007
Getting
Star ted
System
Overview
System
Configuration
H.323 & SIP
Configuration
Registration
Control
8
Zones and
Neighbors
Call
Processing
Firewall
Traversal
Bandwidth
Control
Maintenance
Appendices
Safety Instructions and Approvals
TANDBERG VIDEO COMMUNICATION SERVER
ADMINISTRATOR GUIDE
For your protection please read these safety
instructions completely before you connect
the equipment to the power source. Carefully
obser ve all warnings, precautions and
instructions both on the apparatus and in these
operating instructions. Retain this manual for
future reference.
Water and Moisture
Do not operate the apparatus under or near
•
water – for example near a bathtub, kitchen
sink, or laundry tub, in a wet basement,
near a swimming pool or in other areas with
high humidity.
Never install jacks for communication
•
cables in wet locations unless the jack is
specif ically designed for wet locations.
Do not touch the product with wet hands.
•
Cleaning
Unplug the apparatus from communication
•
lines, mains power- outlet or any power
source before cleaning or polishing.
Do not use liquid cleaners or aerosol
•
cleaners. Use a lint-free cloth lightly
moistened with water for cleaning the
exterior of the apparatus.
Ventilation
Do not block any of the ventilation openings
•
of the apparatus. Never cover the slots and
openings with a cloth or other material.
Never install the apparatus near heat
sources such as radiators, heat registers,
stoves, or other apparatus (including
amplifiers) that produce heat.
Do not place the product in direct sunlight or
•
close to a surface directly heated by the sun.
Safety Instructions
Lightning
Never use this apparatus, or connect/
disconnect communication cables or power
cables during lightning storms.
Dust
Do not operate the apparatus in areas with high
concentration of dust.
Vibration
Do not operate the apparatus in areas with
vibration or place it on an unstable surface.
Power Connection and Hazardous
Voltage
The product may have hazardous voltage
•
inside. Never attempt to open this product,
or any peripherals connected to the product,
where this action requires a tool.
This product should always be powered from
•
an earthed power outlet.
Never connect at tached power supply cord
•
to other products.
In case any parts of the product has visual
•
damage never attempt to connect mains
power, or any other power source, before
consulting ser vice personnel
The plug connecting the power cord to the
•
product/power supply ser ves as the main
disconnect device for this equipment.
The power cord must always be easily
accessible.
Route the power cord so as to avoid it being
•
walked on or pinched by items placed upon
or against it. Pay par ticular attention to the
plugs, receptacles and the point where the
cord exits from the apparatus.
Do not tug the power cord.
•
If the provided plug does not fit into your
•
outlet, consult an electrician.
Never install cables, or any peripherals,
•
without first unplug ging the device from it's
power source.
Servicing
Do not attempt to service the apparatus
•
yourself as opening or removing covers may
expose you to dangerous voltages or other
hazards, and will void the warranty. Refer all
servicing to qualified service personnel.
Unplug the apparatus from its power source
•
and refer servicing to qualified personnel
under the following conditions:
If the power cord or plug is damaged or
•
frayed.
If liquid has been spilled into the
•
apparatus.
If objects have fallen into the apparatus.
•
If the apparatus has been exposed to rain
•
or moisture
If the apparatus has been subjected to
•
excessive shock by being dropped.
If the cabinet has been damaged.
•
If the apparatus seems to be overheated.
•
If the apparatus emits smoke or
•
abnormal odor.
If the apparatus fails to operate
•
in accordance with the operating
instructions.
Accessories
Use only accessories specified by the
manufacturer, or sold with the apparatus.
Approvals
Electromagnetic Compatibility (EMC)
This is a Class A product. In a domestic
environment this product may cause radio
interference in which case the user may be
required to take adequate measures.
EC Declaration of Conformity
Manufacturer: TANDBERG Telecom AS
Product Name: TANDBERG Video
Type Number: TTC2-04
Description: Network unit
This product complies with Commission
Directives:
LVD 73/23/EEC
•
EMC 89/336/EEC
•
This product complies with harmonized
Standards:
EN 60950 -1 : 2001, A11
•
EN 55022 : 1994, A1/A2
•
EN 55024 : 1998, A1/A2
•
EN 61000-3-2 : 2000
•
EN 61000-3-3 : 1995, A1
•
Technical Construction File No.: X13526
Year which the CE mark was affixed: 2007
For an official, signed version of this
document, or details regarding documentation
from the technical construction file, please
contact TANDBERG.
Communication Server
JATE Approval (Japan only)
This unit must be connected to the public
internet via a router/switch that has JATE
approval.
Introduction
Introduction
D 14049.01
07.2007
Getting
Star ted
System
Overview
System
Configuration
H.323 & SIP
Configuration
Registration
Control
9
Zones and
Neighbors
Call
Processing
Firewall
Traversal
Bandwidth
Control
Maintenance
Appendices
Environmental Issues
TANDBERG VIDEO COMMUNICATION SERVER
ADMINISTRATOR GUIDE
Thank you for buying a product which contributes to a reduction
in pollution, and thereby helps save the environment. Our
products reduce the need for travel and transpor t and thereby
reduce pollution. Our products have either none or few
consumable par ts (chemicals, toner, gas, paper). Our products
are low energy consuming products.
TANDBERG’s Environmental Policy
Environmental stewardship is impor tant to TANDBERG’s culture.
As a global company with strong corporate values, TANDBERG
is commit ted to following international environmental legislation
and designing technologies that help companies, individuals and
communities creatively address environmental challenges.
TANDBERG’s environmental objectives are to:
Develop products that reduce energy consumption, CO2
•
emissions, and traffic congestion
Provide products and services that improve quality of life for
•
our customers
Produce products that can be recycled or disposed of safely
•
at the end of product life
Comply with all relevant environmental legislation.
•
European Environmental Directives
As a manufacturer of electrical and electronic equipment
TANDBERG is responsible for compliance with the requirements
in the European Directives 2002/96/EC (WEEE) and 2002/95/EC
(RoHS).
The primary aim of the WEEE Directive and RoHS Directive is
to reduce the impact of disposal of electrical and electronic
equipment at end -of-life. The WEEE Directive aims to reduce
the amount of WEEE sent for disposal to landfill or incineration
by requiring producers to arrange for collection and recycling.
