TANDBERG Gatekeeper User Manual

TANDBERG Gatekeeper
User Guide
Software version N5.1
D13381.07
January 2007
This document is not to be reproduced in whole or in part without permission in writing from:
TANDBERG Gatekeeper User Guide
Contents
1. Product Information 8
1.1. Trademarks and Copyright .......................................................................................................8
1.2. Disclaimer ................................................................................................................................8
1.3. Environmental Issues...............................................................................................................8
1.3.1. TANDBERG's Environmental Policy................................................................................................... 8
1.3.2. European Environmental Directives................................................................................................. 9
1.3.3. Waste Handling ................................................................................................................................. 9
1.3.4. Information for Recyclers.................................................................................................................. 9
1.3.5. Digital User Guides............................................................................................................................ 9
1.4. Operator Safety Summary ..................................................................................................... 10
1.4.1. Water and Moisture.........................................................................................................................10
1.4.2. Cleaning ...........................................................................................................................................10
1.4.3. Ventilation........................................................................................................................................ 10
1.4.4. Lightning .......................................................................................................................................... 10
1.4.5. Dust.................................................................................................................................................. 10
1.4.6. Vibration...........................................................................................................................................10
1.4.7. Power connection and Hazardous voltage..................................................................................... 11
1.4.8. Servicing...........................................................................................................................................11
1.4.9. Accessories......................................................................................................................................11
1.4.10. Communication lines.......................................................................................................................11
2. Introduction 12
2.1. Main Features ....................................................................................................................... 12
2.2. Hardware Overview ............................................................................................................... 12
3. Installation 14
3.1. Precautions ........................................................................................................................... 14
3.2. Preparing the Installation Site ............................................................................................... 14
3.3. Unpacking ............................................................................................................................. 15
3.4. Mounting............................................................................................................................... 15
3.5. Connecting the Cables .......................................................................................................... 15
3.5.1. Power cable ..................................................................................................................................... 15
3.5.2. LAN cable.........................................................................................................................................15
3.5.3. Null-modem RS-232 cable..............................................................................................................15
3.6. Switching on the System ....................................................................................................... 15
4. Getting started 16
4.1. Initial Configuration ............................................................................................................... 16
4.2. System Administration .......................................................................................................... 17
4.2.1. Web interface...................................................................................................................................17
4.2.2. Command line interface..................................................................................................................18
4.2.3. Session timeout...............................................................................................................................19
4.2.4. Administrator Account..................................................................................................................... 19
4.2.5. Root Account ................................................................................................................................... 19
4.3. Backups ................................................................................................................................ 19
4.4. IP Configuration..................................................................................................................... 20
4.5. Endpoint Registration............................................................................................................ 20
4.6. Neighbor Gatekeepers .......................................................................................................... 21
4.6.1. Neighboring and dial plans ............................................................................................................. 21
4.6.2. Adding Neighbors and configuring zones.......................................................................................22
4.6.3. Search Order....................................................................................................................................22
Page 2 of 105
TANDBERG Gatekeeper User Guide
4.7. Alternates.............................................................................................................................. 23
4.8. Call Processing Overview....................................................................................................... 24
5. Transforming Destination Aliases 26
5.1. Alias Transforms ................................................................................................................... 26
5.2. Zone Transforms ................................................................................................................... 27
6. Unregistered Endpoints 28
6.1. Calling from an Unregistered Endpoint.................................................................................. 28
6.2. Calling to an Unregistered Endpoint ...................................................................................... 28
7. Bandwidth Control 30
7.1. About Bandwidth Control ...................................................................................................... 30
7.2. Subzones .............................................................................................................................. 30
7.2.1. Subzone links...................................................................................................................................31
7.2.2. Pipes................................................................................................................................................. 31
7.3. Insufficient Bandwidth .......................................................................................................... 32
7.3.1. Insufficient bandwidth..................................................................................................................... 32
7.4. Bandwidth Control and Firewall Traversal ............................................................................. 33
7.5. Bandwidth Control Examples ................................................................................................ 34
7.5.1. Example without a firewall.............................................................................................................. 34
7.5.2. Example with a firewall ...................................................................................................................34
8. Registration Control 36
8.1. Setting Registration Restriction Policy................................................................................... 36
8.1.1. Viewing the Allow and Deny lists..................................................................................................... 36
8.1.2. Activating use of Allow or Deny lists ...............................................................................................36
8.1.3. Managing entries in the Allow and Deny lists................................................................................37
8.2. Authentication....................................................................................................................... 38
8.2.1. Authentication using a local database...........................................................................................38
8.2.2. Authentication using an LDAP server............................................................................................. 38
8.2.3. Enforced dial plans..........................................................................................................................39
8.2.4. Securing the LDAP connection with TLS ........................................................................................40
9. URI Dialing 41
9.1. About URI Dialing .................................................................................................................. 41
9.2. Making a Call Using URI Dialing ............................................................................................ 41
9.2.1. Enabling URI dialing ........................................................................................................................ 41
9.2.2. Configuring DNS server(s)...............................................................................................................41
9.2.3. Configuring the domain name ........................................................................................................ 41
9.2.4. URI dialing and firewall traversal.................................................................................................... 41
9.3. Receiving a Call Using URI Dialing......................................................................................... 42
9.4. DNS Records......................................................................................................................... 43
10. ENUM Dialing 44
10.1. About ENUM Dialing .............................................................................................................. 44
10.2. Configuring ENUM ................................................................................................................. 44
10.2.1. Enabling ENUM support.................................................................................................................. 44
10.2.2. Managing ENUM DNS zones...........................................................................................................44
10.3. Configuring DNS NAPTR Records .......................................................................................... 46
11. Example Traversal Deployments 47
11.1. Simple Enterprise Deployment.............................................................................................. 47
11.1.1. Enabling outgoing URI calls ............................................................................................................ 47
11.1.2. Enabling incoming URI calls............................................................................................................48
Page 3 of 105
TANDBERG Gatekeeper User Guide
11.2. Enterprise Gatekeepers ........................................................................................................ 48
11.3. Dialing Public IP Addresses ................................................................................................... 49
11.4. Neighbored Enterprises......................................................................................................... 49
11.5. URI Dialing from within the Enterprise .................................................................................. 50
12. Third Party Call Control 51
12.1. About Third Party Call Control................................................................................................ 51
12.2. Placing a Call......................................................................................................................... 51
12.3. Transferring a Call ................................................................................................................. 51
12.3.1. Enabling call routed mode .............................................................................................................. 51
12.3.2. Enabling call transfer ...................................................................................................................... 52
12.4. Disconnecting a Call.............................................................................................................. 52
13. Call Policy 53
13.1. About Call Policy.................................................................................................................... 53
13.1.1. Uploading the CPL script.................................................................................................................53
13.1.2. Enabling use of the CPL script........................................................................................................53
13.1.3. Call Policy and Authentication ........................................................................................................53
13.1.4. CPL Standard...................................................................................................................................53
13.2. Making Decisions Based on Addresses................................................................................. 54
13.2.1. address-switch................................................................................................................................. 54
13.3. CPL Script Actions ................................................................................................................. 55
13.3.1. location ............................................................................................................................................55
13.3.2. proxy.................................................................................................................................................56
13.3.3. reject ................................................................................................................................................56
13.4. Unsupported CPL Elements................................................................................................... 56
13.5. CPL Examples ....................................................................................................................... 56
13.5.1. Call screening of authenticated users............................................................................................ 56
13.5.2. Call screening based on domain ....................................................................................................57
13.5.3. Call redirection.................................................................................................................................57
13.5.4. Call screening based on alias.........................................................................................................57
14. Logging 58
14.1. About Logging ....................................................................................................................... 58
14.2. Viewing the event log ............................................................................................................ 58
14.3. Controlling what is Logged .................................................................................................... 58
14.3.1. About Event levels ........................................................................................................................... 58
14.3.2. Setting the log level.........................................................................................................................58
14.4. Event Log Format .................................................................................................................. 59
14.5. Logged Events....................................................................................................................... 60
14.6. Remote Logging .................................................................................................................... 64
14.6.1. Enabling remote logging ................................................................................................................. 64
15. Software Upgrading 65
15.1. About Software Upgrading..................................................................................................... 65
15.2. Upgrading Using HTTP(S)....................................................................................................... 65
15.3. Upgrading Using SCP/PSCP .................................................................................................. 66
16. Command Reference 68
16.1. Status.................................................................................................................................... 68
16.1.1. Listing all status information .......................................................................................................... 68
16.1.2. Listing all status commands........................................................................................................... 68
16.1.3. Calls..................................................................................................................................................68
16.1.4. Ethernet ...........................................................................................................................................68
16.1.5. ExternalManager .............................................................................................................................69
16.1.6. Feedback .........................................................................................................................................69
Page 4 of 105
TANDBERG Gatekeeper User Guide
16.1.7. IP ...................................................................................................................................................... 69
16.1.8. LDAP.................................................................................................................................................69
16.1.9. Links................................................................................................................................................. 70
16.1.10. NTP...................................................................................................................................................70
16.1.11. Pipes................................................................................................................................................. 70
16.1.12. Registrations.................................................................................................................................... 70
16.1.13. ResourceUsage................................................................................................................................71
16.1.14. SubZones ......................................................................................................................................... 71
16.1.15. SystemUnit.......................................................................................................................................71
16.1.16. Zones................................................................................................................................................ 72
16.2. Configuration......................................................................................................................... 72
16.2.1. Authentication ................................................................................................................................. 72
16.2.2. Ethernet ...........................................................................................................................................73
16.2.3. ExternalManager .............................................................................................................................73
16.2.4. Gatekeeper ...................................................................................................................................... 73
16.2.5. HTTP/HTTPS .................................................................................................................................... 76
16.2.6. IP ...................................................................................................................................................... 76
16.2.7. LDAP.................................................................................................................................................77
16.2.8. Links................................................................................................................................................. 77
16.2.9. Log....................................................................................................................................................77
16.2.10. NTP...................................................................................................................................................78
16.2.11. Option Key........................................................................................................................................78
16.2.12. Pipes................................................................................................................................................. 78
16.2.13. Services............................................................................................................................................ 78
16.2.14. Session............................................................................................................................................. 79
16.2.15. SNMP ...............................................................................................................................................79
16.2.16. SSH...................................................................................................................................................79
16.2.17. Subzones .........................................................................................................................................79
16.2.18. SystemUnit.......................................................................................................................................81
16.2.19. Telnet ...............................................................................................................................................81
16.2.20. TimeZone ......................................................................................................................................... 81
16.2.21. Traversal ..........................................................................................................................................81
16.2.22. Zones................................................................................................................................................ 81
16.3. Command.............................................................................................................................. 84
16.3.1. AllowListAdd.....................................................................................................................................84
16.3.2. AllowListDelete ................................................................................................................................ 84
16.3.3. Boot.................................................................................................................................................. 84
16.3.4. CallTransfer......................................................................................................................................84
16.3.5. CheckBandwidth..............................................................................................................................84
16.3.6. CredentialAdd .................................................................................................................................. 84
16.3.7. CredentialDelete.............................................................................................................................. 85
16.3.8. DefaultLinksAdd ..............................................................................................................................85
16.3.9. DefaultValuesSet.............................................................................................................................85
16.3.10. DenyListAdd.....................................................................................................................................85
16.3.11. DenyListDelete.................................................................................................................................85
16.3.12. Dial ................................................................................................................................................... 86
16.3.13. DisconnectCall.................................................................................................................................86
16.3.14. FeedbackRegister............................................................................................................................86
16.3.15. FeedbackDeregister ........................................................................................................................87
16.3.16. FindRegistration ..............................................................................................................................87
16.3.17. LinkAdd ............................................................................................................................................ 87
16.3.18. LinkDelete........................................................................................................................................87
16.3.19. Locate ..............................................................................................................................................87
16.3.20. OptionKeyAdd .................................................................................................................................. 87
16.3.21. OptionKeyDelete.............................................................................................................................. 87
16.3.22. PipeAdd............................................................................................................................................ 87
16.3.23. PipeDelete........................................................................................................................................ 88
16.3.24. RemoveRegistration........................................................................................................................ 88
16.3.25. SubZoneAdd .................................................................................................................................... 88
Page 5 of 105
TANDBERG Gatekeeper User Guide
16.3.26. SubZoneDelete ................................................................................................................................88
16.3.27. TransformAdd .................................................................................................................................. 88
16.3.28. TransformDelete.............................................................................................................................. 89
16.3.29. ZoneAdd........................................................................................................................................... 89
16.3.30. ZoneDelete.......................................................................................................................................89
16.4. History................................................................................................................................... 90
16.4.1. calls ..................................................................................................................................................90
16.4.2. registrations.....................................................................................................................................90
16.5. Feedback .............................................................................................................................. 91
16.5.1. Register status.................................................................................................................................91
16.5.2. Register History ...............................................................................................................................91
16.5.3. Register event..................................................................................................................................92
16.6. Other Commands .................................................................................................................. 93
16.6.1. about ................................................................................................................................................93
16.6.2. clear .................................................................................................................................................93
16.6.3. eventlog............................................................................................................................................ 93
16.6.4. license.............................................................................................................................................. 93
16.6.5. relkey................................................................................................................................................93
16.6.6. Syslog............................................................................................................................................... 93
17. Appendix A: Configuring DNS Servers 94
17.1. Microsoft DNS Server............................................................................................................ 94
17.1.1. BIND 8 & 9....................................................................................................................................... 94
17.2. Verifying the SRV Record....................................................................................................... 94
18. Appendix B: Configuring LDAP Servers 95
18.1. Microsoft Active Directory...................................................................................................... 95
18.1.1. Prerequisites.................................................................................................................................... 95
18.1.2. Adding H.350 objects......................................................................................................................95
18.1.3. Securing with TLS............................................................................................................................96
18.2. OpenLDAP ............................................................................................................................. 96
18.2.1. Prerequisites.................................................................................................................................... 96
18.2.2. Installing the H.350 schemas......................................................................................................... 96
18.2.3. Adding H.350 objects......................................................................................................................97
18.2.4. Securing with TLS............................................................................................................................98
19. Appendix C: Regular Expression Reference 99
20. Appendix D: Technical data 100
20.1. Technical Specifications...................................................................................................... 100
20.1.1. System Capacity ............................................................................................................................100
20.1.2. Ethernet Interfaces........................................................................................................................100
20.1.3. System Console Port......................................................................................................................100
20.1.4. ITU Standards ................................................................................................................................100
20.1.5. Security Features...........................................................................................................................100
20.1.6. System Management ....................................................................................................................100
20.1.7. Environmental Data.......................................................................................................................100
20.1.8. Physical Dimensions......................................................................................................................100
20.1.9. Hardware MTBF.............................................................................................................................101
20.1.10. Power Supply .................................................................................................................................101
20.1.11. Certification....................................................................................................................................101
20.2. Approvals ............................................................................................................................ 101
20.2.1. EMC Emission - Radiated Electromagnetic Interference.............................................................101
20.2.2. EMC Immunity................................................................................................................................101
20.2.3. Electrical Safety.............................................................................................................................101
20.2.4. ICSA certification ...........................................................................................................................101
Page 6 of 105
TANDBERG Gatekeeper User Guide
21. Bibliography 102
22. Glossary 103
23. Index 104
Page 7 of 105
1. Product Information