The RoHS Directive bans the use of certain heavy metals and
brominated flame retardants to reduce the environmental impact
of WEEE which is landf illed or incinerated.
TANDBERG has implemented necessar y process changes to
comply with the European RoHS Directive (2002/95/EC) and the
European WEEE Directive (2002/96/EC).
Waste Handling
In order to avoid the dissemination of hazardous substances
in our environment and to diminish the pressure on natural
resources, we encourage you to use the appropriate take -back
systems in your area. Those systems will reuse or recycle most
of the materials of your end of life equipment in a sound way.
TANDBERG products put on the market af ter August
2005 are marked with a crossed- out wheelie bin
symbol that invites you to use those take -back
systems.
Please contact your local supplier, the regional waste
administration, or http://www.tandberg.com/recycling if you
need more information on the collection and recycling system in
your area.
Information for Recyclers
As part of compliance with the European WEEE Directive,
TANDBERG provides recycling information on request for all
types of new equipment put on the market in Europe after
August 13th 2005.
Please contact TANDBERG and provide the following details
for the product for which you would like to receive recycling
information:
Model number of TANDBERG product
•
Your company’s name
•
Contact name
•
Address
•
Telephone number
•
E-mail.
•
Digital User Guides
TANDBERG is pleased to announce that we have replaced the
printed versions of our User Guides with a digital CD version.
Instead of a range of different user manuals, there is now one
CD – which can be used with all TANDBERG products – in a
variety of languages. The environmental benefits of this are
significant. The CDs are recyclable and the savings on paper
are huge. A simple web -based search feature helps you directly
access the information you need. In addition, the TANDBERG
video systems now have an intuitive on-page help function,
which provides a range of useful features and tips. The contents
of the CD can still be printed locally, whenever needed.
Introduction
Introduction
D 14049.01
07.2007
Getting
Star ted
System
Overview
System
Configuration
H.323 & SIP
Configuration
Registration
Control
10
Zones and
Neighbors
Call
Processing
Firewall
Traversal
Bandwidth
Control
Maintenance
Appendices
TANDBERG CONTENT SERVER
USER GUIDE
Environmental Issues
TANDBERG VIDEO COMMUNICATION SERVER
ADMINISTRATOR GUIDE
Introduction
Introduction
D 14049.01
07.2007
Getting
Star ted
System
Overview
System
Configuration
H.323 & SIP
Configuration
Registration
Control
11
Zones and
Neighbors
Call
Processing
Firewall
Traversal
Bandwidth
Control
Maintenance
Appendices
Introduction
TANDBERG VIDEO COMMUNICATION SERVER
ADMINISTRATOR GUIDE
About the TANDBERG Video Communication Server
The TANDBERG Video Communication Server ( VCS) is a key component of your video communications network. It allows you to
manage endpoint registrations and calls, and control the bandwidth being used within your network. The VCS also offers advanced
call policy that allows you to accept, reject and re-route calls, and can optionally include TANDBERG’s FindMe™, which allows users to
have a single alias on which they can be contacted regardless of location,
The VCS forms par t of TANDBERG’s Expressway™ firewall traversal solution, allowing you to securely connect to other video networks
and equipment from your secured private net work.
The VCS also acts as a gateway between SIP and H.323 protocols, and between IPv4 and IPv6, allowing you to make the most use of
your existing video communications investment.
Main Product Features
Suppor ts up to 5 Alternate VCSs for redundancy purposes
Standard Features
H.323 gatekeeper
•
SIP Proxy/Registrar
•
SIP and H.323 support, including SIP/H.323 gatewaying for
•
locally registered endpoints
IPv4 and IPv6 suppor t, including IPv4/IPv6 gatewaying
•
Bandwidth management on both a per-call and a total usage
•
basis, configurable separately for calls within the local
subzones and to neighboring systems and zones
Automatic downspeeding option for calls that exceed the
•
available bandwidth
URI and ENUM dialing via DNS, enabling global connectivity
•
Up to 2500 registrations
•
Up to 500 non-traversal calls
•
Up to 100 traversal calls
•
Up to 200 neighboring zones
•
Flexible zone configuration with prefix, suffix and regex
•
suppor t
Can function as a stand-alone VCS or be neighbored with
•
other systems such as VCSs, Border Controllers, gatekeepers
and SIP proxies
•
Optional endpoint authentication
•
Control over which endpoints are allowed to register
•
Administrator Policy including support for CPL
•
Embedded setup wizard via a serial port for initial
•
configuration
System administration via a web inter face or RS-232, Telnet,
•
SSH, and HTTPS
Can be managed with TANDBERG Management Suite 11.8 or
•
newer
Optional Features
Firewall traversal ser ver functionality, allowing secure
•
traversal of any firewall or NAT
Registration of traversal-enabled endpoints
•
STUN Discovery and STUN Relay services
•
User Policy (TANDBERG FindMe™)
•
SIP/H.323 gatewaying for non -registered endpoints
•
About this Administrator Guide
This Administrator Guide is provided to help you make the best
use of your TANDBERG VCS.
Your approach to this documentation depends on what you
want to do and how much you already know.
The Administrator Guide has been divided into several
sections, each providing different information. In some places
information is duplicated between sections to let you have all
the relevant information in one place.
This document does not have an index - this is intentional. If
the Table of Contents does not direct you to the information you
need, you can use the F ind function in Adobe Reader to search
the text for keywords.
Note that the Administrator Guide describes a fully equipped
version. Your version may not have all the described extensions
installed.
Our main objective with this Guide is to address your goals and
needs. Please let us know how well we succeeded!
In this Administrator Guide, instructions for performing a
task via the web interface are shown in the format:
Menu option1 > Menu option2
•
followed by the Name of the page that you will be taken to. In
most cases the page will be shown adjacent, with callouts
describing each of the configurable options.
In this Administrator Guide, instructions for performing a
task using the command line interface are shown in the
format:
xConfiguration Com mandName
•
The command is hyperlinked to the Command Reference table
at the back of this Guide; clicking on the hyperlink will take you
to the appropriate section of the table showing all the available
sub-commands and parameters.
Typing the command into the CLI without any parameters will
return a full list of parameters available for that command.
Typing a ? after the command will return information about the
purpose of that command or group of commands.
Introduction
Introduction
D 14049.01
D 14049.01
07.2007
07.2007
Getting
Star ted
System
Overview
System
Configuration
H.323 & SIP
Configuration
Registration
Control
12
12
Zones and
Neighbors
Call
Processing
Firewall
Traversal
Bandwidth
Control
Maintenance
Appendices
Getting Started
TANDBERG VIDEO COMMUNICATION SERVER
TANDBERG VIDEO COMMUNICATION SERVER
ADMINISTRATOR GUIDE
ADMINISTRATOR GUIDE
What’s in the Box?
To avoid damage to the unit during transpor tation, the
TANDBERG VCS is delivered in a special shipping box, which
should contain the following components:
TANDBERG VCS
•
CD containing VCS Administrator Guide and other
•
documentation
Installation Sheet
•
Registration card
•
Rack- ears and screws
•
Cables:
•
power cables
•
ethernet cable
•
shielded serial cable
•
Please report any discrepancies to your TANDBERG
representative immediately.
A brief yet detailed description of the procedure to get
you up and going can be found in the Installation
Sheet accompanying your TANDBERG product.
Installation Site Preparations
Make sure that the VCS is accessible and that all cables can
•
be easily connected.
For ventilation: leave a space of at least 10cm (4 inches)
•
behind the VCS’s rear panel and 10cm (4 inches) in front of
the front panel.
The room in which you install the VCS should have an
•
ambient temperature bet ween 0ºC and 35ºC (32ºF and
95ºF) and between 10% and 90% non -condensing relative
humidit y.
Do not place heav y objects directly on top of the VCS.
•
Do not place hot objects directly on top, or directly beneath
•
the VCS.
Use a grounded AC power outlet for the VCS.
•
Connecting the Cables
General Installation Precautions
The socket outlet shall be installed near to the equipment
•
and shall be easily accessible.
Never install cables without first switching the power OFF.
•
Shielded serial cable
To control the VCS using a
direct connection to a PC,
connect the serial cable
between the VCS’s DATA port
and the COM port on a PC.
Getting
Introduction
D 14049.01
07.2007
Getting
Star ted
Star ted
System
Overview
System
Configuration
H.323 & SIP
Configuration
Ethernet cable.
To use the VCS over IP,
connect the ethernet cable
from the LAN1 port on the
VCS to your network. The
LAN2, 3 and 4 connectors
are not used and should be
left open.
Registration
Control
13
13
Zones and
Neighbors
Soft power button
Call
Processing
Firewall
Traversal
Bandwidth
Control
Power switch
Power cable
Connect the system power
cable to an electrical
distribution socket.
Maintenance
Appendices
Getting Started
TANDBERG VIDEO COMMUNICATION SERVER
ADMINISTRATOR GUIDE
Powering on the VCS
To start the VCS:
Ensure the power cable is connected.
1.
Ensure the LAN cable is connected to the
2.
LAN1 port.
Turn on the power switch on the back right
3.
of the unit (adjacent to the power cable).
Press the soft power button on the back
4.
left of the unit.
The system will star t up and the lights on the
front of the unit will flash.
Wait until:
5.
the green PWR LED on the front of the
•
unit is a steady green color
the red ALM LED on the front of the unit
•
has gone out.
the IP address is showing in the display
•
panel on the front of the unit.
Once this has happened, the system is ready
to configure.
The VCS requires some initial configuration
before it can be used. This must be done
using a PC connected to the DATA port or by
connecting to the system’s default IP address:
192.168.0.100.
The IP address, subnet mask and default
gateway must be configured before use.
Consult your network administrator for
information on which addresses to use. Note
that the VCS must use a static IP address.
To set the initial configuration via a PC
connected to the DATA port:
Connect the supplied serial cable from the
1.
DATA port on the VCS to the COM port on
a PC.
Star t a terminal emulator program on the
2.
PC and configure it to use the DATA port as
follows:
baud rate 115200
•
data bits: 8
•
parity: none
•
stop bits: 1
•
flow control: none.
•
Power on the unit (if it is not already on).
3.
The terminal emulator program will display
start up information.
After approximately 2 minutes you will get
the login prompt (if the unit is already on,
press Enter to get the login prompt):
tand berg login:
Enter the username admin and press Enter.
4.
You will get the password prompt:
Password:
Enter the default password of TANDBERG
5.
and press Enter.
You will get the install wizard prompt:
Run install wizard [n]:
Initial Configuration via Serial Cable
Type y and press Enter.
Follow the prompts given by the install
6.
wizard to specif y the following:
The password you want to use for your
a.
system. See Administrator Account
Password for details.
Whether you wish to use IPv4 or IPv6.
b.
See IP Protocol for details.
The IP address of the system.
c.
The IP subnet mask of the system.
d.
The IP default gateway of the system.
e.
The ethernet speed.
f.
Whether you want to use SSH to
g.
administer the system.
Whether you want to use Telnet to
h.
administer the system.
Once the wizard is f inished you will be
8.
prompted to log in again.
Login with the username admin and your
new password.
You will again get the install wizard prompt;
9.
this time select n and press Enter in order
to skip the wizard.
A welcome message similar to the following
will appear:
Welcome to
TANDBERG Video Com munication
Server Release X1.0
SW Release Date: 2007-07-20
OK
You must now reboot the system in order
10.
for the new settings take effect. To do this,
type the command:
xCom mand boot
Once it has rebooted, the VCS is ready to use.
You can continue to use the serial connection,
or you can connect to the system remotely over
IP using either or both:
the web interface via HT TPS
•
a command line inter face via SSH or Telnet.
•
We recommend that you now configure the
following:
The system name of the VCS. This is used
•
by the TANDBERG Management Suite (TMS)
to identify the system. See About the
System Name for more information.
Automatic discovery. If you have multiple
•
VCSs in the same network you may want
to disable automatic discovery on some
of them. See Auto Discover for more
information.
The DNS server address (if URI dialing
•
or FQDNs are to be used). See DNS
configuration for more information.