1.1. Trademarks and Copyright

Copyright 1993-2006 TANDBERG ASA. All rights reserved.
This document contains information that is proprietary to TANDBERG ASA. No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form, or by any means, electronically, mechanically, by photocopying, or otherwise, without the prior written permission of TANDBERG ASA. Nationally and internationally recognized trademarks and tradenames are the property of their respective holders and are hereby acknowledged.
Portions of this software are licensed under 3rd party licenses. See the CD accompanying this product for details. 3rd party license information may also be obtained from the Gatekeeper itself -- see the license command in section 16.6.4 for details.

1.2. Disclaimer

The information in this document is furnished for informational purposes only, is subject to change without prior notice, and should not be construed as a commitment by TANDBERG ASA.
TANDBERG Gatekeeper User Guide
The information in this document is believed to be accurate and reliable, however TANDBERG ASA assumes no responsibility or liability for any errors or inaccuracies that may appear in this document, nor for any infringements of patents or other rights of third parties resulting from its use. No license is granted under any patents or patent rights of TANDBERG ASA.
COPYRIGHT ©2006, TANDBERG ASA

1.3. Environmental Issues

Thank you for buying a product which contributes to a reduction in pollution, and thereby helps save the environment. Our products reduce the need for travel and transport and thereby reduce pollution. Our products have either none or few consumable parts (chemicals, toner, gas, paper). Our products are low energy consuming products.

1.3.1. TANDBERG's Environmental Policy

Environmental stewardship is important to TANDBERG's culture. As a global company with strong corporate values, TANDBERG is committed to being an environmental leader and embracing technologies that help companies, individuals and communities creatively address environmental challenges.
TANDBERG's environmental objectives are to:
Develop products that reduce energy consumption, CO emissions, and traffic congestion Provide products and services that improve quality of life for our customers Produce products that can be recycled or disposed of safely at the end of product life Comply with all relevant environmental legislation.
Page 8 of 105
TANDBERG Gatekeeper User Guide

1.3.2. European Environmental Directives

As a manufacturer of electrical and electronic equipment TANDBERG is responsible for compliance with the requirements in the European Directives 2002/96/EC (WEEE) and 2002/95/EC (RoHS).
The primary aim of the WEEE Directive and RoHS Directive is to reduce the impact of disposal of electrical and electronic equipment at end-of-life. The WEEE Directive aims to reduce the amount of WEEE sent for disposal to landfill or incineration by requiring producers to arrange for collection and recycling. The RoHS Directive bans the use of certain heavy metals and brominates flame retardants to reduce the environmental impact of WEEE which is land filled or incinerated.
TANDBERG has implemented necessary process changes to comply with the European RoHS Directive (2002/95/EC) and the European WEEE Directive (2002/96/EC).

1.3.3. Waste Handling

In order to avoid the dissemination of hazardous substances in our environment and to diminish the pressure on natural resources, we encourage you to use the appropriate take-back systems in your area. Those systems will reuse or recycle most of the materials of your end of life equipment in a sound way.
TANDBERG products put on the market after August 2005 are marked with a crossed-out wheelie bin symbol that invites you to use those take-back systems.
Please contact your local supplier, the regional waste administration or http://www.tandberg.net/recycling if you need more information on the collection and recycling system in your area.