Introduction
D 14049.01
07.2007
Getting
Getting
Star ted
Star ted
System
Overview
System
Configuration
H.323 & SIP
Configuration
Registration
Control
14
14
Zones and
Neighbors
Call
Processing
Firewall
Traversal
Bandwidth
Control
Maintenance
Appendices
Getting Started
!
!
TANDBERG VIDEO COMMUNICATION SERVER
ADMINISTRATOR GUIDE
System Administrator Access
About Administrator Access
While it is possible to administer the TANDBERG VCS via a PC
connected directly to the unit via a serial cable, you may wish to
access the system remotely over IP.
You can do this using either or both:
the web interface via HT TPS
•
a command line inter face via SSH or Telnet.
•
By default, access via HT TPS and SSH is enabled; access via
Telnet is disabled.
You can also enable access via HTTP. However, this mode
works by redirecting HTTP calls to the HTTPS por t, so HT TPS
must also be enabled for access via HTTP to function.
TMS accesses the VCS via the web server. If HTTPS
mode is turned off, TMS will not be able to access it.
Configuring Administrator Access
To configure the ways in which your system is accessed:
System Configuration > System.
•
You will be taken to the System Administration page.
In the Admin Access section, select Off or On from the drop down boxes for each service.
xConfiguration Administration
•
You must restart the system for changes to take effect.
Administrator Account Password
All administration requires you to log in to the administration
account with the username admin (all lower case) and a
password.
Both the username and password are case- sensitive.
Default Administrator Password
The default password is TANDBERG (all upper case). You
should change this as soon as possible. Choose a strong
password, particularly if administration over IP is enabled.
Changing the Administrator Password
To change the administrator password:
Maintenance > Passwords.
•
You will be taken to the Passwords page.
In the Administrator Password section, enter and then retype
the new password.
xConfiguration SystemUnit Password
•
To set an empty password t ype:
xConfiguration SystemUnit Password: “”
Resetting the Administrator Password
If you forget your password, it is possible to set a new password
using the following procedure:
Reboot the VCS.
1.
Connect to the VCS using the serial cable.
2.
Login with the username pwrec. No password is required.
3.
You will be prompted for a new password.
Session Timeout
By default, Administrator sessions do not time out – they
remain active until you logout.
However, you can set the system to timeout an Administrator
session after a set number of minutes of inactivity. The timeout
period will apply to Administrator sessions using both the Web
Interface and the Command Line Interface.
To set the timeout period:
System Configuration > System.
•
You will be taken to the System Administration page.
In the Admin Access section, in the Session time out
(minutes) box, enter the number of minutes of inactivit y after
which an administrator session should time out.
xConfiguration Administration TimeOut
•
Values must be between 0 and 10,000. A value of 0 means
that Administrator sessions will never time out.
You must restart the system for changes to take effect.
Root Account
The VCS provides a root account with the same password as
the Admin account. This account should not be used in normal
operation, and in particular system configuration should not be
conducted using this account. Use the admin account instead.
Security Considerations
To securely manage the VCS you should disable Telnet, using
the encrypted HTTPS and SSH protocols instead.
For fur ther security, disable HTTPS and SSH as well and use
the serial port to manage the system.
System
Overview
D 14049.01
07.2007
Introduction
Getting
Getting
Star ted
Star ted
System
Configuration
The pwrec account is only active for one minute
following a restar t. Beyond that time you will have to
restar t the system again to change the password.
Because access to the serial port allows the password
to be reset, it is recommended that you install the VCS
in a physically secure environment.
H.323 & SIP
Configuration
Registration
Control
15
15
Zones and
Neighbors
Call
Processing
Firewall
Traversal
Bandwidth
Control
Maintenance
Appendices
Getting Started
TANDBERG VIDEO COMMUNICATION SERVER
ADMINISTRATOR GUIDE
System Administrator Access
Using the Web Interface
To use the web interface:
Open a browser window and in the address line type either:
1.
the IP address of the system
•
the FQDN of the system.
•
Select Administrator Login.
2.
Enter the Username admin and your system password and
3.
select Login.
You will be presented with the Over view page.
Supported Browsers
The VCS web interface is designed for use with Internet
Explorer (6 and up) or Firefox (1.5 and up). It may work with
Opera and Safari, but you may encounter unexpected behavior.
Javascript must be enabled to use the VCS web inter face.
Information
This icon appears to the
right of most input fields in
the web interface.
Clicking on this icon will
activate a pop -up box which
gives you information about
that par ticular field.
View manual
This icon appears on the top
right corner of every screen.
Clicking on this icon will
take you directly to the
latest version of the VCS
Administrator Guide on the
TANDBERG website.
In this Administrator Guide, instructions for performing a
task via the web interface are shown in the format:
Menu option1 > Menu option2
•
followed by the Name of the page that you will be taken to
in order to perform the task. In most cases the page will
be shown adjacent with callouts describing each of the
configurable options.
Introduction
D 14049.01
07.2007
Getting
Getting
Star ted
Star ted
System
Overview
Configuration
System
H.323 & SIP
Configuration
Registration
Control
16
16
Zones and
Neighbors
Call
Processing
Firewall
Traversal
Bandwidth
Control
Log out
This icon appears on the top
right corner of every page.
Clicking on this icon will end
your Administrator session.
You will be taken to the
Administrator Login page.
Maintenance
Appendices
Getting Started
Using the Command Line Interface (CLI)
The command line interface is available over SSH, Telnet and
through the serial por t.
To use the command line interface:
Star t a SSH or Telnet session.
1.
Enter the IP address or FQDN of the VCS.
2.
Login with a username of admin and your system password.
3.
Commands are divided into different groups according to their
function:
xStatus
xConfiguration
xCom mand
xHistory
xFeedback
These commands return information
about the current status of the system.
Information such as current calls and
registrations is available through this
command group.
These commands allow you to add and
edit single items of data such as IP
address and zones.
These commands allow you to add and
configure items and obtain information.
These commands provide historical
information about calls and registrations.
These commands provide information
about events as they happen, such as
calls and registrations.
TANDBERG VIDEO COMMUNICATION SERVER
ADMINISTRATOR GUIDE
System Administrator Access
See the Command Reference Appendix for a full description of
commands available on the VCS.
In this Administrator Guide, instructions for performing a
task using the command line interface are shown in the
format:
xConfiguration Com mandName
•
Typing the given command into the CLI will return a full list of
options and parameters available for that command.
Typing a ? after the command will return information about the
purpose of that command or group of commands.
Introduction
D 14049.01
07.2007
Getting
Getting
Star ted
Star ted
System
Overview
System
Configuration
H.323 & SIP
Configuration
Registration
Control
17
17
Zones and
Neighbors
Call
Processing
Firewall
Traversal
Bandwidth
Control
Maintenance
Appendices
Text goes here
Viewing System Overview
TANDBERG VIDEO COMMUNICATION SERVER
TANDBERG VIDEO COMMUNICATION SERVER
ADMINISTRATOR GUIDE
ADMINISTRATOR GUIDE
Viewing the Overview Page
The Overview page summarizes the current
configuration and status of your system.
The Overview page opens automatically when
you first log on to the web inter face.
You can also access it at any time by clicking
on the Overview link at the top left of the
page.
System name
This shows the name that has been assigned
to the VCS.
Software version
This shows the version of software that is
currently installed on the VCS.
IPv4 address
This shows the VCS’s IPv4 address.
Understanding the Overview Page
Traversal calls
Current: The number of traversal calls going
through the VCS at this moment.
Max (peak): The highest number of
concurrent traversal calls handled by the VCS
since it was last restarted.
Total: The total number of traversal calls
handled by the VCS since it was last
restar ted.
Non-traversal calls
Current: The number of non-traversal calls
going through the VCS at this moment.
Max (peak): The highest number of concurrent
non-traversal calls handled by the VCS since it
was last restarted.
Total: The total number of non-traversal
calls handled by the VCS since it was last
restar ted.
IPv6 address
This shows the VCS’s IPv6 address.
Options
This shows all the additional options that are
currently installed on the VCS.
System
Introduction
D 14049.01
07.2007
Getting
Star ted
System
Overview
Overview
System
Configuration
H.323 & SIP
Configuration
Registration
Control
18
Zones and
Neighbors
Call
Processing
Firewall
Traversal
Registrations
Current: The number of endpoints registered
to the VCS at this moment.
Max (peak): The highest number of endpoints
concurrently registered to the VCS since it
was last restarted.
Total: The total number of registrations on the
VCS since it was last restarted.
Bandwidth
Control
Maintenance
Appendices
text
!
System Conguration
System Administration Configuration
TANDBERG VIDEO COMMUNICATION SERVER
TANDBERG VIDEO COMMUNICATION SERVER
ADMINISTRATOR GUIDE
ADMINISTRATOR GUIDE
Configuring System Settings
To configure the VCS’s system administration
settings:
System Configuration > System.
•
You will be taken to the System
Administration page.
xConfiguration SystemUnit Name
•
xConfiguration Administration
•
About the System Name
The system name is used to identify the VCS,
for example in TMS.
It appears in various places in the web
interface, and in the display on the front panel
of the unit, so that you can identify it when it
is in a rack with other boxes. If no name is
specif ied, these fields/display will be blank.
We recommend that you give the VCS a name
that allows you to easily and uniquely identify
it.
About Admin Access settings
While it is possible to administer the
TANDBERG VCS via a PC connected directly
to the unit via a serial cable, you may wish to
access the system remotely over IP.
You can do this using either or both:
the web interface via HT TPS
•
a command line inter face via SSH or
•
Telnet.
By default, access via HT TPS and SSH is
enabled; access via Telnet is disabled.
You can also enable access via HTTP.
However, this mode works by redirecting HT TP
calls to the HTTPS port, so HTTPS must also
be enabled for access via HTTP to function.
Save
Click here to save your changes.
You must save your changes and
restar t the system for changes to take
effect.
Restar t
Click here to restart the system.
TMS accesses the VCS via the web
server. If HTTPS mode is turned off,
TMS will not be able to access it.
System name
Defines the name of the VCS. Choose a name
that uniquely identifies the system.
Session time out (minutes)
Sets the number of minutes that an
administration session (HTTPS, Telnet or SSH)
may be inactive before the session is timed
out. A value of 0 turns session time outs of f.
Telnet service
Determines whether the VCS can be accessed
via Telnet.
SSH service
Determines whether the VCS can be accessed
via SSH and SCP.
HTTP service
Determines whether HTTP calls will be
redirected to the HTTPS port.
HTTPS service
Determines whether the VCS can be accessed
via the web server. This must be On to enable
both web interface and TMS access.
By default, access via HT TPS and SSH
is enabled; access via Telnet is
disabled. To securely manage the VCS
you should disable Telnet, using the encrypted
HTTPS and SSH protocols instead. For further
security, disable HTTPS and SSH as well and
use the serial por t to manage the system.
D 14049.01
07.2007
Introduction
Getting
Star ted
System
Overview
System
System
Configuration
Configuration
H.323 & SIP
Configuration
Registration
Control
19
Zones and
Neighbors
Call
Processing
Firewall
Traversal
Bandwidth
Control
Maintenance
Appendices
text
System Conguration
Ethernet Configuration
TANDBERG VIDEO COMMUNICATION SERVER
TANDBERG VIDEO COMMUNICATION SERVER
ADMINISTRATOR GUIDE
ADMINISTRATOR GUIDE
Configuring Ethernet Settings
To configure the VCS’s Ethernet settings:
System Configuration >Ethernet.
•
You will be taken to the Ethernet page.
xConfiguration Ethernet
•
About Ethernet Speed
The Ethernet speed setting determines the
speed of the connection between the VCS
and the ethernet switch. It must be set to the
same value on both systems.
The default is Auto. We recommend that you
do not change the default value unless the
switch to which you are connecting is unable
to auto-negotiate.
Ethernet speed
Sets the speed of the connection between the
VCS and the ethernet switch.
You must save your changes and
restar t the system for changes to take
effect.
Restar t
Click here to restart the system.