1.3.4. Information for Recyclers

As part of compliance with the European WEEE Directive, TANDBERG provides recycling information on request for all types of new equipment put on the market in Europe after August 13th 2005.
Please contact TANDBERG at recycling@tandberg.net and provide the following details for the product for which you would like to receive recycling information:
Model number of TANDBERG product Your company's name Contact name Address Telephone number E-mail address

1.3.5. Digital User Guides

TANDBERG is pleased to announce that we have replaced the printed versions of our User Guides with a digital CD version. Instead of a range of different user manuals, there is now one CD -- which can be used with all TANDBERG products -- in a variety of languages. The environmental benefits of this are significant. The CDs are recyclable and the savings on paper are huge. A simple web-based search feature helps you directly access the information you need. In addition, the TANDBERG video systems now have an intuitive on-screen help function, which provides a range of useful features and tips. The contents of the CD can still be printed locally, whenever needed.
Page 9 of 105

1.4. Operator Safety Summary

For your protection please read these safety instructions completely before you connect the equipment to the power source. Carefully observe all warnings, precautions and instructions both on the apparatus and in these operating instructions.
Keep this manual for future reference.

1.4.1. Water and Moisture

Do not operate the apparatus under or near water - for example near a bathtub, kitchen sink, or
laundry tub, in a wet basement, near a swimming pool or in other areas with high humidity.
Never install jacks for communication cables in wet locations unless the jack is specifically
designed for wet locations.
Do not touch the product with wet hands.

1.4.2. Cleaning

Unplug the apparatus from communication lines, mains power-outlet or any power source before
cleaning or polishing. Do not use liquid cleaners or aerosol cleaners. Use a lint-free cloth lightly moistened with water for cleaning the exterior of the apparatus.
TANDBERG Gatekeeper User Guide
Unplug the apparatus from communication lines before cleaning or polishing. Do not use liquid
cleaners or aerosol cleaners. Use a lint-free cloth lightly moistened with water for cleaning the exterior of the apparatus.

1.4.3. Ventilation

Do not block any of the ventilation openings of the apparatus. Never cover the slots and
openings with a cloth or other material. Never install the apparatus near heat sources such as radiators, heat registers, stoves, or other apparatus (including amplifiers) that produce heat.
Do not place the product in direct sunlight or close to a surface directly heated by the sun.

1.4.4. Lightning

Never use this apparatus, or connect/disconnect communication cables or power cables during
lightning storms.

1.4.5. Dust

Do not operate the apparatus in areas with high concentration of dust.

1.4.6. Vibration

Do not operate the apparatus in areas with vibration or place it on an unstable surface.
Page 10 of 105
TANDBERG Gatekeeper User Guide

1.4.7. Power connection and Hazardous voltage

The product may have hazardous voltage inside. Never attempt to open this product, or any
peripherals connected to the product, where this action requires a tool.
This product should always be powered from an earthed power outlet. Never connect attached power supply cord to other products. In case any parts of the product has visual damage never attempt to connect mains power, or
any other power source, before consulting service personnel
The plug connecting the power cord to the product/power supply serves as the main disconnect
device for this equipment. The power cord must always be easily accessible.
Route the power cord so as to avoid it being walked on or pinched by items placed upon or
against it. Pay particular attention to the plugs, receptacles and the point where the cord exits from the apparatus.
Do not tug the power cord If the provided plug does not fit into your outlet, consult an electrician. Never install cables, or
any peripherals, without first unplugging the device from its power source.

1.4.8. Servicing

Do not attempt to service the apparatus yourself as opening or removing covers may expose you
to dangerous voltages or other hazards, and will void the warranty. Refer all servicing to qualified service personnel.
Unplug the apparatus from its power source and refer servicing to qualified personnel under the
following conditions:
o If the power cord or plug is damaged or frayed. o If liquid has been spilled into the apparatus. o If objects have fallen into the apparatus. o If the apparatus has been exposed to rain or moisture o If the apparatus has been subjected to excessive shock by being dropped. o If the cabinet has been damaged. o If the apparatus seems to be overheated. o If the apparatus emits smoke or abnormal odor. o If the apparatus fails to operate in accordance with the operating instructions.

1.4.9. Accessories

Use only accessories specified by the manufacturer, or sold with the apparatus.

1.4.10. Communication lines

Never touch uninstalled communication wires or terminals unless the telephone line has been
disconnected at the network interface.
Do not use communication equipment to report a gas leak in the vicinity of the leak. To reduce the risk of fire, use only No. 26 AWG or larger telecommunication line cord (ISDN
cables).
Page 11 of 105

2. Introduction

This User Manual is provided to help you make the best use of your TANDBERG Gatekeeper.

2.1. Main Features

The main features of the TANDBERG Gatekeeper are:
IPv4 and IPv6 support. Supports up to 2500 registered endpoints. Supports up to 100 neighboring zones. Flexible zone configuration with prefix and suffix support. URI and ENUM dialing with DNS enabling global connectivity. Secure firewall traversal of any firewall or NAT when used in conjunction with a TANDBERG
Border Controller.
TANDBERG Gatekeeper User Guide
Up to 500 concurrent calls. Up to 100 traversal calls in conjunction with a TANDBERG Border Controller. Can be used to control the amount of bandwidth used both within the Gatekeeper zone and to
neighboring Border Controllers and Gatekeepers.
Can limit total bandwidth usage and set maximum per call bandwidth usage with automatic
downspeeding if call exceeds per-call maximum.
Can be managed with TANDBERG Management Suite 11.0 or newer, or as a standalone system
with RS-232, Telnet, SSH, HTTP and HTTPS.
Embedded setup wizard on serial port for initial configuration.
Note: features may vary depending on software package.

2.2. Hardware Overview

On the front of the Gatekeeper (see Figure 1) there are:
three LAN interfaces a serial port (Data 1) a Light Emitting Diode (LED) showing the power status of the system.
The LAN 1 interface is used for connecting the system to your network. LAN interface 2 and 3 are disabled.
The serial port (Data 1) is for connection to a PC.
The LED, when lit, indicates that power is on.
Page 12 of 105
Figure 1: Front panel of Gatekeeper
On the back of the Gatekeeper (see Figure 2) there are:
a power connector a power switch a serial port (Data 2) for connecting to a PC.
TANDBERG Gatekeeper User Guide
Figure 2: Rear panel of Gatekeeper
Page 13 of 105

3. Installation

3.1. Precautions

Never install communication equipment during a lightning storm. Never install jacks for communication cables in wet locations unless the jack is specifically
designed for wet locations.
Never touch uninstalled communication wires or terminals unless the communication line has
been disconnected at the network interface.
Use caution when installing or modifying communication lines. Avoid using communication equipment (other than a cordless type) during an electrical storm. There may be a remote risk of electrical shock from lightning. Do not use communication equipment to report a gas leak in the vicinity of the leak. The socket outlet shall be installed near to the equipment and shall be easily accessible.
TANDBERG Gatekeeper User Guide
Never install cables without first switching the power OFF. This product complies with directives: LVD 73/23/EC and EMC 89/366/EEC. Power must be switched off before power supplies can be removed from or installed into the
unit.