Introduction
D 14049.01
07.2007
Getting
Star ted
System
Overview
System
System
Configuration
Configuration
H.323 & SIP
Configuration
Registration
Control
20
Zones and
Neighbors
Call
Processing
Firewall
Traversal
Save
Click here to save your changes.
Bandwidth
Control
Maintenance
Appendices
text
System Conguration
IP Configuration
TANDBERG VIDEO COMMUNICATION SERVER
TANDBERG VIDEO COMMUNICATION SERVER
ADMINISTRATOR GUIDE
ADMINISTRATOR GUIDE
Configuring IP Settings
To configure the VCS’s IP settings:
System Configuration > IP.
•
You will be taken to the IP page.
xConfiguration IP
•
xConfiguration IPProtocol
•
The VCS is shipped with a default
IP address of 192.168.0.100. This
allows you to connect the VCS to your
network and access it via the default address
so that you can configure it remotely.
About IPv4 to IPv6 Gatewaying
The VCS can act as a gateway between IPv4
and IPv6 calls.
To configure the VCS to act as a gateway
between the two protocols, select an
IP Protocol of Both.
Calls for which the VCS is acting as an
IPv4 to IPv6 gateway count as traversal
calls for the purposes of licensing.
Some endpoints suppor t both IPv4 and
IPv6, however an endpoint can use
only one protocol when registering with
the VCS. Which protocol it uses will be
determined by the format used to specify the
IP address of the VCS on the endpoint. Once
the endpoint has registered using one
protocol, calls to it from an endpoint using the
other protocol will be gatewayed by the VCS.
Save
Click here to save your
changes.
Restar t
Click here to restart the
system.
IPv6 gateway
Specifies the IPv6 gateway
of the system.
IP protocol
You can configure the VCS to use IPv4, IPv6 or
Both protocols. The default is Both.
IPv4: The VCS will only accept registrations
from endpoints using an IPv4 address, and
will only take calls between two endpoints
communicating via IPv4. It will communicate
with other systems via IPv4 only.
IPv6: The VCS will only accept registrations
from endpoints using an IPv6 address, and
will only take calls between two endpoints
communicating via IPv6. It will communicate
with other systems via IPv6 only.
Both: The VCS will accept registrations
from endpoints using either an IPv4 or IPv6
address, and will take calls using either
protocol. If a call is between an IPv4 -only and
an IPv6- only endpoint, the VCS will act as an
IPv4 to IPv6 gateway. It can communicate with
other systems via either protocol.
IPv4 address
Specifies the IPv4 address of the system.
IPv4 subnet mask
Specifies the IPv4 subnet mask of the system.
IPv4 gateway
Specifies the IPv4 gateway of the system.
IPv6 address
Specifies the IPv6 address of the system.
You must save your changes and
restar t the system for changes to take
effect.
Introduction
D 14049.01
07.2007
Getting
Star ted
System
Overview
System
System
Configuration
Configuration
H.323 & SIP
Configuration
Registration
Control
21
Zones and
Neighbors
Call
Processing
Firewall
Traversal
Bandwidth
Control
Maintenance
Appendices
text
System Conguration
DNS Configuration
TANDBERG VIDEO COMMUNICATION SERVER
TANDBERG VIDEO COMMUNICATION SERVER
ADMINISTRATOR GUIDE
ADMINISTRATOR GUIDE
Configuring DNS Settings
To configure the VCS’s DNS settings:
System Configuration > DNS.
•
You will be taken to the DNS page.
xConfiguration IP DNS
•
About DNS Servers
In order to use URI dialing or ENUM dialing,
you must specify a DNS ser ver to be queried
for address resolution. You can specify up to
5 DNS ser vers. Normally only the f irst DNS
server will be queried, but if it fails to respond,
all DNS ser vers will be queried.
About the DNS Domain Name
The DNS Domain Name is used when
attempting to resolve ser ver addresses
configured on the VCS that are not fully
qualified. It applies only to the following:
LDAP ser ver
•
NTP ser ver
•
External Manager ser ver.
•
The DNS Domain Name is appended to the
server address before a query to the DNS
server is executed. Note however that DNS
will also be queried for the ser ver address as
configured, without the DNS Domain Name
appended. For this reason we recommend
that all server addresses use a FQDN.
The DNS Domain name plays no part in URI
dialing.
Address 1 to Address 5
Sets the IP address of a DNS server to be
queried when resolving domain names.
Domain name
Specifies the name to be appended to the
host name before a query to the DNS server
is executed.
Save
Click here to save your changes.
Introduction
D 14049.01
07.2007
Getting
Star ted
System
Overview
System
System
Configuration
Configuration
H.323 & SIP
Configuration
Registration
Control
22
Zones and
Neighbors
Call
Processing
Firewall
Traversal
Bandwidth
Control
Maintenance
Appendices
text
System Conguration
NTP Configuration
TANDBERG VIDEO COMMUNICATION SERVER
TANDBERG VIDEO COMMUNICATION SERVER
ADMINISTRATOR GUIDE
ADMINISTRATOR GUIDE
Configuring NTP Settings
To configure the VCS’s NTP settings:
System Configuration > NTP
•
You will be taken to the NTP page.
xConfiguration NTP Address
•
xConfiguration TimeZone Name
•
About the NTP Server
Accurate timestamps play an impor tant part in
authentication, helping to guard against replay
attacks. For this reason, we recommend that
you use an NTP server to synchronize the
system time.
Setting the Time Zone
All events are recorded using the local date
and time as well as UTC time. The local time
is determined by the Time Zone set on the
VCS.
NTP ser ver
Sets the IP address or FQDN of the NTP server
to be used when synchronizing system time.
Time zone
Sets the local time zone of the VCS.
Introduction
D 14049.01
07.2007
Getting
Star ted
System
Overview
System
System
Configuration
Configuration
H.323 & SIP
Configuration
Registration
Control
23
Zones and
Neighbors
Call
Processing
Firewall
Traversal
Save
Click here to save your changes.