3.2. Preparing the Installation Site

Make sure that the Gatekeeper is accessible and that all cables can be easily connected. For ventilation: Leave a space of at least 10cm (4 inches) behind the Gatekeeper's rear and 5cm
(2 inches) on the sides.
The room in which you install the Gatekeeper should have an ambient temperature between 0C
and 35C (32F and 95F) and between 10% and 90% non-condensing relative humidity.
Do not place hot objects directly on top of or directly beneath the Gatekeeper. Use a grounded AC power outlet for the Gatekeeper.
Page 14 of 105

3.3. Unpacking

The TANDBERG Gatekeeper is delivered in a special shipping box which should contain the following components:
Gatekeeper unit Installation sheet User manual and other documentation on CD Rack-ears and screws Kit with 4 rubber feet Cables:
o Power cables o One Ethernet cable o One null-modem RS-232 cable

3.4. Mounting

TANDBERG Gatekeeper User Guide
The Gatekeeper comes with brackets for mounting in standard 19" racks.
Before starting the rack mounting, please make sure the TANDBERG Gatekeeper is placed securely on a hard, flat surface.
1. Disconnect the AC power cable.
2. Make sure that the mounting space is according to the Installation site preparations in section
3.2.
3. Attach the brackets to the chassis on both sides of the unit.
4. Insert the unit into a 19" rack, and secure it with screws.

3.5. Connecting the Cables

3.5.1. Power cable

Connect the system power cable to an electrical distribution socket.

3.5.2. LAN cable

Connect a LAN cable from the LAN 1 connector on the front of the unit to your network.

3.5.3. Null-modem RS-232 cable

Connect the supplied null-modem RS-232 cable between the Border Controller's Data 1 connector and the COM port on a PC.

3.6. Switching on the System

To start the TANDBERG Gatekeeper:
1. Ensure the power cable is connected.
2. Ensure the LAN cable is connected.
3. Switch the power switch button on the back of the unit to '1'.
On the front of the chassis you will see the Power LED being lit.
Page 15 of 105

4. Getting started

4.1. Initial Configuration

The TANDBERG Gatekeeper requires some configuration before it can be used. This must be done using a PC connected to the serial port (Data 1) or by connecting to the system's default IP address:
192.168.0.100.
The IP address, subnet mask and gateway must be configured before use. The Gatekeeper has to be configured with a static IP address. Consult your network administrator for information on which addresses to use.
To set the initial configuration:
1. Connect the supplied null-modem RS-232 cable from Data 1 to a PC running a terminal program.
2. Start a terminal program and configure it to use the serial port with baud rate 115200, 8 data
bits, no parity, 1 stop bit, no flow control.
3. Power on the unit if it is not already on.
You should see the unit display start up information.
After approximately 2 minutes you will get a login prompt:
(none) login: admin Password:
TANDBERG Gatekeeper User Guide
4. Enter the username admin and your password. The default password is TANDBERG.
You will be prompted if you want to run the install wizard:
Run install wizard [n]: y
5. Type y and press Enter.
6. Specify the following: a. The password you want to use for your system. See Administrator Account (section 4.2.4)
for account details.
b. The IP address of the system. c. The IP subnet mask of the system. d. The IP default gateway of the system. e. The Ethernet speed. f. The local zone prefix, if any, you want to use for the zone controlled by this system. (You
should use a local zone prefix if you have a structured dial plan using E.164 aliases. See Neighboring and dial plans (section 4.6.1) for more information.
g. Whether you want to use SSH to administer the system. h. Whether you want to use Telnet to administer the system.
7. You will be prompted to log in again. You should see a welcome message like this:
Welcome to TANDBERG Gatekeeper Release N5.1 SW Release Date: 2006-11-20 OK
8. Login with the username admin and your password.
Page 16 of 105
TANDBERG Gatekeeper User Guide
9. Review other system settings. You may want to set the following: a. The name of the Gatekeeper. This is used by the TANDBERG Management Suite (TMS) to
identify the Gatekeeper. See the xConfiguration SystemUnit command (section
16.2.18) for more information on setting the name.
b. Automatic discovery. If you have multiple Gatekeepers in the same network you may want
to disable automatic discovery on some of them. See the xConfiguration Gatekeeper AutoDiscovery command (section 16.2.4).
c. The DNS server address and the domain name (if the Gatekeeper will be configured with
hostnames instead of IP address or if URI dialing is required). See the xConfiguration IP DNS Server Address command (16.2.6) for more information.
10. To make your new settings take effect, reboot the Gatekeeper by typing the command xCommand boot.
11. Disconnect the serial cable.
Note: To securely manage the Gatekeeper you should disable HTTP and Telnet, using the encrypted
HTTPS and SSH protocols instead. For increased security, disable HTTPS and SSH as well, using the serial port to manage the system.
Note: If you do not have an IP gateway, configure the Gatekeeper with an unused IP address that is
valid in your subnet.

4.2. System Administration

To configure and monitor the TANDBERG Gatekeeper you can either use the web interface or a command line interface.

4.2.1. Web interface

To use the web interface, open a browser window and in the address line type either:
the IP address of the system the system name.
You will be presented with the following screen:
Enter the User Name admin and your system password and select OK.
Page 17 of 105
You will be presented with the Overview screen:
TANDBERG Gatekeeper User Guide
Note: HTTP and HTTPS must be enabled in order to use the web interface. This is done using the
following commands:
xConfiguration HTTP Mode: <On/Off> xconfiguration HTTPS Mode: <On/Off>
Note: If web access is required, you are recommended to enable HTTPS and disable HTTP for improved
security.

4.2.2. Command line interface

The command line interface is available over SSH, Telnet and through the serial port.
To use the command line interface, start a session and login with user name admin and your password.
The interface groups information in different commands:
xstatus
Provides a read only interface to determine the current status of the system. Information such as current calls and registrations is available through this command group.
xconfiguration
A read/write interface to set system configuration data such as IP address and subnet.
xcommand
A miscellaneous group of commands for setting information or obtaining it.
xhistory
Provides historical information about calls and registrations.
xfeedback
An event interface, providing information about calls and registrations.
See the Command Reference (section 16) for a full list of commands.
Page 18 of 105
TANDBERG Gatekeeper User Guide
Note: SSH and/or Telnet access must be enabled in order to use the command line interface. This is
done using the following commands:
xConfiguration SSH Mode: <On/Off> xconfiguration Telnet Mode: <On/Off>
Note: For secure operation you should use SSH in preference to Telnet.