Bandwidth
Control
Maintenance
Appendices
text
System Conguration
SNMP Configuration
TANDBERG VIDEO COMMUNICATION SERVER
TANDBERG VIDEO COMMUNICATION SERVER
ADMINISTRATOR GUIDE
ADMINISTRATOR GUIDE
Configuring SNMP Settings
To configure the VCS’s SNMP settings:
System Configuration > SNMP
•
You will be taken to the SNMP page.
xConfiguration SNMP
•
About SNMP Settings
The VCS of fers basic support for SNMP.
Tools such as TANDBERG Management Suite
(TMS) or HP OpenView may act as SNMP
network management systems (NMS). They
allow you to monitor your network devices,
including the VCS, for conditions that might
require administrative attention.
To allow the VCS to be monitored by a SNMP
NMS, you must enable SNMP on the VCS and
provide the name of the SNMP community
within which it resides. You may optionally
provide the name of a System contact and the
physical Location of the system for reference
by administrators when following up on
queries.
By default, SNMP is Enabled with a SNMP
community name of public.
Note: the VCS does not support SNMP traps,
therefore it cannot be managed via SNMP.
Enabled
Select On to enable SNMP suppor t.
You must save your changes and
restar t the system for any changes to
take effect.
SNMP community name
Sets the VCS’s SNMP community name.
System contact
Specifies the name of the person who can be
contacted regarding issues with the VCS.
Location
Specifies the physical location of the VCS.
Restar t
Click here to restart the system.
Introduction
D 14049.01
07.2007
Getting
Star ted
System
Overview
System
System
Configuration
Configuration
H.323 & SIP
Configuration
Registration
Control
24
Zones and
Neighbors
Call
Processing
Firewall
Traversal
Save
Click here to save your changes.
Bandwidth
Control
Maintenance
Appendices
text
System Conguration
External Manager Configuration
TANDBERG VIDEO COMMUNICATION SERVER
TANDBERG VIDEO COMMUNICATION SERVER
ADMINISTRATOR GUIDE
ADMINISTRATOR GUIDE
Configuring External Manager Settings
To configure the VCS’s External Manager
settings:
System Configuration > External Manager.
•
You will be taken to the External Manager
page.
xConfiguration ExternalManager
•
About the External Manager
An External Manager is a remote system, such
as the TANDBERG Management Suite (TMS),
used to monitor events occurring on the VCS,
for example call attempts, connections and
disconnections.
The use of an External Manager is optional.
In order to use an Ex ternal Manager, you must
configure the VCS with the IP address or host
name and path of the External Manager to be
used.
If you are using TMS as your external
manager, use the default path of
tms/public/ external/management/
SystemManagementSer vice.asmx.
Address
Sets the IP address or FQDN of the External
Manager.
Path
Sets the path of the External Manager.
Introduction
D 14049.01
07.2007
Getting
Star ted
System
Overview
System
System
Configuration
Configuration
H.323 & SIP
Configuration
Registration
Control
25
Zones and
Neighbors
Call
Processing
Firewall
Traversal
Save
Click here to save your changes.
Bandwidth
Control
Maintenance
Appendices
text
System Conguration
Backing up Configuration Settings
You are recommended to maintain a backup of your VCS configuration. To do this:
1.
Use the command line interface to log on to the VCS.
Issue the command xConfiguration.
2.
Save the resulting output to a file, using cut-and-paste or some other means provided by your
3.
terminal emulator.
To restore your configuration:
Remove the *c from in front of each command.
1.
Paste this information back in to the command line interface.
2.
TANDBERG VIDEO COMMUNICATION SERVER
TANDBERG VIDEO COMMUNICATION SERVER
ADMINISTRATOR GUIDE
ADMINISTRATOR GUIDE
Introduction
D 14049.01
07.2007
Getting
Star ted
System
Overview
System
System
Configuration
Configuration
H.323 & SIP
Configuration
Registration
Control
26
Zones and
Neighbors
Call
Processing
Firewall
Traversal
Bandwidth
Control
Maintenance
Appendices
Logging
Logging
Logging Overview
TANDBERG VIDEO COMMUNICATION SERVER
TANDBERG VIDEO COMMUNICATION SERVER
ADMINISTRATOR GUIDE
ADMINISTRATOR GUIDE
About Logging
The VCS provides a logging facility for
troubleshooting and auditing purposes. The
event log contains information about such
things as calls, registrations, and messages
sent and received.
The VCS logging facilit y allows you to:
specif y the amount of information that is
•
logged by changing the event log level,
specif y an external server to which a copy
•
of the log is written.
About Remote Logging
The event log is stored locally on the VCS.
However, it is often convenient to collect
copies of all event logs from various systems
in a single location. A computer running
a BSD-style syslog server, as defined in
RFC 3164 [4] , may be used as the central log
server.
A VCS will not act as a central logging
server for other systems.
Enabling Remote Logging
To enable remote logging, you must configure
the VCS with the address of the central log
server. To do this:
System Configuration > Log ging.
•
You will be taken to the Logging page.
xConfiguration Log Ser ver
•
Address
About Event Log Levels
All events have an associated level in the range 1-3, with level 1 events considered the most
impor tant. The table below gives an over view of the levels assigned to different events.
See Events Logged at Level 1, Events Logged at Level 2 and Events Logged at Level 3 for
complete tables of the events logged at each level.
Level Assigned Events
Level 1
(User)
Level 2
(Protocol)
Level 3
(Protocol Verbose)
High-level events such as registration requests and call at tempts. Easily
human readable. For example:
call attempt/connected/disconnected
•
registration at tempt/accepted/rejected.
•
Logs of protocol messages sent and received (H.323, LDAP, etc.) excluding
noisy messages such as H.460.18 keepalives and H.245 video fastupdates.
Protocol keepalives are suppressed at Level 2. At log ging Level 3,
keepalives are also logged.
Setting the Event Log Level
You can control which events are logged by
the VCS by setting the log level. All events
with a level numerically equal to and lower
than the specified log ging level are recorded
in the event log.
To set the log level:
System Configuration > Log ging.
•
You will be taken to the Logging page.
xConfiguration Log Level
•
Remote syslog server
Enter the IP address or FQDN of the ser ver to
which the log will be written.
Log level
Select the level of logging you require.
The default is 1.
Events will be always logged locally
regardless of whether or not remote
logging has been enabled.
Introduction
D 14049.01
07.2007
Getting
Star ted
System
Overview
System
System
Configuration
Configuration
H.323 & SIP
Configuration
Registration
Control
27
Zones and
Neighbors
Call
Processing
Firewall
Traversal
Save
Click here to save your changes.
Bandwidth
Control
Maintenance
Appendices
Logging
Logging
Event Log
TANDBERG VIDEO COMMUNICATION SERVER
TANDBERG VIDEO COMMUNICATION SERVER
ADMINISTRATOR GUIDE
ADMINISTRATOR GUIDE
Viewing the Event Log
To view the event log:
Status > Event Log.
•
You will be taken to the Event Log page,
where you can search and view the Event
Log.
eventlog
•
Event Log Format
The event log is displayed in an extension of the UNIX syslog format:
date time host _ name facility _ name <PID>: message _ details
where:
Field Description
date
time
host _ name
facility _ name
message _ details
the local date on which the message was logged
the local time at which the message was logged
the name of the system generating the log message
the name of the program generating the log message. This will be
tandberg for all messages originating from TANDBERG processes, but
will differ for messages from third party processes which are used in the
VCS product
the body of the message (see Message details field for fur ther
information)
Search the last
Select the number of events you wish to view
or search.
Lines for entries containing
If you wish to filter your search, enter the text
that you wish to search for here.
Display in order
Select whether you want the oldest or newest
items to appear at the top of the log.
Search Event Log
Click here once you have configured your
search options. The event log will be
displayed below the Information field.
Message Details Field
For all messages logged from the tandberg process the field is structured to allow easy parsing.
It consists of a number of human -readable name=value pairs, separated by a space.
The first field is always:
Field Example Description
Event
and the last fields of the message are always:
Field Example Description
Level
Time
Event=RegistrationReq uest
Level=1
Time=2006/20/01-14:02:17
The event which caused the log message to be
generated.
The level of the event being log ged.
The UTC date and time at which the event was
generated.
Introduction
D 14049.01
07.2007
Getting
Star ted
System
Overview
System
System
Configuration
Configuration
H.323 & SIP
Configuration
Registration
Control
28
Zones and
Neighbors
Call
Processing
Firewall
Traversal
Bandwidth
Control
Maintenance
Appendices
Logging
Logging
Event Description
Eventlog Cleared
Adm in Session Start
Adm in Session Finish
System Configuration Changed
Policy Change
Registration Requested
Registration Accepted
Registration Rejected
Registration Removed
Registration Refresh Rejected
Unregistration Requested
Unregistration Rejected
Call Answer Attempted
Call Attempted
Call Connected
Call Disconnected
Call Rejected
Call Bandwidth Changed
External Server Communication
Failure
System Start
An operator cleared the event log.
An administrator has logged onto the system.
An administrator has logged off the system.
An item of configuration on the system has changed.
The Detail event parameter contains the name of the changed configuration item and its new value.
A policy file has been updated.
A registration has been requested.
A registration request has been accepted.
A registration request has been rejected.
The Reason event parameter contains the H.225 cause code. Optionally, the Detail event parameter may contain a textual representation of the
H.225 additional cause code.
A registration has been removed by the VCS.
The Reason event parameter specifies the reason why the registration was removed. This is one of:
Authentication change
•
Conflicting zones
•
Operator forced removal
•
Operator forced removal (all registrations removed)
•
A request to refresh a registration has been rejected.
An unregistration request has been received.
An unregistration request has been rejected.
An attempt to answer a call has been made.
A call has been attempted.
A call has been connected.
A call has been disconnected.
A call has been rejected.
The Reason event parameter contains a tex tual representation of the H.225 additional cause code.
The bandwidth of a call has changed.
Communication with an external server failed unexpectedly. The event detail data should differentiate between ‘no response’ and ‘request rejected’.
Servers concerned are:
DNS
•
LDAP ser vers
•
Neighbor Gatekeeper
•
NTP ser vers
•
The operating system has started.
Events Logged at Level 1
TANDBERG VIDEO COMMUNICATION SERVER
TANDBERG VIDEO COMMUNICATION SERVER
ADMINISTRATOR GUIDE
ADMINISTRATOR GUIDE
Introduction
D 14049.01
07.2007
Getting
Star ted
System
Overview
System
System
Configuration
Configuration
H.323 & SIP
Configuration
Registration
Control
29
Zones and
Neighbors
Call
Processing
Firewall
Traversal
Bandwidth
Control
Maintenance
Appendices
Logging
Logging
Event Description
System Shutdown
Application Start
Application Failed
License Limit Reached
Decode Error
TLS Negotiation Error
The operating system was shutdown.
The VCS has started.
Further detail may be provided in the event data Detail field.
The VCS application is out of service due to an unexpected failure.
Licensing limits for a given feature have been reached.
The event detail field specifies the facility/limits concerned. Possible values for the detail field are:
Non Traversal Call Limit Reached
•
Traversal Call Limit Reached
•
A syntax error was encountered when decoding a SIP message.
Transport Layer Security (TLS) connection failed to negotiate.
Event Description
Message Received
Message Sent
Registration Refresh Request
Registration Refresh Accepted
Request Received
Request Sent
Response Received
Response Sent
(H.323) An incoming message has been received.
(H.323) An out going message has been sent.
A request to refresh a registration has been received.
A request to refresh a registration has been accepted.
A SIP request has been received.
A SIP request has been sent.
A SIP response has been received.
A SIP response has been sent.
Events Logged at Level 1 cont...
Events Logged at Level 2
TANDBERG VIDEO COMMUNICATION SERVER
TANDBERG VIDEO COMMUNICATION SERVER
ADMINISTRATOR GUIDE
ADMINISTRATOR GUIDE
Event Description
Message Received
Message Sent
Introduction
D 14049.01
07.2007
Getting
Star ted
System
Overview
(SIP) An incoming message has been received.
(SIP) An outgoing message has been sent.
Configuration
Configuration
System
System
H.323 & SIP
Configuration
Events Logged at Level 3
Registration
Control
Zones and
Neighbors
30
Call
Processing
Firewall
Traversal
Bandwidth
Control
Maintenance
Appendices
Loading...