4.2.3. Session timeout

By default, administration sessions remain active until you logout. Session timeouts may be enabled using the command:
xConfiguration Session TimeOut
or using the web interface via System Configuration > System and in the Services section entering a value in the Session time out (minutes) field.

4.2.4. Administrator Account

All administration requires you to log in to the administration account with the user name admin and a password. The default password is TANDBERG, which you are recommended to change as soon as possible. Choose a strong password, particularly if administration over IP is enabled.
The password can be changed on the web interface via System Configuration > System or through the command line interface using the command:
xconfiguration systemunit password: new_password
If you forget your password, it is possible to set a new password using the following procedure:
1. Reboot the Gatekeeper.
2. Connect to the Gatekeeper over the serial interface once it has restarted.
3. Login with the user name pwrec. No password is required.
You will be prompted for a new password.
Note: The pwrec account is only active for one minute following a restart. Beyond that time you will
have to restart the system again to change the password. Because access to the serial port allows the password to be reset, it is recommended that you install the Gatekeeper in a physically secure environment.

4.2.5. Root Account

The Gatekeeper provides a root account with the same password as the admin account. This account should not be used in normal operation, and in particular system configuration should not be conducted using this account. Use the admin account instead.

4.3. Backups

You are recommended to maintain a backup of your Gatekeeper configuration. Using the command line interface, log on to the Gatekeeper as admin and type xConfiguration. Save the resulting output to a file, using cut-and-paste or some other means provided by your terminal emulator. Pasting this information back in to the command line shell will restore your configuration.
Page 19 of 105

4.4. IP Configuration

The Gatekeeper may be configured to use IPv4, IPv6 or both protocols. If using both protocols, the Gatekeeper will act as a gateway if necessary, allowing calls to be made between an IPv4-only endpoint and an IPv6-only endpoint. This behavior will use a traversal license for each call gatewayed between IPv4 and IPv6.
IPv4 and IPv6 dual stack behavior is controlled by the command:
xConfiguration IPProtocol: <Both/IPv4/IPv6>
or using the web interface via System Configuration > IP Configuration shown in Figure 3 below:
TANDBERG Gatekeeper User Guide
Figure 3: Selecting IP Protocol

4.5. Endpoint Registration

Before an endpoint can use the Gatekeeper it must first register with it.
There are two ways an endpoint can register:
Automatically Manually by specifying the IP address of the Gatekeeper.
Note: You can disable automatic registration on the Gatekeeper. See the Auto Discovery command
(section 16.2.4) for more information.
Page 20 of 105
TANDBERG Gatekeeper User Guide
When registering, the endpoint registers with one or more of the following:
One or more H.323 IDs One or more E.164 aliases.
Users of other registered endpoints can then call the endpoint by using either the H.323 ID, a URI, an E.164 alias, or one of the services.
It is recommended that you do not use aliases that reveal sensitive information. Due to the nature of H.323, call setup information is exchanged in an unencrypted form.
By default, if you attempt to register an alias which has already been registered with the system, your registration will be rejected. This helps you to identify when two users have a conflicting alias.
In some deployments an endpoint may frequently receive a new IP address, causing unwanted registration rejections. When it tries to register, it may be rejected because the Gatekeeper still has a registration from its old IP address. The Gatekeeper may be configured to allow an endpoint to overwrite the old IP address. To do this, either issue the command:
xConfiguration Gatekeeper Registration ConflictMode: <Overwrite/Reject>
or go to Gatekeeper Configuration > Restrictions and in the Policy section, from the Registration conflict
policy drop-down menu select Overwrite.
Consult the endpoint documentation for information on how to configure it with a Gatekeeper.
Note: When URI dialing is used to discover an endpoint, the URI used is based on either the H.323 ID
or the E.164 alias that the endpoint registered with. The local domain is then added to this. For more information see URI Dialing (section 9).

4.6. Neighbor Gatekeepers

4.6.1. Neighboring and dial plans

As you start deploying more than one Gatekeeper or Border Controller, it is useful to neighbor the systems together so that they can exchange information about registered endpoints. Each Gatekeeper or Border Controller forms an H.323 zone and is responsible for the endpoints within that zone. There are a number of ways this can be done, depending on the complexity of your system.
Flat dial plan
The simplest approach is to assign each endpoint a unique alias and divide the endpoint registrations between the Gatekeepers and Border Controllers. Each Gatekeeper or Border Controller is then configured with the addresses of all other Gatekeepers and Border Controllers. When a system receives a call for an endpoint which is not registered with it, it will send out a Location Request to all the other Gatekeepers and Border Controllers on the system. Whilst conceptually simple, this sort of flat dial plan does not scale very well: adding or moving a Gatekeeper requires changing the configuration of every Gatekeeper and Border Controller; one call attempt can result in a large number of location requests.
Structured dial plan
An alternative deployment would use a structured dial plan whereby endpoints are assigned an alias based on the system they are registering with. Using E.164 aliases, each Gatekeeper or Border Controller would be assigned an area code. When the Gatekeepers and Border Controllers are neighbored together, each neighbor is configured with its corresponding area code as a prefix. That neighbor will now only be queried for calls to numbers which begin with its prefix. In a URI based dial plan, similar behavior may be obtained by configuring neighbors with a suffix to match the desired domain name.
It may be desirable to have endpoints register with just the subscriber number -- the last part of the E.164 number. In that case, the Gatekeeper should be configured to strip prefixes before placing the Location Request.
A structured dial plan will minimize the number of location requests issued when a call is attempted, but, as described above, still requires a fully connected mesh of all Gatekeepers and Border Controllers in your deployment. A hierarchical dial plan (see below) can simplify this.
Page 21 of 105
TANDBERG Gatekeeper User Guide
Hierarchical dial plan
One Gatekeeper is nominated as the directory gatekeeper for the deployment. All Border Controllers and public Gatekeepers are neighbored with it and vice versa. There is no need to neighbor the Border Controllers and public Gatekeepers with each other. Adding a new Border Controller or public Gatekeeper now only requires changing configuration on that system and the Directory Gatekeeper.
Failure of the directory gatekeeper could cause significant disruption to communications. Consideration should be given to the use of Alternate Gatekeepers (see section 4.7) for increased resilience.

4.6.2. Adding Neighbors and configuring zones

Neighbors are added and zones configured through the command line interface using the xconfiguration zones family of commands and xCommand ZoneAdd or through the web interface via Gatekeeper Configuration > Zones - either select Add New Zone, or highlight an existing zone and select Edit, to access the screen shown in Figure 4.
The prefixes and suffixes described above are formed using patterns: each zone may have up to 5 patterns assigned, each of which may be defined as a prefix or a suffix.
Patterns are not used, and not displayed on the web interface, if the pattern match mode is set to always or disabled.
Figure 4: Adding a new zone

4.6.3. Search Order

If a called alias matches a prefix or suffix zone a strong match is achieved. A weak match is achieved if a zone is to be queried only because it has no pattern matching configured.
When an incoming call request is received a Gatekeeper will first search all of its registered endpoints. If no match is found, all strongly matching neighbor and traversal zones will be queried concurrently. If the target is not found in any of the strongly matching zones, all weakly matching neighbor zones will be queried, then all weakly matching traversal zones. Finally, if a match has still not been found, a DNS query may be attempted (see section 9).
Page 22 of 105

4.7. Alternates

Alternate Gatekeeper support is provided to increase the reliability of your deployment. If one Gatekeeper becomes unavailable, perhaps due to a network or power outage, another will be used as an Alternate. Alternates share responsibility for their endpoint community: an individual endpoint may be registered with any one of the Alternates. You should configure Alternates identically for all registration and call features such as authentication, bandwidth control and policy. If you do not do this, endpoint behavior will vary unpredictably depending on which Alternate it is currently registered with. Alternates should also be deployed on the same LAN as each other so that they may be configured with the same routing information such as local domain names and local domain subnet masks.
Each Gatekeeper may be configured with the IP addresses of up to five Alternates. When an endpoint registers with the Gatekeeper, it is presented with the IP addresses of all the Alternates. If the endpoint loses contact with its initial Gatekeeper, it will seek to register with one of the Alternates. This may result in your endpoint community's registrations being spread over all the Alternates.
When a Gatekeeper receives a Location Request, if it cannot respond from its own registration database, it will query all of its Alternates before responding. This allows the pool of registrations to be treated as if they were registered with a single Gatekeeper.
The Alternate Gatekeepers can be configured within the web interface via Gatekeeper Configuration >
Gatekeeper within the Alternate Gatekeepers section (see Figure 5).
TANDBERG Gatekeeper User Guide
Figure 5: Alternate Gatekeeper configuration
Page 23 of 105

4.8. Call Processing Overview

Figure 6 illustrates the process the Gatekeeper performs when receiving call requests.
Receive Request
from Endpoint
(ARQ) or other
gatekeeper (LRQ)
Apply Transforms
Locally
Yes
registered endpoint?
No
Locally
Yes
registered
service?
No
IP address
Yes
Yes
literal?
No
Off
Indirect
Alternates
configured?
Yes
Direct
On local
network?
IPAddress
mode?
TANDBERG Gatekeeper User Guide
Search Algorithm
Yes
Success: return LCF or ACF
Failure: return LRJ or ARJ
No
Feed URIs back in
priority order to
Location Search
algorithm
No
Yes
Found
address(es)?
Attempt to locate Call
Signaling port using
DNS A/AAAA
No
No
Call signaling
Yes
port located?
Attempt to locate Call
Signaling port using
DNS SRV
No
No
Received
LCF?
LRQ foreign
gatekeeper
LRQ all Alternates
with hopcount = 1
No
Received
Yes
LCF?
Yes
LRQ all alive strong­matching Neighbour and Traversal Zones
Yes
No
Received LRQ as
a GK and
Forwarding is
Off?
No
that match the Alias
Received
LCF?
No
LRQ all weak­matching non-
Traversal Zones
Figure 6: Location decision flow diagram
No
Received
LCF?
Yes
Foreign
gatekeeper
located?
Attempt to locate
foreign gatekeeper
using DNS SRV
Yes
DNS Resolution
mode on?
Yes No
No
No
LRQ from Known
GK received by
this GK?
Received
LCF?
LRQ all weak-
matching Traversal
Zones
Yes
Does alias
resemble E.164
address?
NoNo
Yes
YesYes
ARQ from
registered EP
and alias does
not contain local
domain?
Empty candidate
set of URIs?
Perform E.164-URI
resolution using
ENUM algorithm
Yes
Page 24 of 105
TANDBERG Gatekeeper User Guide
When an endpoint wants to call another endpoint it presents the address it wants to call to the Gatekeeper using a protocol knows as RAS. The Gatekeeper applies any transforms (see section 5), tries to resolve the address, and if successful supplies the calling endpoint with information about the called endpoint.
The destination address can take several forms: IP address, H.323 ID, E.164 alias or a full H.323 URI.
When an H.323 ID or E.164 alias is used, the Gatekeeper looks for a match between the dialed address and the aliases registered by its endpoints. If no match is found, it may query other Gatekeepers and Border Controllers.
When dialing by H.323 URI, the destination address resembles an email address. The Gatekeeper first follows the procedure for matching H.323 IDs. If that fails it looks for a Gatekeeper or Border Controller responsible for the domain (the part of the URI following the @ symbol) and queries that device.
Dialing by IP address is necessary when the destination endpoint is not registered with a Gatekeeper or Border Controller. If it is registered, then one of the other addressing schemes should be used instead as they are more flexible. From your registered endpoint, dial the IP address of the endpoint you wish to call. This requires that the Gatekeeper has xConfiguration Gatekeeper CallsToUnknownIPAddresses correctly configured (see section 16.2.4).
When one endpoint calls another, the Gatekeeper is involved in locating the called endpoint. By default, once the endpoint is located, the Gatekeeper takes no further part in the call signaling. By enabling call routed mode, all call signaling will be routed through the Gatekeeper. This is useful if you need accurate information about call start and stop times. Call Detail Records (CDRs) may be extracted from the Gatekeeper event log.
Note: Traversal calls are always call routed, regardless of the setting of Call Routed Mode.
Page 25 of 105

5. Transforming Destination Aliases

5.1. Alias Transforms

The Alias Transforms function takes any aliases present in ARQ and LRQ messages and runs a set of transformations on them. The resulting aliases will then be used in the normal Gatekeeper logic, exactly as if those aliases were unchanged. Alias transforms will be applied prior to possible CPL modification and Zone transforms. The Alias transforms will not have any effect on aliases presented in GRQ or RRQ messages.
Alias transform rules are created either:
using the xconfiguration Gatekeeper Transform commands, or using the web interface via Gatekeeper Configuration > Transforms and selecting Add New
Transform.
Alias transforms support the use of Regular Expressions. See Appendix C for further information.
Example
TANDBERG Gatekeeper User Guide
We have two gateways registered with the Gatekeeper with prefixes of 7 and 8 respectively.
We want to allow the users to dial 9 for an outside line, but use GW1 for local calls, and GW2 for international calls. We should allow an alias manipulation that takes a destination alias of 90047 and replaces it with 80047 and an alias of 90118 with 70118. This is achieved by configuring alias transforms as shown in Figure 7:
Figure 7: Example configuration of alias transforms
Page 26 of 105

5.2. Zone Transforms

It is possible to direct an incoming location request to a different alias by replacing either the prefix or the suffix of the alias with a new string.
Zone transform rules are created either:
using the xconfiguration zones set of commands, or using the web interface when adding or editing a zone via Gatekeeper Configuration > Zones.
You must first select from the Match 1, Match 2, etc. sections a Mode of PatternMatch in order to access the options (see Figure 4).
Zone transforms support the use of Regular Expressions. See Appendix C for more information.
Example
Endpoints might be registered to a Gatekeeper with aliases of the form user@example.com. If someone were to dial user@exampleusa.com we might want to try and find that user as user@example.com, hence we need a rule that replaces the suffix exampleusa.com with example.com before searching off the box. This can be achieved by configuring the zone transforms as shown in Figure 8:
TANDBERG Gatekeeper User Guide
Figure 8: Example configuration of zone transforms
Page 27 of 105

6. Unregistered Endpoints

Although most calls are made between endpoints registered with a Gatekeeper or Border Controller, it is sometimes necessary to place a call to or from an unregistered endpoint.

6.1. Calling from an Unregistered Endpoint

An unregistered endpoint can call an endpoint registered with the Gatekeeper. If there are no firewalls between the unregistered endpoint and the called endpoint, it is possible (though not recommended) to place the call by dialing the target endpoint's IP address. A better way of placing the call from an unregistered endpoint is to pass the alias of the called endpoint to the Gatekeeper. The Gatekeeper will then resolve the alias and place the call as normal.
Not all endpoints allow you to enter an alias and an IP address to which the call should be placed. In that case you can simply place the call to the IP address of the Gatekeeper, with no alias information. The Gatekeeper may be configured to associate all such anonymous calls with a single destination alias. This is achieved with the command:
xConfiguration Gatekeeper Unregistered Caller Fallback: <destination>
or using the web interface via Gatekeeper Configuration > Gatekeeper Configuration and entering the alias in the Fallback alias for unregistered caller destination field.
TANDBERG Gatekeeper User Guide

6.2. Calling to an Unregistered Endpoint

Calls can be placed to an unregistered endpoint by dialing its IP address or (if the DNS system has been appropriately configured) using an H.323 URI.
If URI dialing is used, DNS is queried for a call signaling address and, if found, the call is placed to that address. See URI Dialing (section 9) for details of how to configure the Call Signaling SRV Record.
It is sometimes undesirable for a system to place a call to an IP address directly. Instead, you may want a neighbor to place the call on behalf of the Gatekeeper. You can configure this on the Gatekeeper using the command:
xConfiguration Gatekeeper CallsToUnknownIPAddresses: <Off/Indirect/Direct>
or using the web interface via Gatekeeper Configuration > Gatekeeper and from within the Configuration section selecting the desired option from the Calls to unknown IP addresses drop-down menu.
There are three possible settings:
Direct
This setting will allow the endpoint to make the call to the unknown IP address without querying any neighbors. The call setup would occur just as it would if the far end were registered directly to the local system.
Indirect
Upon receiving the call the Gatekeeper will check to see if the address belongs to one of its local subzones. If so, it will allow the call. If not, it will query its neighbors for the remote address, relying on the response from the neighbor to allow the ability for the call to be completed; connecting through the routing rules as it would through the neighbor relationship.
Off
This will not allow any endpoint registered directly to the Gatekeeper to call an IP address of any system not also registered directly to that Gatekeeper.
The default is Indirect.
Page 28 of 105
TANDBERG Gatekeeper User Guide
When the Gatekeeper is used with a Border Controller for firewall traversal, you will typically set CallsToUnknownIPAddresses to Indirect on the Gatekeeper and Direct on the Border Controller. This will allow calls originating inside the firewall to use the Gatekeeper and Border Controller to successfully traverse the firewall. This is described in more detail in Dialing Public IP Addresses (section 11.3).
Page 29 of 105

7. Bandwidth Control

7.1. About Bandwidth Control

The TANDBERG Gatekeeper allows you to control endpoints' use of bandwidth on your network.
Figure 9 shows a typical network deployment: a broadband LAN, where high bandwidth calls are acceptable; a pipe to the internet with restricted bandwidth; and two satellite offices, each with their own restricted pipes.
In order to utilize the available bandwidth efficiently, the TANDBERG Gatekeeper allows you to model your network, and bandwidth controls on individual components of the network. Bandwidth controls may be set on a call-by-call basis and on a total concurrent usage basis.
TANDBERG Gatekeeper User Guide
Figure 9: Typical network deployment

7.2. Subzones

All endpoints registered with your Gatekeeper are part of its local zone. As shown in Figure 9, the local zone can contain two or more different networks with different bandwidth limitations. In order to model this, the local zone is made up of one or more subzones. When an endpoint registers with the Gatekeeper it is assigned to a subzone, based on its IP address.
By default all endpoints registering with the Gatekeeper are assigned to the default subzone. This is suitable if you have uniform bandwidth available between all your endpoints. When you have differing bandwidth provision, as in Figure 9, you should create a new subzone for each pool of endpoints. Each subzone you create can include up to 5 subnets (based on a specified range of IP addresses).
Subzones are added and configured using the web interface via Gatekeeper Configuration >. SubZones, and the either selecting Add New SubZone, or highlighting an existing subzone and selecting Edit. This will take you to the screen shown in Figure 10. You can also add and configure subzones using the following commands:
xConfiguration SubZones SubZone [1..100] Name xConfiguration SubZones SubZone [1..100] Subnet [1..5] IP Prefixlength xConfiguration SubZones SubZone [1..100] Subnet [1..5] IP Address
Page 30 of 105
Loading...
+ 75 hidden pages